In 2001, after the attacks on the world trade center, and we became aware of just how vulnerable our corporate infrastructures were, we began to have far more significant a true and actionable DR plan of action would be. Those of us who were architects became aware of the true impact of a BIA, Business Industry Analysis, report and plan were going to be should something occur.
On August 29th, 2005, the disaster of Katrina devastated the gulf coast of America. Most organizations that had undertaken some DR facility, hadn’t accounted for the kind of destruction or even the lack of capacity for site-site replication. If one site is truly off-line what would they then be able to do to be functional?
One thing that became clear at the time was that nobody really understood what it meant to restore data from a recovery point of yesterday. What are the ramifications of an immediate restore with out of date data? Another was: What would happen if you simply couldn’t retrieve your tapes from Iron Mountain? Smoke and Rubble was a real concern, rather than the corruption of a database, or some random PDF to be restored.
It feels as though companies haven’t truly thought through the ramifications of other scenarios. Covid-19 is just such a scenario. Measures have been implemented in the wake of the spread of the Corona Virus, to keep employees at home while they work. In certain industries, the work from home culture has been embraced for years. I, for one, have worked from my home office for over a decade. Others have no idea how to act.
For example: Is there a VDI implementation? Does the VPN allow ample remote connections? What does the experience look like for the user, even give the above two points have been addressed? Is the interaction between user and application/data tenable? If it isn’t, and the user is so discouraged by the experience, they simply may not be interested in partaking. So what’s a company to do?
Well, every situation is different, every company has some thought in this direction. They may have even begun looking at the security surrounding their VPN or remote access availability/capabilities. But actual thought must be put into this. And, not to put too fine a point on it, but what if your single point of failure is the personnel that manages this environment? If that one person (what I refer to as Bus Sensitive, meaning what happens if he/she gets hit by a bus?) is the only one who can allow or disallow users into this, for example, what to do then? The days of saying I can recover my data in 5 hours (easier said than done) are insufficient.
Can we stand up our environments, even with some limitation in place, such that a usable workforce can maintain functionality elsewhere? Is there a warm/standby data center? Can we lean on the cloud for this? What, quite honestly, is your plan?
All of the above is truly about what to do in case of catastrophic occurrences? Nothing here has mentioned the intrinsic value of the data itself. I have written about what modern data integrity, data management and the value of this data for your business in the past. Completely important, but not quite relevant to the conversation I am initiating here.
Maybe the bright side of the current threat is that our peers in enterprise tech can respond to these ultimate questions, have a real, honest conversation on how best to ensure uptime? I’d surely be interested in some input from you, my dear readers, as to approach, advice, and if I can help in any way, please reach out. This is what I do.