SME_ITDR: IN ITDR, there are no “silver bullets”


Disaster recovery as a service wipes out traditional DR plans
by: Paul Korzeniowski

Disaster recovery planning and infrastructure builds vex IT managers. Cloud services offer lower costs and more flexibility, but not without risk.

*** begin quote ***

How to construct a DR plan

First, outline potential disasters for the data center: Hazardous weather, power outages, vendors’ systems going offline, employee sabotage or outsider attacks are all possibilities.

Identify which of its hundreds of applications the corporation needs online immediately. Audit the list and prioritize by importance to daily operations.

Next, source and install redundant data center infrastructure — servers, software, network connections, storage — to support the applications. Disaster recovery plans cannot escape cost considerations; an offsite data center is expensive.

*** end quote ***

I would assert that this is EXACTLY how NOT to construct an ITDR plan.

I’d also assert that “the Cloud”, and “DRaaS” (Disaster Recovery as a Service), is not the “Silver Bullet”. (With apologies to Coors Light)

In the old mainframe days, professionals recognized the — what I call — the partial recovery sequence. IT hardware is too expensive to duplicate, so let’s  triage.

Since getting the tapes from Iron Mountain and going to Sungard or Comdisco took time, ITDR started with Business Continuity Planning (BCP).

And, BCP required Business Process Reengineering (i.e., what will the Business do until IT recovers and what brings “money in the door” — note we don’t care about “out the door”, they can wait.

Early in my career, I noted an interesting behavior. I call it “Everything is critical UNTIL I have to pay for it! Then, nothing is.”

May sound funny, but the minute IT starts doing DR, it’s like money is no object.

Here’s an interesting experience I had at a large Financial Institution that shall remain nameless.

The Business Units said: “I can’t afford any down time, Nor can I afford any data loss when I do take down time.” (Now that in and of itself it an interesting requirements statement, but this is about SME_ITDR; not situation appraisal.) No problem. Synchronous data replication to a bunker near to the production data center, sync rep to a bunker near the recovery center, sync rep from the far bunker to the recovery center. Never lose any data ever. Price tag is 20M$ for about the first 5 applications; incremental after that in discrete chunks. Where’s the checkbook Senior Business Unit Head Honcho?

The response was “what can get for free” (i.e., what level of service costs zero)???

Easy answer: TANSTAAFL!! (“There Ain’t No Such Thing As A Free Lunch” From Robert Heinlein’s classic) 

Clearly, IT can NOT do ITDR in the absence of the Business — both from a cost and a process point of view.

The best that IT can do alone, it to keep “cutting the homogeneous datacenter” into smaller and smaller discrete modules of service (i.e., like the data center is the motherboard and everything “plugs in” by discrete well-defined interfaces.

At that previously mentioned large Financial Institution that shall remain nameless, the application portfolio had about 700 applications, an analysis of their Remedy data showed that, to recover any SINGLE application, one was required to recover about ⅔ of the portfolio. 

And, needless to say, that’s not happening any time soon.

Bottom line: One must design Business Process that are recoverable; then the technology can be recoverable. Translated into IT-ese, start with the cart; not the horse.

— 30 —