Hosted by

Keep Data at a Distance

Disaster Recovery for the "New Realities”

Presented by:

Damian Walch, CISA, CISSP, MBCI

T-Systems, Inc.

www.t-systemsus.com

Hosted by

“Internalization”

“Although the hot site market is

‘inelastic’ there is a rapidly increasing

availability of internal hot site solutions

for certain types of customers depending

on their size, their needs and the

computer equipment that they use.”

U.S. District Court Judge Ellen Huvelle, describing the hot site market during Sungard Data Systems’

bid to acquire Comdisco Availability Services

Hosted by

Alternate Site Strategies

What is your main alternate site strategy?

Internal, 31.90%

Hot-Site Vendor, 49.14%

Reciprocal,

6.90%

None, 8.62%

Mobile Hot-Site,

3.45%

Are companies really

moving to internal

strategies?

Does the internal

strategy work?

Is there a specific

industry that does it

more than another?

DRJ SurveyMay, 2002 – 2,204 respondents

Hosted by

Agenda

Reasons for the Trend

Considerations

Cost-Benefit Approach

Typical Pitfalls

Examples and Approaches

Hosted by

Why Only 20% of G2000?

What are your recovery time objectives?

24 hours or LESS!

How quickly can we recover our MOST critical systems?

72 hours or MORE!

Collaboration

Hosted by

Top 5 Reasons for Trend

5. Can’t Keep Up with Our Technology!

4. We’re Too Complex and Interdependent

3. You’re Going to Charge How Much for Technical Support and Floor Space?

2. No Control (all approaches have pitfalls)• First come, first serve

• Guaranteed access

Hosted by

#1 Reason for Internal

Recovery Time Objectives are shrinking…

…and there is enabling technology that

assists us in achieving recovery times!

Hosted by

Types of Technology Solutions

Enterprise Storage Solutions• SRDF

• GDPS, XRC, PPRC

• HXRC

Remote Journaling

Standby Operating System

Standby Database

DatabaseShadowing

Replication

Location 1

Symmetrix

SBOSOracle Standby Data Base

Oracle Log Apply

SymmetrixSRDF Links - T1 capacity

Synchronous Mode Enabled BCV’s

SAP R/3Oracle DBMS

Location 2

Hosted by

#1 Reason Nobody Thinks Of

Companies won’t declare

disasters for almost

100% of the most

common causes of

interruptions!

They’re ONLY used for

natural disaster and

catastrophic events!

Most Common Causes of Busines

Interruption

Pow

er

Outa

ges

Hard

ware

Pro

ble

ms

Tele

com

munic

ati

ons

Failure

s

Soft

ware

Pro

ble

ms

0%

20%

40%

60%

80%

Causes

Perc

en

tag

e o

f R

esp

on

den

ts

Hosted by

Considerations

Asset protection and replacements

Infrastructure and data protection

Operational recovery

Process/Application: internal

Process/Application continuation: externalContinuity

Recovery

Protection

Business continuity strategies MUST address all aspects of IT infrastructure, from basic asset protection and replacement to ensuring application continuity for internal operations and third parties.

Hosted by

Considerations

Asset protection and replacements

Infrastructure and data protection

Operational recovery

Process/Application: internal

Process/Application continuation: externalLoad-BalancingFail-OverReplicationMirroring

HOT SITE SOLUTIONS

Hot Site Solutions DO have a place, but DO NOT apply them to the wrong business problem (e.g. recovery objective).

Hosted by

Considerations

Determine what recovery of full compliment

would cost with a commercial hot-site provider.

Do they have all the equipment in one spot?

What is the most important thing for commercial

hot site providers?

• People

• Test Time - Do you ever get it when you want it?

• Floor Space, how much does it cost?

Hosted by

Cross-Tab Label

250%

150%

0/0

Does your company recover “internally” or are you considering an internal recovery strategy?

1.Yes

2.No

Hosted by

Hosted by

When is Internal Obvious? Do you have two or more data

centers?

Are they within 300 miles of each other?

Do you have space available (growth projections)?

Do at least two of your applications require recovery in less than 12 hours?

Do you have a robust wide-area network?

Do you have significant excess capacity for testing and development of applications?

Hosted by

How Close is TOO Close?How many miles is your alternate data center from your main data

center?

0-50, 45%

50-100, 31.71%

100-250,

13.41%

250+, 9.76%

Different power grid

Network and carrier

diversity

Can you get your staff

there?

DRJ SurveyJanuary, 2002 – 874 respondents

Hosted by

Positives and Negatives

Dedicated Shared

No Pre-Determined Exit ~ 6 week recovery

Easier to Test Scheduling Tests

Internal Resources Contact, Follow-Up

Positives Negatives

Obvious plus and minus to a vendor solution.

Hosted by

Compare the Costs

ITEM COST ANNUALLYSubscription Processors (2) N4000 5,200$ 62,400$ (1) K580 1,700$ 20,400$ (8) Pentium V (dual) 1,600$ 19,200$ Disk Storage 400$ 4,800$ Tape Storage ($50/dr.) 200$ 2,400$ Floor Space 4,000$ 48,000$ Test Time 8,000$ 16,000$

Network 900$ 10,800$

Recovery Staff Coordinators 10,000$ 120,000$ Testing Time 3,000$ 36,000$

Extra Cabinet @ Hot Site 500$ 6,000$

Extra Test Time 600$ 7,200$

Workarea Recovery 450$ 5,400$ 36,550$ 358,600$

ITEM COST ANNUALLYSubscription Processors (2) N4000 4,417$ 53,000$ (1) K580 1,417$ 17,000$ (8) Pentium V (dual) 6,667$ 80,000$ Disk Storage 1,167$ 14,000$ Tape Storage 200$ 2,400$ Floor Space 8,000$ 96,000$ Test Time 1,000$ 2,000$

Network 1,250$ 15,000$

Recovery Staff Coordinators 20,000$ 240,000$ Testing Time 3,000$ 36,000$

Extra Cabinet @ Hot Site - -

Extra Test Time - -

Rental Equipment/Mobile 250$ 3,000$ 47,367$ 558,400$

Hot-

Sit

e S

olu

tion

Dedicated Solution

Hosted by

Compare the Costs

Must pay for perceived “low-

value” items like cabinets

and floor space.

Extra test-time costs money

and is difficult to schedule.

Acquired new technology and reallocated servers (from test & development).

Having more flexibility for testing SHOULD increase the ease and # of tests.

Increase in network is required.

Work area Recovery is still required; however, other offices could be leveraged.

Hot-Site Solution Dedicated Solution

Hosted by

Typical Pitfalls

All or nothing analysis• Don’t consider evolving the solution

Forget about the business functions

Change management

No Testing

Using it forProduction/LoadBalancing

Hosted by

Typical PitfallsDon’t include all components of information flow

• Login and authentication

• Application servers

• “Bolt-on” servers

You MUST do the marketing!

TECHNOLOGYBUSINESS

Database Server

Application Server

Web Servers Firewall

Network

Hosted by

Debunking Myths

Pulling attention away from “core competencies”.

Why would you want to create “business continuity experts”?

Pace of change in IT – can’t refresh!

You need multiple copies of data.

Hosted by

Reasonable Potential Strategies

Mirroringcritical data

DirectoryServices

VaultingBackups

eMailRecovery

                  

Allow the strategies to evolve, it DOES NOT have to be all or nothing. Review criticality and then

implement the appropriate solution!

Hosted by

Conclusion

It does make sense sometimes!

Don’t be emotional, but logical about decision.

People, procedures, data and network should be

the same for either method.

Evolution – implement solutions slowly while still

covered by hot site.

Use the resources available to you.