Disaster recovery refers to an enterprise business’s method of bouncing back and regaining access and functionality of its IT infrastructure. A disaster can originate in a number of ways. It could be a natural disaster such as flooding or fire. It could be a cyberattack or even business disruptions brought about by unforeseen circumstances such as the COVID-19 pandemic. Disaster recovery seeks to protect anything that is important to the enterprise. This includes systems, applications, tools and data wherever these may be located (physical, virtual or in the cloud) and in different formats.

Quite simply, without a plan in place to manage catastrophic occurrences, a business will put itself in grave danger. The losses or damage suffered - high financial costs to regain their former position, the reputational damage of poor management of the situation and the risk of loss of customers and revenue - may even be irrecoverable.

From a data perspective, an organisation may have data on-premise, on the cloud and/or in virtual environments. Oftentimes, the data in different systems or devices may also be interlinked, supported or depended upon for the various roles they play. This means that many of these data elements may be critical to business continuity.

For large enterprise businesses including financial institutions, having a continuity plan is simply not enough. It is equally important that data and transactional security is maintained throughout the execution of any continuity plan. At its core, a disaster recovery plan relies on a solid backup and recovery solution.

A disaster recovery plan for an enterprise business seeks to meet a number of objectives. This includes:

• reducing the overall risk to the business

• alleviating any concerns customers may have about the ability of the business to manage unforeseen circumstances

• restoring business-as-usual operations and minimising the disruption as quickly as possible

• enabling the planning of the type of service, hardware and infrastructure requirements and its prioritisation

• in certain situations and depending on the business and the industry within which it sits, complying with relevant legislation and regulations in place.

Business continuity is what enterprise businesses want in the face of any disruption or catastrophe. Enterprise businesses spend time, effort, money and resources to carry out a number of activities. They may purchase spare parts or machines, perform regular backups or carry out drills and tests. They may also educate and train employees about how to handle major disruptions or disasters. Doing the above helps the business become better equipped to respond to such disruption with speed, clarity and efficiency. The more effort is placed in preparation, the better and quicker the response.

Such a plan focuses on the ability for the business to continue operations. A good plan will outline procedures and processes that the business needs to follow in response to a disaster or emergency.

The best plan is one that is current, tested and meets the specific needs of the particular business. It outlines how the business intends to respond to things such as business processes, the management of assets, people issues and more. It is distinct from a disaster recovery plan which is more focused on restoring IT infrastructure and operations after a crisis. So a disaster recovery plan only looks at a segment of the business whereas a business continuity plan looks at the business as a whole.

The key elements include mapping out the scope of the plan, the key business areas, identifying critical functions, determining the dependencies between different business areas (if any) and a plan to put it all together. The size and complexity of the plan varies depending on the business industry, size and other factors.

The plan would typically address the following:

• Introduction in order to outline objectives, document version control, definitions and a glossary of terms

• Distribution list and confirmed key decision makers

• Roles and responsibilities of relevant stakeholders to help set a meeting of minds about exactly what each person and/or department is tasked with in such an event

• A clear Communication Plan

• A Risk Management Plan

• An Incident Response Plan

• A Recovery Plan

• Updates.

Based on the Business Impact Analysis conducted, the Business Continuity Plan would ensure:

• Necessary preventive measures are identified and implemented

• Emergency management and recovery teams are formed

• Business continuity policies and guidelines are continually developed, implemented and updated as needed

• Recovery steps and procedures are documented and tested

• Formal business continuity training is conducted.
  

Yes, a good DR plan will include a complete inventory of both hardware and software with prioritisation levels. By having a go-to list of the most important assets which includes relevant information about updates, versions, contract terms, licence duration and contact information, a business will be able to get back up and running quickly.

Businesses generate large amounts of data and data files change frequently. Data may be revised, lost, corrupted or compromised in some way. Data could be stolen or subject to hardware failure. As businesses have such a reliance on their data, loss or damage to data could result in significant disruption and damage. For this reason, data backup and data recovery should be a critical and ongoing component of any business continuity plan.

A Business Impact Analysis (BIA) is aimed at predicting the ramifications of any kind of disruption to a business function and to then plan recovery strategies around it. Risk assessment is vital and can raise potential scenarios. Identifying the major business functions and the interdependence of these business functions will also need to be defined.

In terms of potential impact, these can range from loss of sales or revenue, delays in payments or income, customer dissatisfaction or attrition, contractual penalties or fines as well as an increase in forecast expenses.

These may include:-

• alternate site configuration

• telecommunication recovery techniques

• storage requirements

• backup alternatives and more.

Criteria for evaluating a backup alternative include:

• response time

• cost

• reliability

• testability.

This is disaster recovery services terminology. It is recommended that an organisation has a recovery site for their data in the event of a disaster. While cloud solutions do offer businesses an alternative for data storage in this regard, organisations will benefit from having an off-site location to recover data and be able to resume business-as-usual operations. This is where they would choose between a hot or cold site. These sites are essentially backup options for remote data recovery which have different levels of work and costs involved.

A hot site is a copy of a business’s data centre with all hardware and software running concurrently with the primary site. It is set up in a way that it is completely ready to go and is recommended for mission-critical data. Understandably, this is a costly option.

On the other hand, a cold site is basically the rented space for the data centre. There is neither server hardware or software in place. Everything will need to be set up should a business require it to be operationalised. This means setting up equipment and software as well as making the necessary activations.

MMMES is a one-stop maintenance solution for all your enterprise servers across various platforms. The acronym stands for multi-platform managed maintenance engineering services. It allows you to outsource all of your enterprise server and storage maintenance and support requirements to a single vendor. This frees up your resources to focus on critical business issues.

What would come within the purview of MMMES?

Enterprise hardware maintenance

• Remedial maintenance, preventive maintenance and replacement of parts

• Multi-platform capabilities – IBM, HPE, ALPHA, SUN/Oracle, HDS, EMC and others

• On-site support and 24/7 helpdesk support

• Comprehensive parts coverage.

System support

• Documented system report with weekly and monthly reporting options

• Suggestions and recommendation of License OS (operating system) and patches

• Multi-platform system support – OS/400, HP-UX, SOLARIS, AIX and more

• System customisation services

• Designated technical support specialist.

Enterprise Hardware Upgrades/Installation

• Installation and upgrade of multi-platform enterprise hardware and systems

• Ability to upgrade End-of-Life (EOL) Enterprise Hardware

• Recommendations of upgrades.

Enterprise Hardware Relocation Services

• Assist on the movement of Enterprise Hardware to various location sites

• Decommissioning and commissioning of hardware.

Multi-Platform Managed Maintenance Services

• Comprehensive, one stop maintenance solution for multi-platform Enterprise Hardware and system support to a single vendor.

• Features include

  • Dedicated Product Manager

  • Single point-of-contact

  • Standard Service Level Agreement

  • Experienced and Certified Engineers

  • Comprehensive parts coverage

  • On-site/Off-site support

  • Helpdesk Support

  • Regional Coverage

  • Monthly ReportsConsolidated Price and Invoice.

There are a number of key drivers for engaging third parties for maintenance services. These can be segmented into the following categories:

a) Promotes life extension of the equipment

• Extends the maintenance for out-of-warranty equipment

• Able to retain and extend the life of legacy software infrastructure

• Continued service and maintenance can be provided even after equipment EOS (end of service)

b) Multi-vendor support

• Support for multiple manufacturers within a single contract

• Consolidated service

• Increased efficiencies

• Reduced hassle of dealing with multiple vendors

c) Customised service agreements

• Tailor-made maintenance package to suit the organisation’s needs

• Eliminates unnecessary services which provides the best match to requirements

• Customised solutions which align all agreements to a common contract.