Disaster Recovery: Server Priority Planning
Disaster recovery scenario: Your servers are all inoperable. The computer room is dark. A major disaster has occurred and you need to determine your next steps. What are your top priorities? What task do you do first? In which order do you begin your server recovery? Everything is a business priority, if you ask the business experts. Quick, lock the doors because a mad dash of self proclaimed experts is about to come bursting into the computer room and start barking out orders.
Are you going to listen to the person with the loudest voice and get his server back up and running before any others? If not, what IS your top priority? Your computer systems may or may not be recoverable in the short term. Maybe they won’t be available longer term either. You take a deep breath and tell yourself this is what you have been documenting and practicing for all these years. But does your current disaster recovery plan include prioritization of servers in a disaster?
Managing Mission Critical Servers for Business Continuity
There is a lot of work that goes into managing the on-going requirements for mission critical servers. When you have downtime, whatever the cause, data becomes unavailable to your customers, and this generally means that business – for you, your customers, or both – simply stops. When business stops, it gets very expensive in a hurry. This is why critical server requirements ought to be reviewed twice a year to ensure that proper server processes are being carried out to support the true needs of the business and that these identified servers are still in alignment with business goals and priorities. Listed below are the elements that should be reviewed frequently to support the requirements for critical servers in your business.
?Business impact analysis and risk assessment
?Strategy for server recovery
?Change in prioritization based on different business cycles
?Application dependencies and interdependencies
?Application downtime considerations for planned and unplanned outages
?Offsite storage for vital records
?Data retention policies
?Recovery time objectives (RTO)
?Recovery point objectives (RPO )
?Hardware for critical server recovery
?Alternate recovery site selection
?IT and business management signoff
Classifying Systems for Disaster Recovery Priority
When you walk into the computer room it&25263; easy to be overwhelmed by the number of servers. Many hardware platforms are powered on and ready to serve their business purpose. Typically you&25251;l find that the servers will span several hardware generations. What&25263; needed is a planned roadmap and prioritized recovery of your complete critical server infrastructure. You need to know the supporting business needs of all servers before disaster strikes. Don&25264; wait for that phone call at 4 a.m. to decide your server recovery strategy. All the servers inside your computer room are not of the same value to your business. That is why you need to consider the difference between:
?what you need
?what you want to have
?what you don&25264; need at all to run your business in a disaster.
The backup recovery team should assign priorities to the servers as they relate to your business support priorities. There will be a mix of opinions, of course, but a good Business Impact Analysis will reveal which share more details of those opinions carry the most weight. You should categorize the business requirements and supporting servers as Critical, Essential, Necessary, or Optional, as follows;
?Critical Systems – Absolutely these servers must be in place for any business process to continue at all. These systems have a significant financial impact on the viability of www.cookingfeverhackcheats.xyz/ your organization. Extended loss of these servers will cause a long term disruption to the business, and potentially cause legal and financial ramifications. These should be on the A-List of your disaster recovery strategy.
?Essential Systems – These servers must be operational to support day-to-day operations and are generally integrated with Critical Systems. These systems play an important role in delivering your business solution. These should also be on the A-List recovery strategy.
?Necessary Systems – These servers contribute to improved business operations and provide improved productivity for employees. However, they are not mandatory at a time of disaster. These might include business forecasting tools, reporting, or maybe improvement tools utilized by the business. In other words, minimal business or financial impact. The targeted systems can be easily restored as part of the B-List recovery strategy.
?Optional Systems – These servers may or may not enhance the productivity of your organization. Optional systems may include test systems, archived or historical data, company Intranet and non-essential complementary products. These servers can be excluded from your recovery strategy.
These server classifications will give you the baseline for your decision making matrix. The important thing is that your IT recovery team and your business management team must agree with the disaster recovery planning scope for classifications of the servers. By differentiating between critical, essential, necessary and optional, the reduction in the number of servers needed to support the disaster recovery plan not only helps increase backup and recovery efficiency for the servers, but it also helps reduce your financial budget for disaster recovery.
The Big Picture
When compiling the list of mission critical applications, you must also consider application interdependencies. First, many software solutions are considered modular in design yet the software must be 100 percent intact — in other words, fully restored to function correctly. You cannot break the applications apart from the supporting server infrastructure. You may choose not to make use of specific business functions, but the entire solution must be rebuilt 100 percent in order to function properly.
Second, consider the flow of information. Follow the flow of a transaction from initial order to product delivery. You may find that a server not considered critical by the Business Impact Analysis does actually have a significant role in feeding information back to a different identified mission critical application. Therefore, IT input is required in addition to the defined business needs. The restoration process for most servers is generally recovered in its entirety which includes every user library saved on the system. The question then becomes, are you restoring too much? Omitting non-critical libraries can save hours, which translates to the business coming online more quickly in a disaster. The libraries and user directories that could feasibly be omitted include:
?ERP walk-through libraries
?User test environments
?EDI successful transmission objects
?Temporary product work directories
?Auxiliary Storage Pools (ASP s)
?Independent Auxiliary Storage Pools (IASP )
Required Hardware for Your Disaster Recovery Plan
In the development of every disaster recovery plan, you must determine the minimum hardware requirements for your mission critical servers. Some IT professionals will say:
This statement should not be accepted at face value. The real story is, only mission-critical applications absolutely must be restored in a disaster, not everything. You need to ask whether your business will accept running the &25559;ission Critical ?business functions at say 50 percent lower capacity or throughput. In megapolis hacks most cases, the answer will be no — that is totally unacceptable.
In the Business Impact Analysis you identified the financial impacts for your organization of being down for an extended time period. Running your business at half speed will only further impede your long term business capabilities and will likely hurt customer satisfaction. You would do well to reduce the disaster recovery footprint by eliminating non-essential applications rather than providing less processing capabilities. Invest your disaster recovery budget wisely by supporting your business requirements in a disaster, which means selecting the right hardware. The last thing you want to happen is for your sales desk to tell customers you can only process half the orders right now because we had a disaster and we are still working things out.
The Human Element
What if you declared a disaster and your team did not show? Your servers can&25264; recover by themselves. Many companies have plans that address their equipment requirements and recovery processes but often underestimate the number of staff required to successfully execute their plan. Equipment works only if someone is able to operate it. In Gulf coast hurricanes, key personnel have been displaced or absent due to health risks or personal priorities. When regional disasters hit, transportation in the area can be difficult and may result in personnel being unable to reach their assigned locations. Equipment may be accessible, but it will be ineffective if your staff cannot access the recovery site. What is the level of expertise your employees possess when they ultimately reach the recovery site? Too many companies, especially those that perform recovery tests with no more than their data center staff, will count on IT heroics to pull them out of a crisis. Expecting IT to perform a miracle in an emergency is difficult for your staff and avoidable today when full recovery tests can be performed without impacting your production users. If your disaster recovery plan includes cross departmental staffing, it is important to have precise and detailed documentation. Companies should create recovery documentation so that anyone in the business, from the shipping manager to the CFO, can start a recovery. In a well-tested plan, an employee from another department should be able to start the recovery when employees from your IT staff are absent. You may never know if all your key personnel will be able to help with the recovery. After identifying your critical equipment, you should test your disaster recovery plan with a small group of assigned individuals while leaving the remainder of the team to run normal business operations. The success or failure will be a good measure of your corporate readiness.
When the servers are down, your disaster recovery plan will determine the precise server recovery strategy and recovery priorities. So, lock the doors to keep the stampeding herd of users away. Ignore the distractions and start recovering the business as stated in the plan. Step through the tasks and follow the exact order of server recovery by predetermined importance criteria instead of listening to who screams the loudest. And take the time required to do it right.