Risky recovery and gambling with disaster
In recessionary times, VARs should still consider customers' need to protect against the worst, says James Carnie
When insuring the contents of their houses against theft, most people hope to be spending money on a policy they will never have to use. The more cautious will overpay, over-insure and overprotect, just in case the worst should happen.
However, after several years of paying for an insurance policy they have never claimed against, it is tempting to cut costs, take your chances and hope for the best – the further away people are from their last claim, the more they forget about the implications, potential consequences and the value insurance adds.
In a similar way, any disaster recovery policy involves spending in order to protect against potential damage. In effect, it's insurance against a disaster that may never happen. As a consequence, some companies may be tempted to axe it completely in an effort to cut costs during the recession.
It is possible to strike the right balance between cost and necessity for your customers. Consider the business principles behind it and assess what the business would really need in the event of a disaster.
Disaster recovery is the strategy put in place by a business to prepare for the recovery of core data should a "disaster" of any sort occur to put that data at risk. The balance is different for every company but does involve spending money to protect against a potentially much greater loss, whatever the economic climate.
Companies have varying strategies. SMBs that prioritise the need to recover lost data should their systems fail may recover their data from tape stored on site. In many instances, this is adequate, but if they need to recover data in a very short time or seek additional protection, they might turn to a managed platform instead.
If the data involved is mission-critical, a business might consider backing up its data with a dual-site solution, using different physical locations to add resilience.
When Natwest's banking transfer functions were hit by a hardware failure earlier this year, millions of people were left unable to withdraw cash, transfer money or pay bills. The overall monetary cost ran into millions after just one day but the cost in terms of customer satisfaction was immeasurable.
A bad end-user experience leaves resentment that lasts months or even years and should leave us all too aware of how cost effective a quick and efficient disaster recovery strategy could be.
Backing up to a facility that meets specific compliance requirements can be a priority for some customers. Merchants that store, process and transmit cardholder data must, for example, store data in highly secure PCI-DSS compliant facilities. In the event of a disaster, a secondary facility may be brought into play for speed but it must also be compliant in order to process card data.
Going down the IaaS route for a disaster recovery strategy will in many cases deliver a highly flexible solution. Businesses can work closely with their provider to make sure the strategy is customised to meet budgets, without compromising on the necessary levels of security, compliance and speed.
In the end, especially during difficult economic times, it can all come down to striking the right balance between preparation for disaster and cost effectiveness. Recommending that a customer should overpay for a strategy that exceeds the values of potential losses does not make business sense, but experience tells us it does pay to be prepared for disaster.
Businesses need to carefully assess their needs to get the balance right. If customer organisations are willing to risk going without a comprehensive DR strategy, for the sake of cost saving in the recession, they will regret it if they are caught out.
James Carnie is head of solutions architecture at Adapt