October 20169 The answer is clearly a "No". I am sure many of us have heard about or even experienced system crash and it was unable to be brought back online after several hours or even days. Retail banking systems, ATMs, internet banking, stock exchange trading system, airline reservation system, cloud email system and so on around the world have similar incidents affecting a lot of users. All these organizations have spent millions in disaster recovery facilities and have had a disaster recovery plan in place. Nevertheless, they would still fall victim to glitches when executing a disaster recovery plan in order to bring the systems back to normal and fail.Drill is not the Real DealA well planned and well-penned disaster recovery plan is only as good as a piece of document if it is not put into practice. IT organizations should perform disaster recovery drills regularly to ensure relevant staffers are familiar with the procedures and systems are fully tested for fallback to the redundant hardware and infrastructure. Such drills are usually performed at non-office/non-peak hours in order to avoid any unwanted interruptions to the production system. It costs time and money for the IT staffs and staffs from other user departments. Unfortunately, owing to technical and non-technical considerations, in many cases, these drills are unable to simulate the `real' system migration from the production environment to the `disaster recovery' environment. One of the major reasons is people don't want the production system to be affected with scheduled or unscheduled stoppages.Things that could go Wrong will go WrongThere is no such thing as a bulletproof disaster recovery plan. There are so many things that could happen in a real disaster situation, which you did not anticipate when developing the DR plan. Take for example in Hong Kong, due to fire safety regulations; the storage of diesel or fuel oil in excess of 500 liters in a commercial or industrial building without a license is prohibited, such approved storage facilities are built according to Fire Service Department requirements. Data centers equipped with a backup generator set that has limited fuel storage onsite and has to rely on suppliers to refuel by truck. During a prolonged power outage, especially when a typhoon hits, the continual supply of diesel fuel could be stopped if roads leading to the data center are flooded and become inaccessible. Under such circumstances, the limited supply of fuel on the site could run dry in less than a day.Take it to the Limit One More TimeIn conclusion, it is important to bring key representatives from every department to discuss and develop the disaster recovery plan instead of just having the IT department to formulate the process and procedures. The plan has to be reviewed and updated frequently to cope with any external changes as well as internal changes, such as new system or IT equipment installed that may render the DR plan handicapped.We can't stop natural disasters from happening. The best we can do is to have a comprehensively devised DR plan. Practice the procedures and test the plan as much and as far as we can to ensure when it is being put into use, people involved are familiar enough with all the steps required and could response swiftly to the emergency situation. Data centers equipped with a backup generator set that has limited fuel storage onsite and has to rely on suppliers to refuel by truck
< Page 8 | Page 10 >