Disaster recovery management (DRM) has become imperative for large as well as small and medium enterprises (SMEs) due to frequent instances of unpredictable downtime. Downtime can occur due to various reasons, like power failure, data theft, and infrastructure breakdown at data centres, resulting in substantial financial and operational loss to the company.

In the event of a disaster, organisations are required to recover critical information instantly to ensure business continuity. For instance, high-value computing environments including currency traders, stock markets, IT organisations and banks have to continue operations while minimising performance lag to remain competitive in the market. Any delays in the recovery of time-sensitive data in these verticals could render the DRM process futile as the output data may get outdated. Thus, organisations need to plan and implement comprehensive strategies to counter problems that arise during disasters.

In the past, organisations have resorted to data replication (over IP networks) that facilitated large-scale data backup in the event of a disaster. However, with more complex systems being integrated into data centres, there is a need for recovering the entire infrastructure and not just the data. If the DRM process is limited to data recovery, the data centre staff would have to manually rebuild the servers, install operating systems and applications, configure networks, and assign storage volumes in order to ensure that the centre is restored to its pre-disaster state. This process would, however, cause unnecessary delays in the recovery of the entire infrastructure. In contrast, in data centres that deploy an automatic recovery procedure, each subsystem is restored in a particular sequence within a short span of time, thereby meeting service expectations and avoiding errors that may be introduced through manual infrastructure recovery. Thus, organisations need to devise a holistic DRM strategy that covers the entire spectrum of IT infrastructure to ensure fault-free operations post a disaster.

While considering a specific DRM process, enterprises have to determine costs related to hardware, software, implementation, etc. If the cost of running the process outweighs the cost incurred due to disruption in operations during downtime, implementing that particular DRM process would not be financially viable. A process that provides maximum returns on investment while taking into account other priorities should be adopted.

Irrespective of the DRM model implemented, organisations need to periodically test and update the process to ensure that it covers the growing IT infrastructure at the data centre. However, it is important to ensure that such tests do not give rise to any “internal disasters”. Moreover, organisations must strive to speed up the process and verify that data recovery is achieved within a specific time frame.

One of the solutions widely considered for DRM is Snapshot technology. The technology captures data at a point in time and recovers the same through an identifiable image of the original data in the event of a disaster. Besides, the technology creates a set of reference markers/pointers to data stored on disk drives and provides a virtual snapshot of the data, thereby requiring less storage capacity as compared to other solutions.

Another DRM solution gaining ground is cloud computing. Disaster recovery as a cloud service has witnessed significant traction due to its low-cost pricing model of pay-per-use and minimisation of recovery time. Resources at the cloud site are required only in the event of a disaster, thereby limiting their use at other times. This is in contrast to a manual DRM process, where resources are utilised during the normal course of operations as well.

However, since cloud technology is still at a nascent stage, organisations face several challenges while implementing DRM through this model. Traditional data centre networks have been designed to support conventional silo IT infrastructure and consequently, are not able to meet the performance, security, availability and agility requirements for cloud services. Therefore, organisations need to be cautious while leveraging the cloud model for DRM.

Domestic scenario

Many large organisations have already implemented a robust DRM process. For instance, the National Stock Exchange’s data centre did not suffer during the heavy rains in Mumbai in 2005. It had power agreements with Tata Power and Reliance Power, and enough fuel to supply 72 hours of electricity. Similarly, Reliance Communications recovered well from the disaster. The company has independent power feeders in two separate grids for its data centre.

However, SMEs have still not adopted the concept of DRM. According to a recent survey conducted by Symantec, 90 per cent of SMEs in India are not adequately prepared for disasters due to lack of resources, budget constraints, lack of awareness about DRM and IT infrastructure critical to a company’s operations. SMEs are likely to adopt disaster recovery solutions in the future, owing to business growth and the increasing need for prevention of data loss.

Going forward, regulatory requirements will provide an impetus to the adoption of IT disaster recovery processes in the country. In this regard, the Reserve Bank of India has been encouraging financial organisations to set up IT recovery systems and demonstrate their recovery capabilities every six months through tests and drills. Further, the Securities and Exchange Board of India has asked stock exchanges and depositories to build disaster recovery systems to preserve data and ensure transaction integrity.