22/07/10

By Andrew Barnes at Neverfail

Over the last decade or so, there’s been a lot of talk about the importance of “disaster recovery” for businesses. And make no mistake, this is an important goal: businesses need to be able to recover from a disaster — and quickly — in order to stay competitive.

However, in this age, with an ever-increasing reliance on IT and the applications it supports, it is no longer enough to just talk about disaster recovery. By definition, disaster recovery involves an interruption to business — something from which the company needs to recover. In a disaster recovery situation, businesses must recover their data from backup stores or online copies, and then rebuild the failed applications and connect back to the data. Depending on the agility of the organization, the impact could be a matter of hours or days; in extreme cases, it could threaten the entire business.

In every organization there will be critical IT applications that are the lifeblood of business. Companies can’t afford any downtime of those applications. Thus, as far as IT is concerned, rather than talking about “disaster recovery” and ensuring business disruptions, organizations should be talking about “disaster resiliency” — in which critical business processes are made resilient to failure.

Disaster Recovery: The Old Way of Thinking

When talking about disaster recovery, we often hear about the terms “recovery point objective” (RPO), the acceptable amount of data loss within an organization (as measured in time), and “recovery time objective” (RTO), the amount of time in which data must be restored following a business disruption. A data RPO of zero means that no data is lost during an outage and an RTO of zero means that data is available immediately following failure. Today, many technologies can deliver a data RPO and RTO of very close to zero using continuous data protection (CDP) or continuous replication.

But unfortunately, for business-critical applications, this is rarely sufficient. The problem is that there is a gap between data availability and when users can access systems since applications need to be rebuilt and reconnected to the protected data. So rather than the data RTO being all-important, it is actually the application RTO that has much more significance in keeping the business operational. Invariably, the majority of today’s approaches focus on meeting data RPO and data RTO objectives; however, there needs to be an application RTO of zero in order to truly achieve business resiliency.

Making Disaster Resiliency a Reality

In order to turn a disaster recovery plan into a disaster resiliency plan, businesses need to fill the gap between data recovery and application availability. To achieve application resiliency, companies need to take a pre-emptive approach to business disruption rather than a reactive approach.

Protecting against application failure — which is even more important than protecting against data failure — means looking at how a complete business process is kept available, including a view into the many IT components involved. It’s important to keep in mind that when guarding against application failure, the user experience is paramount. An application can’t be considered resilient if users can’t continue to work through both planned downtime and the unexpected outage.

To achieve a disaster resilient solution, you must combine application monitoring, application cloning, continuous data replication and automated failover, rather than just using one of these solutions. By doing so, you can maintain RTO and RPO times of close to zero for the data, and when an application fails it can be seamlessly restarted elsewhere and users can maintain their connectivity so they are not interrupted.

Conclusion

Businesses that are worried about a physical disaster, such as an earthquake, harming their building don’t keep a stockpile of bricks on-hand so they can rebuild after disaster strikes. Rather, they take a preemptive approach and construct their buildings according to code to ensure that they are resilient to physical disaster.

Businesses today need to take similar steps when it comes to data disaster. Rather than having systems in place to rebuild after a business disruption has occurred, organizations need to take a pre-emptive approach to ensure their applications and systems are disaster resilient, able to withstand any unexpected event.

Andrew Barnes is senior vice president of corporate development at Neverfail, which provides continuous availability and disaster recovery solutions for critical Windows-based applications in physical, virtual or mixed environments.