Foreword

In the late 1960s, I was first exposed to what would later become known as disaster recovery. I was responsible for the systems software environment for a major university computer center at the time. It was at the height of the Vietnam War protests, and one of those protests spilled over to the building housing the computer room. A number of the protesters were running through the building and randomly damaging whatever was in their path. When they got to the computer room, they found a locked, heavy steel door and moved on.

It suddenly dawned on me that we had no clue — let alone plan — to deal with damage or destruction, should the protesters have gained entry to the computer room. As I thought about it and discussed this with others on the computer operations team, I realized there were many other threats and vulnerabilities that had never been discussed, let alone addressed.

Fast forward forty years. The single-mainframe data center has given way to clusters of dozens, if not hundreds, of servers and decentralized data centers; networking is often more critical than processors; dozens of computer room operators have been replaced by lights-out data centers; a week-long recovery from a data center disruption is now more likely to be an almost instantaneous failover to a backup; and disaster recovery has become a fact of life.

The bad news is that too many data center managers still have not been able to effectively address disaster recovery, whether because of lack of management commitment or lack of knowledge or lack of resources. By effectively, I mean

bullet A comprehensive disaster recovery plan, based on objective assessment of threats, vulnerabilities and exposure to loss

bullet Integration with comprehensive enterprise business continuity programs so that IT disaster recovery is consistent with overall business needs and priorities

bullet A meaningful exercise program, combined with training and plan maintenance, to ensure that the plan is current, realistic, and likely to work when called upon

The good news is that with Peter Gregory’s new book, even a team without prior experience in disaster recovery planning can address these issues — “ . . . those frustrated and hard-working souls who know they’re not dumb, but find that the technical complexities of computers and the myriad of personal and business issues — and all the accompanying horror stories — make them feel helpless,” as www.dummies.com points out.

Disaster recovery is not simply about Katrinas nor earthquakes nor 9/11 catastrophes. Sometimes, the focus on these monumental events could intimidate even the most committed IT manager from tackling disaster recovery planning. Disaster recovery is really about the ability to maintain business as usual — or as close to “as usual” as is feasible and justifiable — whatever gets thrown at IT. Peter’s book helps to establish this perspective and provides a non-nonsense yet manageable foundation. I actually found, despite my long involvement with business continuity and disaster recovery, that he has identified many issues, techniques, and tips which I found quite useful.

While I confess I enjoyed Italian Wines For Dummies more, Peter Gregory’s new book succeeds in taking the intimidation factor out of IT disaster recovery and offers a common-sense, practical, yet comprehensive process for analyzing, developing, implementing, exercising, and maintaining a successful IT disaster recovery program — even if he has, regrettably, failed miserably to enlighten me about Super-Tuscan wines.

Philip Jan Rothstein, FBCI, is President of Rothstein Associates Inc. (www.rothstein.com, Brookfield, Connecticut USA), a management consultancy focused on business continuity and disaster recovery since 1984. He has edited or written close to 100 books and more than 200 articles, and is publisher of The Rothstein Catalog on Disaster Recovery.