Information Technology Disaster Recovery Plan: Case Study

Article excerpt

ABSTRACT

Computerized data has become critical to the survival of an enterprise. The number of organizations that rely on computerized systems to perform daily operations and assist in the decision making process has grown at a rapid pace recently and still continues to grow. Companies must have a strategy for recovering their data in the event that fires, hurricanes or other natural disasters destroy their primary data centers. Planning for recovery from a disaster is quickly becoming recognized as a necessity. In the aftermath of Hurricane Katrina in New Orleans and surrounding areas, many businesses were forced to implement an effective Information Technology (IT) Disaster Recovery plan (DRP) to help protect their business data so as to ensure their survival.

This paper describes the concepts of a disaster recovery plan and data replication; discusses the assessment, planning, implementation, and testing of the Disaster Recovery solution used by Houston Community College (HCC); and finally, examines the testing procedures of an actual extension of the plan in the face of a real-life disaster. The HCC plan, which costs $576.000 annually, or about $1.92 per member of the HCC family, has proven to be one of the most effective and efficient Disaster Recovery Plans implemented in the wake of Hurricane Katrina in August, 2005.

Keywords: Data replication, Business contingency planning, Disaster recovery, Data centers

INTRODUCTION

Webster's Dictionary defines a disaster as "a sudden calamitous event bringing great damage, loss, or destruction; a sudden or great misfortune or failure." In a contemporary IT context, disaster is an event that shuts down a computing environment for more than a few minutes, often for several hours, days or even years. A disaster can wipe out a company's normal business day or even its entire IT infrastructure. While not different from other kinds of outages, the outage of a company's IT infrastructure spreads over a wider area, and affects more components. It is no longer a question of whether disaster will occur: it will. Thus, establishing reliable disaster recovery (DR) capabilities are critical to ensuring that an organization will be able to survive significant events. Understanding when to initiate DR procedures during an event is critical to achieving expected DR outcomes (BEC Technologies, 2008).

The devastation wrought by Hurricane Katrina in New Orleans forced businesses and universities to seriously reevaluate their DR Plans. Many businesses could not operate because they did not have plans in place. Entire IT infrastructures were crippled by the flooding that resulted from the storm, and many organizations did not have a DR site outside the affected area, which left them without a way to immediately move forward. Disaster recovery is becoming an increasingly important aspect of enterprise computing. As devices, systems, and networks become ever more complex, there are increasingly more things that can go wrong. Consequently, recovery plans have also become more complex (Toigo, 2002). A disaster recovery plan establishes how a company or organization can reinstate its IT systems and services after a significant large-scale interruption.

The principles of Disaster Recovery and Business Continuity Planning are quite straightforward: creating a remote DR center is the first step in developing a well-organized plan, and this will directly affect the recovery capabilities of the organization. The contents of the plan should follow a logical sequence and be written in a standard and understandable format. Effective documentation and procedures are extremely important in a disaster recovery plan. In the wake of Hurricane Katrina, the Houston Community College (HCC) in Houston, Texas, has played a pioneering role in developing a DR plan, and continues developing its systems for the future. The objective of this study is to discuss the Information Technology Disaster Recovery Plan at HCC. …