If Ben Franklin had been around in our day, he might well have expressed his most famous quote a little bit differently. He might have said: “Nothing is certain but death, taxes, and data loss.”
He would have been right, too.
Even in our current environment of real-time data replication and zero loss data solutions, there is almost always some data loss after a system crash. In fact, in most data protection schemes, a certain amount of data loss is designed in, because a true zero data loss solution is prohibitively expensive.
In today’s post, we are going to share some tips regarding what you as a business continuity professional should be doing to make sure your organization is prepared for these tough realities.
To begin, however, a quick history lesson:
In the old days, transactions between individuals, businesses, institutions, and agencies involved a great deal of face-to-face contact and lots of written records. When computers first came into widespread use, in the later part of the 20th century, many transactions came to be conducted electronically. However, it was commonly the case that there was still human interaction and written documentation behind most transactions (think, for example, of the old hand-operated credit card machines with their carbon copy slips). In those times, daily backups of computer data were usually considered sufficient, in part because there was generally enough hard-copy documentation around to give the organization a good chance of re-creating any data that might be lost during the daylong gaps between one backup and the next.
The past 10 or 20 years, however, have seen a dramatic rise in the number of transactions that are entirely electronic. For such transactions—buying things on Amazon is an example—there is no interaction between the customer and an employee of the organization and no hardcopy documentation. If the data for these transactions is not backed up at the time of a crash, the organization will have no record that they ever took place.
In such an environment, backing up once a day at 2 AM is no longer considered adequate by many organizations. These organizations have propelled the turn to the kind of data replication and zero-loss data protection schemes mentioned in the beginning.
However, as was also mentioned, making a truly zero data loss solution is extraordinarily expensive, and the fact is, in the event of a crash, there will be some loss with even the best data protection schemes.
Here’s another interesting fact about data loss and recovery: Most people vastly overestimate their ability to re-create data that has been lost, even when they were involved in obtaining it in the first place.
In light of all this, what is the business continuity professional to do to help protect their organization against the loss of critical data?
Here are a few tips, given the understanding that as a business continuity person it’s unlikely that you have the authority to direct that things be done, and are limited to asking questions of and making suggestions to the various departments you work with.
- Remember that from the point of view of business criticality, data might be the most important resource at your organization.
- In every aspect of business continuity, from staff training to business continuity plans to crisis management, think about the procedures and steps that are in place to protect data.
- Don’t be satisfied when someone says, “Don’t worry, we’re replicating. IT does all of that.”
- Sit down with IT and ask them where any potential gaps in data backup and protection might lie. Press them to tell you specifically how they’re backing up and how much data could potentially be lost in the event of a crash.
- Take the information you get from IT back to the relevant departments, sharing it with them and asking them to create procedures to protect against the identified gaps.
- As a BC leader, you have the responsibility of checking with the various departments to make sure they have taken the steps and created the procedures necessary to deal with data losses.
- In working with the various departments, ask your contacts the following questions:
- In your BC plans, do you have procedures for checking each app, verifying the state of the data, and recreating any lost data?
- Do you have procedures for interacting with the IT team to identify the state of the data and recreate any data that was lost?
- Do you have procedures for checking the synchronization between systems?
- Ask yourself: Are you confident that the departments have put the necessary procedures in place? Have you talked to each department and made sure?
- It’s incumbent on you as the BC person to ask the right questions of the various departments you work with.
By taking these steps you will be doing what you can to ensure that the departments at your organization are prepared for the data losses which will almost certainly affect them, sooner or later.
Maybe Ben Franklin didn’t actually say, “Nothing is certain but death, taxes, and data loss.” But there was one thing he wrote that is definitely on point when it comes to preparing your organization for the inevitable loss of critical data: “Diligence is the mother of good luck.”