Skip to main content
Sign In |
  Help (new window)
News From Kinetics

Home
Kinetics Handy Hints
News From Kinetics
General Information
Products and Services
Careers
Case Studies
Secure Login
  
Home > News From Kinetics > Managing Disaster

Managing Disaster

View All Site Content

Maybe it's the time of year, or maybe its the heightened awareness after the Christchurch earthquake.  No matter, planning to manage disasters is a good thing to do.  And of course, doing it beforehand is much better than afterwards!

Over the years, we've helped out after a number of disasters, and even had a couple of our own to manage.  The simple facts are that disasters happen, and the test of a good business isn't that the disaster occured, but how you handle it.  While you can prevent many problems, you can't eliminate the risk, but you can mitigate against it.  

Scope and Scale

The most common disasters that we see are very localised, affecting just one machine.  Typically a physical failure has occured, such as power or harddisk.  In many cases these have almost no impact, even on servers where the redundant configurations simply kick in, maintainng uptime while the problem is resolved. 

Sometimes a disaster strikes more widely.  The most common situation we've seen is a flood, in fact we've even that happen to us.  Equipment onsite becomes useless, and while you salvage what you can, chances are that you are reliant on what you can beg, borrow or buy at short notice.  (Some insurance policies provide coverage to met these expenses)

The most difficult are of course those situations, like Christchurch, where a large area is impacted.  Your suppliers, clients and partners might also be effected, and there may be competition to obtain equipment.  Aucklanders have experienced this when the power went out a few years ago, and generators suddendly becamse more precious than gold.

Backups

Our first thought is backups.  These are the obvious building block of any recovery plan.  After many years, we have three golden rules for backups

1. You can never have enough backups : Better to have some you don't need to use, than the opposite. Murphys Law suggests that the one time you need a backup is the one time something went wrong and it's not available.  "When in doubt, back it up.  If you aren't sure, then make a backup".

2. Test test test : Things go wrong, even with backups.  It pays to check tghem, doing test recoveries.  The logs might say that everything is fine, the product promises that it's all going to be easy, but experience tells us that things are never as simple as they should be.  The only way to be sure that your data is safe is to test the restore occasionally (this is one of the most important checks we do for our Kinetics KARE customers)

3. No backup is complete until it's offisite : If your backup copies are next to the server, and there is a fire or a flood, then you are in danger of losing them.  Even a fireproof safe is no substitute - in the Christchurch earthquake, some business owners were not permitted back into their offices to recover materials because of the ongoing dangers.  You are much better to have a copy of you data somewhere else, even it is simply someone taking a tape or disk home each night.

There are the big three.  There are many other details (such as selecting what to backup, or encrypting the backups) but for us, these three are the most important considerations

Planning

So, where do you start with the planning?  Everyone is different so no two plans will look the same.  Our thought process is very similar to the Y2K approach back in 1999.  Make an inventory of your systems, determine which things are most important and focus your efforts on those.

You can't predict every eventuality.   It is unrealistic to have a plan that says 'if X happens, then do Y'.  What your plan should seek to do is to make a recovery easier.  It should outline options, and precautions.  It should remind you of elements like communications obligations, or health and safety rules.  Most importantly it should help you to know what resources are available, and how to contact them day or night.

Start by analysing your business to work out what you do, by breaking it into steps.  Determine how reliant the business is on each step, and how vulnerable it is if that step can't operate for a time.  This will help you determine a cost and a business case for the DR plan.  Finally, determine what underlying systems that each step relies on.  By collating this together, you can easily determine whcih systems are most vital to the business, and detemine a reasonable budget that you can justify for protecting them.

We've prepared some notes for beginning a basic plan, you can download a copy here.  We're not looking to create the definitive guide - there are plenty of consultants who can help you with that, and your insurer is probably a good place to start.  This is simply a 'starter-for-ten' aimed to help a small business to start thinking about disaster recovery and business continuity planning.