Obviously, my expertise and Exigent expertise lies in the IT portion of your business and that’s what we’re going to focus on here today. So let’s hone in on disaster recovery then. Disaster recovery is exactly what it says. It’s how you recover from the disaster. Think about the actual process. It’s the response to the event that cause some loss or interruption. So if your servers were still on during the break-in, we’ve seen this happen, what would actually and physically need to be done to get your services, your IT services back on line and how long would that take. If it took two days, would that be acceptable to you? How about five days? How about two weeks?
Here’s the question. What’s your particular organization’s tolerance for downtime? Everyone has their own tolerance. If you had $200,000 to invest and you went to an investment adviser, he or she might ask you questions about your age, your family situation, your college savings plan, but they would also question your risk tolerance. Are you a risk taker?
Maybe if you have a high risk tolerance, you might invest in biotechnology stocks for the long term. But maybe you’re a more conservative investor and you’d rather be in bonds or FDIC-insured investments. Not the best analogy these days, but the point is that everyone has their own risk tolerance. You need to look at your risk tolerance. For example, a busy doctor’s office or a large enterprise may not be able to tolerate more than 60 minutes of downtime. Whereas a small law firm with four people maybe down for an entire day or more without any significant inconvenience.
So when you think about the IT portion of your disaster planning, I’m here to say that there’s two key components that you need to think about. Unfortunately, you’re likely only doing one of them today, and that’s the safeguarding of your data by a tape backup. But the second piece is extremely critical. That’s the continuity piece.
I’d venture to say that no one in the call is doing this piece today. If they are, because there are some large organizations on the call, they might not be doing it as simply and cost effectively as they could be. So for those larger enterprise customers on the call today, we urge you to avoid the temptation of thinking that this is a solution only for smaller organizations or an issue only for smaller organizations.
So safeguarding the data. Let’s look at the first piece, safeguarding the data. For most of you, you have one or more servers and you’re running software that takes your data and copies it to some destination, perhaps one of the types listed on the slide here; tape, external hard disk, and etcetera. If that destination is tape, and hopefully you have an internal process to take one or more of those tapes off site to protect yourself in the event of a fire disaster, etcetera at the office. There’s other ways to do this, but this is most prevalent. What you’re essentially doing is you’re copying. You’re copying data from your hard drives on the servers to somewhere. Think of it like a copy machine making copies of a document.
The problem here, and it’s a huge problem, is that you’re only copying data. You’re copying spreadsheets, Word documents, databases, and whatever else you use, and that’s wildly important and critical. But that data is not what makes the servers work, it’s not what makes your office tick, and it’s not what makes your e-mails slow. It’s not what makes your network and IT functions productive. It’s just data.
So let me paint a clear picture here. If I were to give you an e-mail, let’s say on a floppy disk, remember those, and a brand new PC with no software or operating system on it, and then I told you to go ahead and send that e-mail to your friend in Alaska. How long would it take you? So I’d venture to say that it would take the savviest of users or technicians an hour or more, maybe a few hours at the minimum. But most people, almost a full day.
But why? You have the PC, you have the data, the data is right there on the floppy disk, just send it. Well, it’s not that easy, is it? The problem is that the PC doesn’t have any software on it. To send an e-mail, it needs some software, perhaps you use Outlook. To use software, I need an operating system, maybe Windows Vista or Windows XP. Then I need an Internet service provider to provide the transport, to get my e-mail from here to there, to Alaska or wherever it’s going. Then I need an Internet service provider and I need to configure the settings that the provider gave me and so on and so on. So now consider a server failure in your office. That server is completely wiped out and we need to resort to the tape backup. After all, all of the data is on the tape, right? Sure thing. If the tape works and the data are on it, we’re about 20% of the way to recovery at that point.
Yet, since the server was installed hundreds, if not thousands, of things have changed about that server and its configuration since it was initially deployed. Patches have been installed, users have been added and deleted, fixes implemented, tweaks made, the list goes on and on and on. The fact of the matter is that the server needs to be installed from scratch. Then when the server’s back up and running, then we might be ready to restore the data. So this process is very long. It’s very tedious, painful, and expensive.
At the beginning of this presentation, I said that one of my goals was to let you know that you have a choice. Unfortunately, most people in small organizations feel that the tape backup is something that it isn’t. It’s very unfortunate. Many of you feel that because your data is copied onto the tape, that recovery is just a matter of sticking in the tape and letting it fly.
Others might know that that isn’t the case, meaning that, you know that there’s more involved in the process than that, but you might have, it’s our suspicion and based on our experience, you might have a distorted view of how long your organization would be down in the event of a failure like this.
So what’s your tolerance for downtime? What I want you to think of right now is take a few minutes to confront what your risk tolerance for downtime is. Think about the services, software applications, or data that drive your business, and then consider how long you could be without them before the loss really started to take its toll on your office or organization, or even worse, cause the organization to lose money or customers. Because that’s what it really comes down to, right? So I’ve asked many people over the years, and the answer as you might imagine, the answers vary, but most people said they can be without IT anywhere from two hours to two days generally, depending on the size and the nature of their business.
The problem is that after a moderate to major failure, most people would tape backup alone or data copy to somewhere, are looking at anywhere from two days to two weeks, depending on parts availability, delivery, and other circumstances. So the moral of the story here is that if you’re not doing anything… let me repeat that. So the moral of the story here is that you’re not doing anything in the way of business continuity if you’re just backing up to tape alone.
So how do we provide that continuity? Now we’ve adjusted your expectations a little bit, or at least reset them. Let’s talk of that business continuity. So up until now, only large organizations with big IT budgets were able to afford the safety net of redundant systems or services that allow for you to continue your IT operations in the event of a failure.