Interview with Josh Mazgelis of Neverfail
VSM: What role should disaster recovery planning play in organizations today?
JM: Disaster recovery planning and assurance needs to be embedded within every company’s set of on-going IT operations management disciplines. With increasing expectations from the business around service levels and availability of key systems, a proliferation of external threats, and an increasing choice of affordable disaster recovery solutions, no company should operate without an up-to-date, relevant DR plan in place.
Understanding what is at risk is the first step in building a DR plan: one needs to take an inventory of IT assets, understand how these inter-operate and what overall service level such collaborating systems need to deliver to meet business imperatives. Of course, any service level targets need to fit within economic constraints, so the plan should take into account the costs of deployed business continuity infrastructure and potentially model the impacts of tightening or relaxing service levels on the cost base for protecting critical systems. Any costs also need to be set within the context of an understanding of the overall impact on the business, both in terms of economic loss and employee productivity should a service outage occur.
Once you have a holistic idea of the overall “business value” of your IT systems and your business critical data you can start to assess the kind of business continuity solutions you can afford to put in place. Finally, with the dynamic nature of virtualized server infrastructure, business continuity planning should be performed as part of a continuous set of operational disciplines. A DR plan that is six months behind current infrastructure topology is worse than having no plan at all, since an out-of-date plan wrongly sets an expectation with the business that all can be recovered according to the plan. Expect to see a new set of DR Planning tools released by Neverfail in the near future that address these specific issues.
VSM: What mistakes are organizations currently making when it comes to planning?
JM: In many organizations, no matter how mature their standard IT processes are, business continuity planning is still executed on a fairly informal basis. Recent natural disasters together with embarrassing datacenter outages at some well-known Cloud service providers serves to heighten awareness of the need to revisit DR planning on a frequent basis, with many IT organizations just beginning to formalize and standardize their IT processes in a BC/DR context.