infoTECH Feature

November 11, 2015

Defining Organizational Requirements for File Transfer Failover and Disaster Recovery

There are many reasons companies consider file transfer systems failover and disaster recovery. According to FEMA data, the number of annual declared disasters has grown from a handful back in the 50s to almost 100 in 2011. But according to a 2013 Gartner analysis, environmental disasters only account for 20 percent of unplanned downtime, while operations errors and application failures account equally for the remainder. Forty-seven percent of a small sample of IT pros in North America (and 27 percent in Europe) responded to a recent webinar poll, indicating they have defined corporate policies requiring failover and backup of their file transfer/sharing systems. Below are a few things to consider when evaluating requirements for failover within a single datacenter or to a remote disaster recovery site for secure file transfer systems.

Most important to understand is the business and regulatory requirements for the following:

  1.      Availability of file transfer operations for business continuity, commonly known as recovery time objective (RTO).  RTO is the targeted duration of time within which a business process must be restored after a disruption to maintain business continuity. Assess which mission-critical processes rely on file transfer operations and the impact a short or extended outage would have on the business – think EDI, billing, payroll, finance and HR.
  2.      Availability of file transfer operations to minimize data loss, commonly known as recovery point objective (RPO).  RPO is the maximum targeted period in which data might be lost from an IT service due to a major incident. Certain regulations like HIPAA include stipulations that require zero data loss.

Additional factors, which impact the ability to meet data loss and operational objectives, are cost and architecture/topology used to implement failover.

  1.      Cost historically has been the counter balance to business need for continuous operations. The latest failover technologies, such as virtual machine configured for on-premises high availability, managed file transfer failover and disaster recovery offerings, and cloud failover management solutions are transforming cost structures. Consider total cost of ownership in your evaluation, including: software and hardware purchase (including redundancies); implementation resources and services; on-going administration/management resources (particularly manual operations); and cloud or datacenter operational costs.
  2.        Topology considerations include awareness of single points of failure (such as load balancers), solution failover offerings that include application, database and file system folders failover, and data security requirements (such as location of sensitive data in cloud or on-premises servers).

The seven tiers of disaster recovery, first defined in 1992 by SHARE (an enterprise IT user group), provide helpful context to assess cost vs risks.

·       Tier 0: No off-site data - No business continuity plan

·       Tier 1: Data backup with no hot site - Risk days or weeks of data loss

·       Tier 2: Data backup with a hot site - Risk hours or days of data loss

·       Tier 3 (News - Alert): Electronic vaulting - Risk hours or days of data loss

·       Tier 4: Point-in-time copies - Risk hours of data loss

·       Tier 5: Transaction integrity - Little to no data loss and is application-specific

·       Tier 6: Zero or near-zero data loss - Little to no data loss and is storage/disk oriented

·       Tier 7: Highly automated, business integrated solution - Little or no data loss and minimal application downtime via automated application recovery.

Recommended next steps for secure file transfer failover or disaster recovery include:

  • Review organizational backup, failover and disaster recovery policies including security and regulatory compliance requirements related to data loss.
  • Create risk analysis and identify gaps between current state and required architecture to meet defined acceptable risk.
  • Develop a strategy for transitioning to failover or disaster recovery aligned with acceptable risk profile.
  • Conduct due diligence on latest failover and disaster recovery technology such as: VMs configured for HA, Managed File Transfer failover and DR offerings, or Cloud-based Managed Failover solutions.
  • Plan for investment in a project to deliver defined improvements.



Edited by Kyle Piscioniere
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers