IT Disaster Recovery Planning For Dummies

Introduction

Disasters of many kinds strike organizations around the world on an almost daily basis. But most of these disasters never make the news headlines because they occur at the local level. You probably hear about disastrous events that occur in or near your community — fires, floods, landslides, civil unrest, and so on — that affect local businesses, sometimes in devastating ways. Larger disasters affect wide areas and result in widespread damage, evacuations, and loss of life, and can make you feel numb at times because of the sheer scale of their effects.

This book is about the survival of business IT systems in the face of these disasters through preparation and response. You’re largely powerless to stop the disasters themselves, and even if you can get out of their way, you can rarely escape their effects altogether. Disasters, by their very nature, disrupt everything within their reach.

Your organization can plan for these disasters and take steps to assure your critical IT systems survive. This book shows you how to prepare.

About This Book

IT Disaster Recovery Planning For Dummies contains a common and time-proven methodology that can help you prepare your organization for disaster.

My goals are simple — to help you plan for and prepare your systems, processes, and people for an organized response to a disaster when it strikes. You can make your systems more resilient, meaning you’ll need less effort to recover them after a disaster. By using this book as a guide, you can journey through the steps of a disaster recovery (DR) project, as thousands of organizations have done before you.

This book progresses in roughly the same sequence that you must follow if your organization hasn’t developed a disaster recovery plan before or if you’re about to do a major refresh of outdated or inadequate plans.

How This Book Is Organized

This book is organized into four parts that you can use to quickly find the information you need.

Part I: Getting Started with Disaster Recovery

In Part I, I describe the nature of disasters and their effects on businesses. In Chapter 1, I take you on an end-to-end tour of the entire disaster recovery planning process.

I start Chapter 2 with a discussion of the various ways that a disaster can affect an organization and the role of prevention. I also include how to begin planning your disaster recovery project and emergency operations planning. Then, I show how you can quickly develop an interim disaster recovery plan that can provide some basic protection from a disaster if one occurs before you finish your full disaster recovery plan.

In Chapter 3, I take you on a deep dive into the vital first phase of a DR project — creating the Business Impact Analysis, during which you discover which business processes require the most effort in terms of prevention and the development of recovery procedures.

Part II: Building Technology Recovery Plans

Part II contains the core components of the disaster recovery plan. Chapter 4 describes how you determine which systems and underlying infrastructure support critical business processes that you identify in the Business Impact Analysis. Chapter 5 through Chapter 8 go through the work of preventing disaster and recovering from disaster in distinct groups — end users, facilities, systems and networks, and data. Chapter 9 discusses details about the actual disaster recovery plan documents — what those documents should contain and how to manage their development.

Part III: Managing Recovery Plans

Part III focuses on what happens after you write your disaster recovery plans. Chapter 10 discusses DR plan testing and the five types of tests organizations often perform. Chapter 11 describes what activities you need to do to ensure that your DR plans stay current. Disaster prevention is the topic of Chapter 12. If you can prevent disasters, your organization is better off. Chapter 13 discusses many disaster scenarios and what each one brings to a disaster recovery plan.

Part IV: The Part of Tens

The much loved and revered Part of Tens contains four chapters that are more than mere lists. These chapters contain references to external sources of information, more reasons to develop business recovery plans, and the benefits your organization can gain from having a well-developed recovery plan.

What This Book Is — and What It Isn’t

Every business needs to complete disaster recovery (DR) planning and business continuity (BC) planning.

The terms DR planning and BC planning are often confused with each other, and many people use them interchangeably. And ultimately, they’re complementary activities that you have to do before a disaster occurs (in terms of planning), and during and after a disaster (in terms of response and business resumption).

IT Disaster Recovery Planning For Dummies focuses on DR planning as it relates to IT systems and IT users. In this book, I discuss the necessary steps to develop response, assessment, and recovery plans to get IT systems and IT users back online after a disaster.

This book doesn’t cover business continuity planning, which focuses on generic business process resumption, as well as continuity and communications with customers and shareholders.

Assumptions about Disasters

When you think about disasters, you may think about horrific natural events, rescue helicopters, hospital ships, airlifts, the International Red Cross or World Vision, looting and mayhem, large numbers of human casualties, and up-to-the-minute coverage from CNN. You may also think of wars, terrorist attacks, or nuclear power plant explosions, and the fallout (no pun intended) that ensues. Yes, these events certainly qualify as disasters, and this book discusses the preparations that businesses can and should take to survive them.

But you also have to think about the less sensational disasters that play out almost every day in businesses everywhere — not only fires, floods, strikes, explosions, and many other types of accidents, but also security incidents, vandalism, and sabotage — not to mention IT system hardware and software failures, data corruption, and errors. All of these problems can become disastrous events that can threaten a business’s survival.

Icons Used in This Book

Throughout this book, you may notice little icons in the left margin that act as road signs to help you quickly pull out the information that’s most important to you. Here’s what they look like and what they represent.

Information tagged with a Remember icon identifies general information and core concepts that you may already know but should certainly understand and review.

Tip icons include short suggestions and tidbits of useful information.

Look for Warning icons to identify potential pitfalls, including easily confused or difficult-to-understand terms and concepts.

Technical Stuff icons highlight technical details that you can skip unless you want to bring out the tech geek in you.

Where to Go from Here

If you want to understand the big picture about disaster recovery planning, go straight to Chapter 1. If your organization has no plan of any kind, Chapter 2 can help you get something started right away that you can have in place next week. (No kidding!) If you want to dive straight into a full-blown DR project, begin at Chapter 3.

If your organization already has a disaster recovery plan, you can turn to Chapters 11, 12, and 13, in which I discuss the activities that you need toperform on an ongoing basis.

You can also just open the book to any chapter you want and dive right into the art and science of protecting the technology that supports your organization from disasters.

Write to Us!

Have a question? Comment? Complaint? Please let me know. Write to me at petergregory@yahoo.com or phg@isecbooks.com.

You can also find me online at www.isecbooks.com.

I try to answer every question personally.

For information on other For Dummies books, please visit www.dummies.com