DISASTER RECOVERY AND BUSINESS CONTINUITY

.


An Introduction to the Concept of Disaster Recovery and Business Continuity:

Q: Disaster!!  

A:  Unable to perform and / or continue - a job due to the absence of one or more elements involved into that particular job. Depending upon the element and circumstance the calcifications (disaster or not)  may vary.

 Q:   Example 

A:  Electric Power (Electricity) is one of the basic vital elements that is required to operate a computer. If there is no power, Computer cannot function and this in turn may affect our routine day to day work in the electronic era  Absence of power, (assuming that here is no UPS/inverter) at the required time to do an important job is a disaster.   

Q:  BUSINESS CONTINUITY! 

 A:  The continuation of a job / Service / Business by end user without any disturbance (even if there is a disturbance, actions should be taken to rectify the same without the knowledge of the end  user to continue the job / service / business

 A: Disaster recovery and Business Continuity?

 The disturbance time because of disaster should be bear minimum such that the end user will be able to continue his job / service / process / business with a very minimum loss( of time, people and money)

 Example:

 When we are using the computer system, the power may go off. But the computer system is getting connected to power thru UPS. If UPS is being charged properly then during power off we can work with our computer system without any interruption. Here power going off is disaster.  UPS with proper charge and maintenance is giving the continuity of job. This is an example in the information era.   

 A: Disaster recovery and business continuity – applicable only to Information Technology?

 Correction! This is applicable in our personal and business life.

 Personal life:  Every day morning, we are in the habit of brushing our teeth. In case if tooth paste is not available and tooth brush is in unusable condition and we have forgotten to purchase tooth paste and tooth brush then imagine how the day will be! Without brushing our teeth we are unable to do any thing. This is a disaster giving   very uncomfortable situation in the early morning. Let us assume that one of our family member is taking care of all needs of this type and that member replaces new tooth paste as soon as the old tooth paste is over and changes the tooth brush periodically, then we will be comfortable but never know the time at which it is getting replaced nor the cost of replacing unless otherwise we take effort to do the same. 

Taking the above as an example, we can know the importance of back home (office) working.

 In this section we will mainly talk about the disaster that may arise in Information Technology area with a less importance to disaster that is happening in the other area.

 With the above introduction, we will go into the disaster that may happen in the information technology in day to day life and associated with us very closely during the office working hours.

 There may be very few people in to-day’s life who are not using the computers for their day to day work. The ownership of the computer lies with the user. (Every individual user will ensure that the system they are using are maintained well and updated in all related area. This is what the ownership)

 On the first day of week, if the system is not getting on then we are getting uncomfortable and the day / week begins with a disaster. When we call Computer engineer, on some of the occasion the engineer will unplug all the connection and plug it again. Oh! The system will start functioning. We are surprised!

 In the above example, business continuity (avoiding disaster) can be maintained by the user himself by following some simple procedures:

 1.       To ensure that the power is coming to the system. If the power is not coming, then UPS has to be checked. If there is no power to UPS then the same has to be informed to the concerned department so that the corrective action can be taken.

 2.       All computer peripherals are getting connected with CPU and on a daily basis, before we start the work, we can ensure that the connections between all the devises in the computer are correct and working fine. If not, the same thing can be checked by the user himself / herself or with the help of the computer hardware engineer. These checks will ensure that the system is OK even before we switch ON and boot the system.

3.       In the court of law, mistake done out of ignorance may not be an acceptable one.  The user is primarily responsible for the authenticity of the operating system and other software (like MS Office etc.,) that are loaded in the system that the user is using. If the operating system and / or the other software that are being loaded in the system that the user uses are pirated then the user is liable for punishment in addition to others. 

Many of us are unable to understand / accept this principle. This can be explained in a simple way with our day to day life. We are having our own dress and all the dress are being purchased from the shop and every purchase carries a payment. (Exclude gifts received from others) Nothing comes  free. In the same way, the operating system and other software are the result of a team work and the team work has to be recognized and to be rewarded. When you reward - in other words – you buy the original software and that is having warranty as per the specified terms and when the purchased product misbehaves (not behaving as per the specification given along with the product) then we can sue the manufacturer. The same thing can not be done with the pirated software. In other words, when unwanted something happens – disaster happens – we are unable to do any thing and we are under the mercy of some body. This will affect the continuity of business / work /  service in a serious way. When the same thing is happening with the licensed software then we have a remedy and the disturbance time will be also minimum – depending upon the disturbance.

Again in some other place we will be seeing the type of disaster that may happen in hardware / software and the remedial solution for each and every disaster.

 Every day we are doing lot of work in the computer. In the course of the work we may create document file   ( word /excel / power point).  At the end of the day, comfortably we will shut down the system as per shutdown procedure and will leave the place without worrying about the documents that we have created. User are in the opinion that taking backup of our work is some body else’s responsibility. This is a disaster. Electronic components may fail at any point of time and it is the user responsibility to have aback up of all the documents. It is essential to have our own back up of our documents. (Somewhere else we will talk about the Information Technology – software people responsibility) Every company will have heir won back up policy and the policy has to be viewed once in a year. Non adherence of the policy should be viewed very seriously and the suitable action has to be taken to ensure that the policy is implemented. Floppy back up are having common issues such that after some time the contents of the floppy are not readable one due to one reason or other. We can have the back up in tapes and in many cases the back up tapes may not be used. But when there is a need in use the tape may be read properly due to bad media or bad tape drive. If backup is taken in the tape hen the backup tape should be read at a periodical level to ensure that the tape is a readable one. All the backup  media should have an external label indicating the contents of the media and the time at which the activity of back up has been taken and at what level / process the back up has been  taken.

  All these activities will involve an amount of time and money. The backup can be taken in CD. Again the organization backup policy has to be followed very rigidly. It has to be ensured that the required hardware is also being maintained properly.

 All the policies / procedures should be user friendly one (may be presented in the form of flow chart) and if possible should be automated to the extent possible. 

Adhi

K. Adhivarahan

January 16, 2003

(Comments are Welcome)

For Structured Online Courses in Cyber laws, Visit Cyber Law College.com

 

Back To Naavi.org