On a recent call to one of my compatriots in the disaster recovery
(DR) services field, we discussed one of his clients who has
offices in Bermuda. You would think that this
is the optimal client—you get to go visit a tropical paradise a few times a year
and write off your vacation. My friend then showed me a picture of a beautiful lake, surrounded by office
buildings. The lake was their parking lot, the buildings were their offices, and
the lower floors were completely under water.
This is the last installment in our series covering DR
planning for natural disasters, which included fire, floods, and earthquakes. The hurricanes that roared through the tropics
and southern United States last year taught a lot of people about disaster recovery—the
hard way. Some of those who were caught by
surprise, came through with some scrambling and a little ingenuity. Others
got to grade the effectiveness of their strategy when they had to put their disaster recovery
plan to the test.
for hurricanes involves both hardening the data center and ensuring that you
have another location to resume operations. If you are in a hurricane zone,
your best bet is long-distance replication solutions to protect your data. Since
city and state officials often declare mandatory evacuations, your plan has to
kick off early enough to remove vital data and personnel from the evacuation
zone to the backup location, if one exists.
Hardened data centers
Hardening the data center will allow you to continue working
at the primary location if you’re not directly in the storm’s path—or if you’re
further inland, where the impact of the hurricane itself is less intense, but will
still cause damage to normal structures.
A hardened facility should have hurricane shields for all
windows and doors; upper-floor locations (raised above the parking lot, for
example); and flood precautions such as pumping equipment. The data center
should also have independent power systems, potable water, and other supplies
to allow for continued operations in the event that normal supply and utility
lines are temporarily out of service.
Long distance replication of data
Offsite recovery is the only option in the event you find
yourself in the path of the hurricane itself. Keep backup
tapes off-site, as far away from the primary data center as you can. Replicating
data over long distances requires a great deal of bandwidth, but if you operate
in a hurricane zone, you should absolutely concentrate on long-distance replication
tools, which are almost always asynchronous because of the limited distance
of synchronous replication (in practice, less than 100 miles).
Synchronous replication has the advantage of providing a literal
mirror of the database, because it waits for one write process to complete before
beginning another. But since it uses fibre channel as the primary transport,
latency issues become problematic as the distance being traversed increases.
Asynchronous replication uses IP networks and can mirror sites
across great distances—hundreds of miles and even up to a thousand. However,
since asynchronous replication does not confirm one write process before
continuing the next one, there is the risk of some data loss. Neither of these
replication solutions prevents corrupted data from being sent. As always, the
significant expense and bandwidth requirements of these methods have to be
weighed against the value of the data and the importance of uptime.