March 4, 2014

12 Ways to Disaster-Proof Your Critical Business Data

"There is no silver bullet to disaster recovery," says Jack Bailey, engineering manager at cloud computing provider iland.

"When outage horror stories take over headlines, executives tend to have kneejerk reactions and look to adopt whatever disaster recovery offering they can implement fastest," he says. "But every organization and location is unique, and failing to thoroughly assess your situation may lead you to adopt a solution that is expensive overkill or cheap and inadequate."

And while most IT executives and data management experts acknowledge that there isn't one failsafe solution to protecting and recovering data, they agree that there are certain steps organizations should take.

What are the necessary precautions companies should take to protect critical files and applications in the event of disaster? Dozens of data storage, data management and disaster recovery experts share their advice. Here are their top 12 suggestions regarding how to disaster-proof data (files and applications).

1. Conduct a data assessment. "Know your high-value data assets -- where your customer information and other sensitive data live, which files are heavily used, who is using them and which departments they align with," says David Gibson, vice president, Varonis, a provider of comprehensive data governance software. "With usage intelligence and data classification, you can better prioritize what data you need to have on hand after a disaster and who will need to have access to it."

"Use the 80/20 rule," says Michael de la Torre, vice president, Product Management, Recovery Services at SunGard Availability Services. "Not all data is created equally. It's costly to ensure that every piece of data is always available and quite frankly most of it isn't critical to business functions," he notes. "By applying the 80/20 rule, a company can tier out its critical data and applications to decide which 20 percent is the most crucial to protect," he says.

2. Work with a trusted partner to disaster proof data & systems. "Use an experienced partner to ensure your [storage and disaster recovery (DR)] solution meets the needs of your business and the capabilities of your IT department," suggests Peter Elliman, senior manager of Backup and Recovery at Symantec, a provider of online and mobile security solutions. "Consider integrated appliance solutions to reduce complexity, remotely managed backup services to minimize operational impact and risks and consider both internal DR sites as well as DR providers with both on-premise and cloud recovery options."

3. Define what an acceptable recovery time is and choose the right storage media. Think about "how quickly you need to restore your data," says De la Torre. "The least expensive method is offsite, on tape and de-duplicated," he notes. But he quickly adds, "you will pay later when you have to wait for days to restore your data. Understanding the threshold for how long you can wait to restore your data will provide clear direction on which storage medium -- Disk or tape? Cloud or on-premise? -- is right for your company."

"Don't accept mediocrity when it comes to the speed of recovering your data," adds Jennifer Gill, director of Product Marketing for Zerto, which provides enterprise-class disaster recovery and business continuity software.

"Many companies think a reasonable recovery point objective (RPO, the highest amount of data a company is willing to use) is 24 hours. If the business did actually lose this amount of work/data the impact could be many times the cost of actually implementing any disaster recovery solution," Gill says. "Find a solution that provides continuous data protection and replication with an RPO of just seconds and a recovery time objective (RTO) of minutes."

4. Create a disaster recovery plan -- and test it."Have a written disaster recovery plan," says Gill. "It sounds obvious, but with the complexity of the old way of doing replication and disaster recovery, it is very easy to forget the most important aspect of disaster recovery, actually writing down a plan," she says.

"In an ideal world, everything from the replication, management, protection groups, failover and failover testing is managed from one single interface," Gill says. "Specify SLAs for replication, create virtual protection groups, select the VMs to protect and then allow your solution to take care of all the replication in the background."

"Think through the most likely threats to your business, keeping in mind everything from human error to component failure to natural disaster," advises Alan R. Arnold, CTO, Vision Solutions, a provider of cloud protection and recovery, high availability, disaster recovery, migration and cross-platform data sharing solutions.

"Creatively examine options for cost-effectively protecting your data in a place geographically distant from those threats. That may require access to a second data center or a cloud-based strategy," Arnold says. Also, "be sure to account for all servers in your infrastructure (e.g., Windows, Linux, AIX and IBM running on physical virtual and cloud platforms). Your solution must address all server types with off-site protection capabilities."

Then "test this plan multiple times to ensure that it is successful," adds Andrew Gilman, data director, Actifio, a provider of copy data management. "Testing makes all the difference. It will help CIOs work out any kinks in the plan and ensure that they are ready in the event of a data breach or disaster."

To read the full article, visit:

By Jennifer Lonoff Schiff