And no, it does not need to be costly and painful, says this enterprise data protection expert.
Many business operations in Asia are located in geographies that are prone to natural disasters. Therefore, a key part of any business continuity plan is disaster recovery (DR).
According to the World Economic Forum, environmental risks are the leading concerns for businesses across East Asia and the Pacific, with natural disasters ranking first; and extreme weather events ranking fifth. Meanwhile, cyberattacks rank second in their report on the top 10 risks for doing business in this region.
These are unprecedented times, and many businesses say they are still not prepared for the worst. A recent Gartner survey revealed that only 12% of 1,500 respondents believed that their businesses were highly prepared for the impact of the pandemic. The study also found that while organizations have policies in place to deal with most risks, they do not activate (or even test) them until it is too late.
Any minor downtime can quickly snowball into an expensive lesson as costs can quickly add up. The average total cost of downtime per hour is estimated as being between US$301,000 and US$400,000, with lost productivity, trust and reputation aggravating the blow.
Business-centric approach needed
As the world gets increasingly digitalized and businesses become more data-driven, business leaders are prioritizing data protection and recovery in their business continuity planning.
Whether it is a natural disaster, a hardware failure, data breach or ransomware attack, it is of utmost importance for businesses to be able to recover their data. The Business Research Company projected that the global DR-as-a service (DRaaS) market will grow to US$11.71bn in 2022, up from only US$3.16bn in 2018.
Much of the concern that businesses have in DR is also driven by accelerated digital transformation, cloud-first strategies, and of course, more digital-native businesses. The digitalization of everything translates to more online transactions and more mission critical work being done digitally.
With such high stakes, business and technology leaders are also realizing that stock DR plans are no longer cutting it. They understand that DR must exist within the larger business continuity strategy and needs to take a front seat when digital transformation plans are discussed.
Taking a ‘business-centric’ view of DR is a useful starting point. At the very least, the approach draws business managers from across functions into a conversation about the mission of DR in relation to the core businesses. This will then allow business objectives to drive the key priorities and expectations of a DR plan.
Traditionally, DR planning has historically been complicated, costly and inflexible. However, thanks to technological advancements, it is no longer the case today. DR can be efficient, flexible, versatile, and simple.
The key is to set out a clear framework based on business needs and invest the time in formulating a plan that works. Being ready to protect and recover data is worth the investment in resource and time, but this does not mean businesses need to invest heavily in it.
Most importantly, businesses need their data recovered quickly, with as little disruption as possible, when hit by a disaster. Here are a few best-practice tips for DR planning:
- To be cost-effective, set appropriate protection for different data sets
All business data needs some form of backup, but it has to be cost effective. However, not all applications and workloads need maximum availability. Businesses must set data priorities and align data sets to the appropriate protection methods. Put in place different tiers for data protection and allocate data sets to the protection accordingly.
- Look to cloud for protecting and recovering data
The Cloud offers cost-effective support for DR as it offers IT teams the ability to quickly deploy and scale storage and compute when needed. Cloud computing also enables IT to restore lost data at a different location, when the original location may be compromised in a disaster scenario.
- Automate DR processes
Cut down on manual intervention in DR. As much as possible, put in place automated steps to ensure that tasks like failover will take place on their own without having a person to activate them. Safeguard processes with checks in place at each stage of the recovery so that IT can be sure it is progressing as planned. It sounds logical and simple but many businesses continue to rely heavily on someone taking specific actions to ensure DR goes through.
- Say ‘no’ to data silos
Businesses need to be able to see, move and recover their data readily. Not just during a disaster. IT solutions implemented over time can mean that data sets are collected in different ways and stored in different locations. DR planning, in these cases, needs to offer a view into all the data across the entire business. Organizations should aim to have native application programming interface integration across applications, cloud platforms, databases, hypervisors, storage arrays and so on. This helps IT to gain visibility into where all the data lives and allows for faster recovery when needed.
DR has come a long way over the years. Nonetheless, the need for strategic and robust planning has not changed, neither has the capability to act decisively and swiftly when disaster hits. As business environments continue to evolve and cybercriminals become more sophisticated, unique challenges for DR will crop up. The good news is that DR is more cost-effective and less complex now compared to just a few years ago.
That said, the key to strengthening disaster readiness and recovery is adopting a business-centric mindset. DR planning is about businesses getting as prepared as they can be for the worst-case scenario and celebrating when they do not need to put these plans into actual action at all.