Disaster recovery strategies should deliver business value. So why are most actually constraining innovation while demanding an unrealistic proportion of the IT budget?

The majority of Disaster Recovery (DR) solutions in place today are not only consuming excessive amounts of the IT budget but their inherent inflexibility results in vendor lock in and an inability to respond to business change.

Piecemeal solutions - from tape backup to replication - are expensive, incompatible and demand a massive management overhead. It is little surprise, therefore, that many organisations continue to cite cost and complexity as the key reasons for avoiding DR investment.

How frustrating to invest in a DR solution for the business critical Exchange server only to discover it is a point solution and cannot be expanded or scaled to support any other key application. Or to realise that escalating storage costs could be reduced via a tiered storage strategy, if only the DR technology didn’t create unbreakable vendor lock-in.

Piecemeal DR strategies are patently failing to deliver. Isn’t it time UK businesses across the board started to demand more flexible scalable technology that is not only affordable but can actually deliver business value and adapt rapidly to evolving business needs?

Whether prompted by regulatory demand or a growing awareness of business vulnerability, disaster recovery has risen to the top of the agenda for the majority of UK organisations, irrespective of size. Yet for any business, understanding the DR requirements is a challenge. What is the Recovery Point Objective (RPO) - the time the last data copy was taken? Or the Recovery Time Objective (RTO) - the time it will take to get access to the duplicate information source? Is the requirement for Continuous Data Protection (CDP) or Continuous Remote Replication (CRR)?

And for most businesses, given the costs associated with DR implementations, these requirements have to be assessed on an application by application basis. The critical Exchange services will have very different RTOs and RPOs to that of the Human Resources Training database.

As a result, most organisations have evolved highly convoluted solutions based on multiple products, from disk copies and tape back up to replication, to address the diverse DR requirements. Unfortunately these solutions are not integrated; they are exorbitantly expensive to manage, and, critically, in the event of changing business risk or regulation moving from one solution to another is massively complex, expensive and time consuming.

So just how many of these DR strategies are actually delivering business value? From the vendor tie in that is preventing organisations evolving towards cost effective tiered storage strategies, to inflexible technologies that make it impossible to respond to changes in risk perception or regulatory change without major overhaul and investment, DR solutions are undermining business value.

Is it any wonder that robust DR policies are the preserve of those high spending organisations under tight regulatory demands? The costs are excessive but the need is legally defined. For the rest, the choice is near impossible: balancing the business risk associated with no or limited DR planning with the unsustainable cost of the investment. It is an economic no win situation either way.

In addition to the excessive costs associated with the majority of DR strategies, every approach has its limitations. Take basic tape backup: storing duplicate data locally provides no protection should the building be damaged or destroyed but offers a second chance for organisations experiencing data corruption. Information is typically backed up overnight - which means up to an entire day’s working data can be lost. And it takes surprisingly long to recover that information when a problem occurs.

To protect against major disaster, organisations transfer these tapes offsite. However, in addition to incurring significant storage and transport costs, restoring data from tapes is always fraught with problems - with a significant percentage of data so corrupted it can never be restored. To provide faster access to data in the event of failure, organisations have opted for local disk mirroring within the Storage Area Network (SAN). Creating two copies of the data, either in the same or separate storage arrays, enables failover to the second copy should a problem occur.

Again, however, this does not address the problem of a major disaster that prevents staff from accessing the building - hence the significant growth in host based replication services over the past decade. Indeed, those within the financial services market are now expected not only to replicate to a secondary data centre but also provide another link to a centre at least 400 miles away from the main site, adding significant cost in storage technology and bandwidth.

The replication process can be carried out either asynchronously, using regular snapshots to provide a time specific data copy, or synchronously to deliver constant, up to the second duplication. Both approaches have their limitations. Asynchronous replication obviously cannot deliver the zero RPO objective required for business critical applications. Yet in a synchronous approach, any data corruption in the main site is automatically replicated to the remote site, fundamentally undermining the quality of that information source.

Given the huge cost associated with these DR solutions it is little wonder that organisations are beginning to question the value for money. Not only are they experiencing a constant drain on resources - which could deliver quantifiable value if invested elsewhere - but the lack of flexibility is profoundly constraining business innovation.

Organisations simply cannot afford to continue their piecemeal approach to DR planning - the costs are too high, both in technology investment and business constraint. Instead they need an integrated solution that supports a variety of DR needs - from replication to continuous data protection. One integrated solution that can be managed centrally is far more cost effective and, critically, responsive to business change. By avoiding storage vendor tie-in, organisations can leverage appropriate levels of storage - and evolve towards tiered storage if required.

Furthermore, organisations need technology that minimises the difficult choices. Rather than weighing up the pros and costs of asynchronous versus synchronous replication, they need a solution that can deliver the zero RPO without compromise; that can support a local DR strategy and evolve to CRR with the same technology. And that can enable rapid change in application specific DR requirements as dictated by evolving business risk.

While disaster recovery has become ever more important to a risk aware business community, a haphazard approach to strategy and implementation has begun to challenge the merit of both policy and investment. There is no value in inflexible, inconsistent DR solutions - and those organisations unable to respond fast to business change or appetite for risk need to look hard at the DR strategy and reflect on whether it is actually increasing, rather than diminishing, business risk.

BIOS, Apr 10, 06 | Print | Send | Comments (0) | Posted In Backup