Software

Hi

I have personally seen several organizations plan for worst case scenarios and spend their entire business continuity budget in setting up an elaborate disaster recovery plan.

But, since the organizations do not plan or have a budget for the disaster recovery effort,the end result is a white elephant that cannot walk!
=====
Gary
http://www.data-recovery-reviews.com/data-center-disaster-recovery.htm

Disaster recovery and data center consultant who has served IT companies for over 12 years

then it's not disaster recovery is it?

Business continuity doesn't just relate to IT.

Hi!
i have read a article Planning For The Worst Case Scenario of Mike Talon this good companies and different organization must think about it.

Planners have to understand and address the real issue, what is the worst case scenario that can be recovered from. In the current setting, why plan for an asteroid the size of the USA hitting the Earth, can anyone claim to be able to recover from that?

Management must come to an agreement on which scenarios they actually want to recover from.

For many organizations, the worst case scenario is something that takes out the head office and key people. That can be planned for with off shift people taking over and agreements with vendors. this can cover single events and multiple concurrent events.

The board members may be the only ones remaining after the worst case scenario. Is it feasible that they execute the plan?

Modern and effective disaster recovery plans for IT embrace the concepts of Active-Active workload management, where the resources at both sites are active and ready to notice and handle capacity losses such as those from losing a site.
Server virtualization makes this topology much more financially feasible and automation rules can assist in load reconfiguration/shedding.

Proper application design also permits full recovery from synchronously logged transactions to allow for the situation of application corruption or storage microcode disasters versus simple site or storage failures.

Most importantly, operations control centers MUST also be geographically dispersed with staff at each location (which do NOT have to be the actual data centers). There are too many disaster scenarios where staff will NOT be available to assist with service restoration at a remote location unless they are already present. Technology can easily combine the sense of a single control center from physically dispersed control operations.

Also keep in mind that it is not possible to build a single, continuously available data center that will be unaffected by various common disaster scenarios. However, it is NOT a requirement that all processing sites in a disaster configuration be the ultimate high-availability configurations...this can significantly mitigate the expense of the multiple sites.

Also consider the remote data management requirements when running in disaster mode without access to the inoperable site. Where will the data be remotely logged or mirrored?

When assessing a disaster response, keep in mind that the world will allow time and penalty concessions if MULTIPLE enterprises within an industry are severely impacted. But if the disaster scope is just your company (e.g. focused attack), there will be no forgiveness by the market or the authorities. If you don't have a viable disaster recovery plan, at least be sure to back up those vital records so the disaster post-mortem can effectively sell off the remaining assets of your company.

Perhaps one of the more disturbing scenarios is one where an attacker decides to target all sites in the disaster recovery configuration simultaneously.

The subject is very broad even before one considers total business continuity planning (BCP).