Refiguring Storages Place in Continuity Planning

Are IT managers prepared to recover from data disasters, and do they have a realistic picture of the threats they face? Storage Center Editor David Morgenstern reports on a recent Ziff Davis survey.

Talk is easier than action when it comes to continuity planning—the speedy recovery from small or large data disasters. Not all IT groups actually execute a workable plan. Recent research on the role of storage in business-continuity policies revealed a picture convoluted both in conception and execution.

The research in question was just one segment of last weeks Ziff Davis eSeminar "The Drive to Continuous Availability." The presentations examined various strategies when making the transition from services that are "highly" available to services provided on a 24/7 basis.

The recent market research on storage and business continuity was offered by Michael Krieger, vice president of Ziff Davis Medias Market Experts Group, who has lengthy experience in the storage industry. The poll results provide a glimpse into IT thinking and considerations about continuity planning as well as revealing some blind spots. The complete presentation is available for download here.

Here are a few of the studys many data points that snagged my attention:

Continuity testing. Some 41 percent of respondents said that they perform a risk assessment only once a year—or less. The majority of managers (59 percent) run tests two or more times a year.

A great majority—but hopefully not those in the less-than-once-a-year group—judged the frequency of their testing adequate for their business needs. Still, many of the once-a-year group must be satisfied with that minimal level of training.

Storage resources. Another question asked which storage components were needed to ensure data protection and recovery, or to further reduce vulnerability of current plans. The winners in this survey were off-site backup, SAN, clustered servers, and local and off-site data replication. Each rated a vote of about 60 percent or more.

At the same time, a similar share of respondents considered the human component of equal weight to the technological side of the solution. This sentiment was reflected in a vote for "best practices" in backup and restoration—double the number of respondents in favor of automated storage-management software.

Downtime. One question asked IT managers to rate the greatest threat to their companys business continuity and which of those disruptive events had actually cropped up during the past year. Simple enough.

Many of these projected worries over downtime had indeed come to pass; in fact, the results tracked nearly point for point between expected disruptions and actual incidents, such as server failure (45 percent), human error (40 percent) data corruption (24 percent) and operating system failure (15 percent). The failure of client-server and storage applications as well as virus attacks also matched expectations very closely.

Nevertheless, a couple of items varied widely between expectations and actual incidents. More than half of respondents considered natural disasters to be the greatest threat, but only 8 percent had experienced downtime from that quarter over the past year. Likewise, many managers were very concerned about terrorist attacks: 24 percent rated it high, but only 4 percent recorded such an attack (a number that still seems very high to me). Of course, the whole idea of continuity planning is to expect such dire circumstances and hope that they never happen.

In an ironic twist, only 16 percent of respondents expressed concern about planned outages becoming a problem to the business. Yet half of the managers reported downtime extending beyond the planned time! Accordingly, it might be prudent when planning an outage for some maintenance or upgrade, to double or even triple the estimated time and make sure that greater time can be accommodated by your clients and customers.

Whats the common thread? Each item of the survey reflects the very human side of continuity assurance: the judgment of IT managers about testing schedules, their ability to assess downtime threats, and that 40 percent of sites that reported downtime problems from human errors. Or on a more positive note, the more than 60 percent who identified best practices as an essential component of their recovery strategy.

David Morgenstern is a longtime reporter of the storage industry as well as a veteran of the dotcom boom in the storage-rich fields of professional content creation and digital video.