Pitfalls of IT Disaster Recovery Plans

By CIOReview | Thursday, September 22, 2016

With the humongous amount of data that enterprises have to deal with on a daily basis, it becomes imperative for organizations to have a robust Disaster Recovery (DR) plan in place. These may be termed as the foundational pillars of any organization in the IT arena and an efficient and robust disaster recovery plan is a must for the smooth running of any organization. This has led to a situation, where backups, security and Disaster Recovery (DR) have acquired a whole new dimension. But disaster recovery tools and technologies on their own are of no use to make an effective DR a reality. It may sound archaic but it’s true that some of the organizations do not have any plan at all and they are waiting for the lightning to strike to get going. Without a sound DR Plan in place, you are sure to land in a pit, sooner than later.

Past couple of months has not been good for the Airlines business in the U.S., as two of its largest domestic passenger carriers (Southwest Airlines and Delta Lines) were left stranded because of network router failure and power outage. This led to the cancellation of many flights and loss of millions of dollars. This is just one of the many examples which brings to fore the consequences of not having an efficient data recovery plan in place. The Delta and the Southwest outages also prove the point that how a single IT glitch at the wrong place at the wrong time can lead to a massive loss of money in the course of just few hours.

A well-documented recovery plan in place means that there are a certain set of rules and guidelines in place that can lead to an efficient recovery in times of a man-made disaster or a natural calamity. Given every organization’s increasing dependency on IT, this seems to be a very basic and fundamental approach that every organization should adhere to, but still, there are many players in the IT arena who seem to be reluctant to plan and implement these simple guidelines.

It’s a popular notion that having all the disaster tools in place makes for an effective disaster recovery plan, which is not true. It takes years of careful planning, testing and deployment at the right time and at the right place to tackle any impending disaster or calamity. Compiled below are some misconceptions and pitfalls that must be avoided as you embark on Disaster planning journey:

• Lack of proper planning: It’s a widely held misconception that having all the disaster recovery tools in place can lead to an effective DR plan to take up challenges, all by itself.  While having right tools in place is of utmost importance, it also requires a well-documented DR plan in place to avert any danger or face the challenges head-on.

• Failure to identify any potential threat: This is a very common and highly prevalent issue where enterprises fail take into account the major threats to an organization. Apart from the viruses, Trojans etc., one should carefully take into account the topographic factors and analyze whether there is a threat of earthquakes or other such calamities in your vicinity.  

• Not focusing on your needs: It’s a common practice that companies spend number of hours assessing technology, data location, space, and vendors rather than trying to gain a clear understanding of the needs of the business. A comprehensive understanding of the needs of the organization will leave you well prepared to tackle any challenge.

• Not having a plan at all: The disaster recovery plan should take under its wings all functional areas that the Information Technology (IT) department supports prior to and after a disaster. In addition, the plan should be regularly updated to keep it current and in tune with the present realities.

• No proper testing: A disaster recovery plan is only as good as it works. It is crucial that the plan is tested regularly under simulated conditions and is updated. This will provide an assurance that all contingencies have been considered and are well-equipped to successfully recover business operations. Unless a DR plan is fully tested, it is highly unlikely you will be able to implement it successfully in case of a real disaster event.

• Lack of proper assessment of risk: The definition of disaster varies from organization to organization and what might seem trivial to you might be of high importance to others.  So, one should be very careful about the nature of the risk and how is going to impact the organization. It is critical for a disaster recovery plan to address the right risks and one should always be prepared for the worst case scenarios accordingly.

As it is apparent from the above discussion that there is an astronomical amount of information to be dealt with and kept up to date for a sound disaster recovery plan. The disaster recovery plan should be well documented and should contain all the right ingredients for the contingencies. It should also be well tested and easy to implement, so that the recovery process goes on as smoothly as possible. Having the technical know-how and a nebulous idea of what needs to be done is simply not going to help. A good and efficient recovery plan is the one that addresses the above mentioned pitfalls in an effective way, and can stand the test of disasters and calamities in an upright manner.