Your Company Against Disaster
Walking Through a Disaster
In our third installment, we got to the point
where you are putting pen to paper on your disaster and recovery plan. The most
important rule you have established is one of an effective standard of operation
Ė the minimum level of computers, data, phones, etc. that you need to run your
business. It is the return to that level that is the entire point of your
disaster plan, and its goal.
We advanced the notion that the best way to plan for recovery is to walk through
the stepsóassume youíve had a disaster and start working your way back from it.
Hereís what you should be imagining:
a disaster strikes, the first impulse is to try to determine what kind of
disaster are we having? Have we lost communications, data, our entire location?
Is it a workstation, a server, a cluster of servers? Is it hardware? Is it
software? Is it a virus? Is it a problem that we think might go away on its own,
such as a power outage?
In your planning meetings, you may have run through all kinds of scenarios. But
the disaster you end up with may be none of them. Or, you may mistakenly try to
fit the disaster you are facing into one of the planned scenarios.
Whether the catastrophe is any of those things, anything from a virus to a
meteor hit on your headquarters, it is important to focus on the essence of
business interruption: Effectiveness and time. Are you at an acceptable
operational capacity or not? If not, how long will it take to get back to
capacity? How soon can you get back to a minimal operational standard, and how
long will it take to ramp up from there? Who do you need to assist (technicians,
phone people, etc)? These are the first questions of recovery.
Donít underestimate the severity of your problem. In the disasters I have seen,
one of the chief mistakes was thinking the problem was less serious than it
really wasóby the time the gravity of what had happened was apparent, precious
time had been lost. It could be because the responsible party wants to minimize
the seriousness of the situation to superiors, or technicians want to cover
their own mistakes or incompetence, or something as simple as not wanting to be
the bearer of bad news. If you are the person in charge of the recovery, you are
the bearer of news. Good or bad, itís all you. Donít sugar coat.
In the time that we have, it is better not to explore a variety of scenarios.
Instead, we should address the question of returning to an acceptable
operational level. In your planning phases, you decided what that level was. Now
comes the time to implement.
ASSEMBLING THE KEY PEOPLE
If you planned well, you already know who the key people are and how to get in
touch with them. A key component of this phase is to communicate the severity of
your problem. Donít let these key folks believe your problem is anything less
than immediate and critical. Donít accept stalling, donít try to work it over
the phone. If you need them there right now, thatís what you tell them.
HOW LONG WILL IT TAKE?
is the key question. You can have a minor problem that takes days to fix or a
major one that is done in an hour. It is not the problem that determines the
disaster, itís the time it takes to solve it. Itís also important to distinguish
between a temporary solution and a permanent one. The temporary solution will
probably take less time, so that would be preferred, as long as an accurate
assessment of how long it takes to get to the permanent solution is done.
GETTING THE WORD OUT
There is nothing to be gained by keeping the problem quiet. Donít let the
employees, management, customers or vendors Ďdiscoverí
the problem on their own. Control the story. Once you know what the problem is
and how long it may take to fix, time to get the word out. Let people know what
is going on and how long you expect to be down. Your disaster plan should
include what information to release and to whom. Your downtime results from the
demands placed on your IT structure by users, managers, and customers. Letting
them know of the problem pro-actively may just buy you the time and patience you
need to get it done.
Sometimes, things just donít go the way you plan. Improper assessment, lack of
parts to do the repair,
and just plain bad luck can conspire to make your recovery fail. What are you
going to do if Plan A fails? How much time are you going to give Plan A to work?
Consider this: why not have one team working on repair while another is working
on replacement? That way you get to both finish lines at once.
RECOVERY SPECIFICS Ė GETTING THE DATA BACK
Itís difficult to be too specific about the recovery without knowing the exact
nature of the problem, but an easy assumption is that your server is damaged or
destroyed, or your physical location is, or both.
LOCATION, LOCATION, LOCATION
If you have to move to a temporary location, consider the following:
1. Does it have enough room for all your people?
2. Does it have enough electrical capacity for all the computers, phones, fax
machines, laser printers, etc?
3. Does it have phone lines?
4. Internet access?
TO REPAIR OR NOT TO
It is very tempting to try and fix the server you have. Why? It is already
preconfigured the way you like it Ė no need to add the users and printers back
on. And if it works, everything comes back just the way it was before the crash.
The problem with that, of course, is that it crashed once. It sure can do it
If youíre going to fix it, do you have the spare parts needed to rebuild the
entire server? It may take hours to determine which part is faulty. I hope itís
not the part you donít have.
Consider also the possibility of moving the data to another server in your
operation. Believe me, I know how IT guys like to have one server for mail, one
for printing, one for data, etc. Itís ok to move the data to a working server
rather than be down while you fix the data server. Data is the hot potato, not
the machinery itself.
How long will a repair take? Would it take less time to just rebuild the server?
Or get a temporary replacement?
TAPES, CDS AND TEMPORARY SERVERS
If it turns out that you have to start from scratch, youíve got to have all the
stuff you need, including:
1. Original media for your operating system, application software, etc, so you
can reinstall everything.
2. The media from your most recent backup and the means to restore it (matching
tape drive, Internet connection, etc).
3. A machine to put it on. Remember that a server is distinguished by the
operating system. Not to say that all computers are alike, but if you have to
take a workstation and temporarily install server software on it, do it.
Replacing a server is not an easy thing. You need to get a machine, install an
operating system, install application software, then recover your data. Itís
important to remember that you donít need the final server youíre going to end
up with; you do not need a computer that is an exact match of the old one. Not
to oversimplify, but what distinguishes a server from a workstation is usually
the operating system. You can, under the right circumstances, take ANY computer
and make it a server if you install your server-level operating system on it.
Things to watch for: it must have enough physical storage space to hold all your
data and a way to back it up. You may not have your final server for weeks. Once
you get it, this entire process will have to be done over again on the new
machine. But you may be stuck with your temporary server for longer than you
THE SAME DISASTER TWICE
Try not to have the same disaster twice. When your new server arrives, or your
old one is repaired, do the switchover during off-peak times. And keep the old
one as a backup against future disasters.
In the end, you may come away with the feeling that you havenít done enough to
prepare for and recover from disasters. You may be right about that, but the
only way to know for sure is to actually have a disaster, and no one wants that.
Donít overcompensate. Every disaster plan is a work in progress.
of the CSM Family!
AM Peck & Company
Emory P. Zimmer Insurance
each newsletter, we would like to welcome clients to our "family." If
you would like to have your business highlighted, please call Carrie at:
Who said it???
"I had to pick
myself up and get on with it, do it all over again, only even better this time"
the first person to email us with the correct answer at
and win a $10.00 gift certificate from
Winner: In our last newsletter; the "Who said it" quote was:
"Big results require big ambitions"
This quote has
been attributed to
Our winner is:
Tub Maxson with TM Risk Services
of the Month
256MB USB 2.0 FLASH DRIVE
Attachť provides the ultimate mobile storage solution for people
on the go. Working on a presentation and need to take it with you? Want to share
a new tune or pictures with your friends? Simply copy the file onto Attachť and
take it with you -- put it in your pocket, wear it around your neck, or put it
in your backpack or briefcase and you're good to go. To access your data, simply
plug Attachť into virtually any PC or MAC -- without the need for bulky cables
or adapters. And Attachť includes a write-protect switch to safeguard your
valuable data from accidental deletion. Access your files. Anytime. Anywhere.
Call Kim at 859-491-7947 to order
Have one? You need one...
New News @ CSM!
CSM has been selected as one of only 10 AMS Preferred Vendors in the United
States for AMS 360 installations. CSM will be beta testing 360 and would
welcome your input.
If you would like to assist us in the beta process, please email
know that CSM is 11 years old this year?
Computer Systems Management, Inc. is about
service and about taking the extra steps needed to form lasting
partnerships. In addition to helping our corporate clientele, CSM serves
the community by coordinating PC donations to low-income families and schools,
providing free training classes to "welfare to work" participants,
motivational assistance to GED students and on-the-job training to transitional
Systems Management Inc.;
2517 Anderson Road, Crescent Springs, Kentucky 41017
(859) 491-7947; Fax: (859) 392-2682
Did someone forward this email to you? Would you like to join
our mailing list?
Please click here
Your privacy is paramount to CSM. You are receiving this
email, either because you have an email account on our server or you have
requested to receive periodic newsletters from CSM. If you would like to
be removed please click HERE and
type REMOVE in the subject line and we will remove you from our database.