Time for a fresh look at Disaster Recovery?

Insights and tips for small and mid-sized businesses
by Colin Beveridge, Principal Analyst, Freeform Dynamics

Not many people read IT Disaster Recovery plans for pleasure but these documents are often far more insightful than the organisation’s Annual Report. That’s because the quality and scope of the DR plan instantly reveals the company’s relative priorities, levels of resource investment and commitment to business continuity planning.

At the very least, a robust, up-to-date and proportionate IT disaster plan shows not only that somebody cares enough to try and keep the wheels of industry turning but has also put adequate measures in place to minimise the risks of unexpected IT failure.

Of course, the interpretation of ‘adequate measures’ will always vary from organisation to organisation, according to local needs and resources, because there is no cookie-cutter model (one size fits all) for disaster recovery.

Nevertheless some fundamental principles do apply, regardless of organisation size and scale, which means that Small and Mid-Sized Businesses (SMBs) face very similar DR challenges to those of their larger counterparts. Even the smallest SMB needs to take some steps to protect the integrity of its business systems when things go wrong.

A Freeform Dynamics study focused on organisations with between 50 and 1000 employees shows that SMBs generally care about IT disaster recovery and proactively establish DR measures, even if they don’t always describe them in such terms.

However, the research also highlights some gaps and shortfalls in disaster recovery capability, which respondents readily acknowledge. Having said this, only 20% of SMBs indicated that investing in DR improvements would be considered as high priority spending:

The chart above is one of a number from the aforementioned research which tell us that a good proportion of SMBs are well aware of their DR challenges but most can’t afford to throw money at the problem areas, particularly in a difficult economic climate.

But that shouldn’t stop them taking a fresh look at their disaster recovery plans, not only to see if there are any affordable opportunities for incremental improvements in key areas, but also to check that any previous plans remain properly aligned with their systems portfolio and infrastructure.

Chances are that some re-alignment may be necessary, particularly if business systems, IT infrastructure or services have been changed or introduced since the last DR review. It’s also vital to pay specific attention to any changes in business priorities, working practices (such as growth of remote/mobile working), service delivery models or service providers, because these will all directly affect the business continuity and disaster recovery requirements.

Likewise a previously suitable mix of DR tools, techniques and technologies might now benefit from a rethink. SMBs may find that the falling cost of storage, the mainstream readiness of virtualisation technology and the maturation of third-party hosting services (including Cloud) offer real benefits of cost and timeliness, in terms of better IT resilience and recovery, when compared with a ‘traditional’ DR approach, such as offsite tape backup and recovery.

Perhaps, though, the biggest challenge for a smaller business is in knowing what ‘effective’ DR and good business continuity planning looks like in practice. This is where awareness of what works well elsewhere can be invaluable.

In an attempt to flush out some of the ‘best practices’ for SMB disaster recovery, our analysis of the research sample divided the interview respondents into two groups: a) those with comprehensive/ good IT DR, and b) those with inadequate/ poor IT DR capabilities.

On comparison of the two groups we saw some significant differences, with seven specific characteristics, or behaviours, that appear to stand out as ‘enablers’ of better DR performance.

Some of these enablers, such as inclusive planning (i.e. ensuring that IT disaster recovery planning is fully co-ordinated with general business continuity plans for people and process) and the prioritisation/ funding of DR investments, are hardly surprising because they represent the fundamental points of entry to effective DR anyway.

However, other enablers identified in the research may be less obvious to an SMB hoping to improve IT disaster recovery capability. These include the use of alternative storage media and advanced DR solutions, such as Continuous Data Protection (CDP) which facilitates rollback or recovery to a particular point in time – extremely useful if a key data store has become compromised, or otherwise invalidated by application or user error.

For a full discussion of the effective DR enablers and more information on this topic, you can download the full research report here

(originally published on computing.co.uk)

RIM changes its leadership, but not its course

On January 23rd, 2012, Research in Motion (RIM) announced Thorsten Heins as President and CEO. Mike Lazaridis, former Co-Chair and Co-CEO becomes Vice Chair of the Board, and also Chair of the Board’s new Innovation Committee. Jim Balsillie remains a Director. Barbara Stymiest takes on the position of Independent Board Chair. Prem Watsa joins as a new Board Director. All with immediate effect. The complete press release can be found here: http://press.rim.com/release.jsp?id=5358

So what’s new, apart from the personnel moves summarized above? Based on the official press release and what was said during the company conference call, the answer is: not a lot.

Thorsten Heins stated that the top priorities for his first 100 days in office would be – in that order - improved marketing (with the appointment of a Chief Marketing Officer), and the strengthening of processes and execution.

He also made it abundantly clear that the emphasis for the new CMO (to be brought on board asap) was going to be very much on the consumer market, with a particular emphasis on making up lost ground in the US. By contrast, nothing was really said about RIM’s enterprise customer base, and how to shore it up in the face of increasing competition.

Those who were looking for a change in overall company or product strategy were disappointed. Thorsten very firmly stressed the company’s commitment to BB10 (described as not simply a new operating system, but a new platform) and PlayBook 2.0, and hailed the technical superiority of both. He also made it clear that RIM was not going to hive off any parts of the business, as having an integrated approach (hardware, software and services) is seen as a key competitive differentiator. Requests to license BB10 would be considered on a case-by-case basis, but hardware-only deals were firmly ruled out.

Improvements to resource planning and program management will no doubt be a positive move, if they lead to fewer product delays and more stable early releases of new software. And better marketing can’t do any harm, provided the product and service are right. But there is little sign as yet that RIM is bringing the developers round to its vision of the future.

In the near term, urgent action is needed to address the enterprise part of the business. Despite having lost market share in some countries, RIM still has a large number of enterprise customers. If it wants to retain these, the company must spell out very clearly the reasons why these customers should stay loyal. While RIM may still have the edge when it comes to certain corporate requirements, such as security and central management, the gap is closing, and RIM has to move fast.

The big questions remain: Is this management change too little, too late? And how much room to manoeuvre will Thorsten Heins really have, should he decide a change in strategy is required after all, with the shadow of Mike Lazaridis continuing to loom large?