Disaster Preparedness 2011: Is there a hole in your disaster recovery plan?
Dennis Bruce |
A good disaster recovery plan includes all of the processes, policies and procedures necessary for your company to continue operating its critical technology systems after a disaster. The “classic” disaster recovery (DR) scenarios -- such as floods, earthquakes and hurricanes -- are widely understood. However, the disasters most commonly faced by businesses are not those recognized by the Federal Emergency Management Agency (FEMA), but the more mundane power outages, cyber-attacks and vendor issues. Yet, in all cases, you need to be prepared.
When a critical business or government application is down, it can cost thousands, sometimes millions, of dollars. On average, enterprises lose between $84,000 and $108,000 for every hour of IT system downtime, according to various estimates from analyst studies and surveys. Despite these costs of downtime, many businesses are not adequately prepared for disaster recovery. Up to 40 percent of businesses affected by a natural or man-made disaster never re-open, according to the Insurance Information Institute.
Is there another way to ensure that all of your important applications are recoverable, and can continue to drive your operations after a disaster? Let’s take a look at software escrow agreements and how they can be used to help ensure application continuity.
Software escrow as an application continuity solution
Software escrow is a way for developers and users to protect what matters to them. Developers want to protect the intellectual property (IP) they’ve created, and users want to know that the software they’ve licensed will always be there when they need it. In order to make this happen, the developer stores copies of their software source code in a secure location with a neutral trusted third party, such as Iron Mountain.
In addition, it is a best practice to perform verification testing on escrow deposits. Verification can ensure that everything required to compile the code efficiently is included in the escrow deposit.
Software developers can send their source code deposits to the escrow agent either electronically or via backup tape. If sending physical deposits, your offsite tape vaulting vendor should work with you to develop and support your disaster recovery needs for accessing and retrieving back-up tapes containing application source code. The back-up tape storage and retrieval process should have an auditable chain-of-custody to verify regulation compliance and the integrity of the data for each step of the transit to and from your data center.
Source code is kept in the protected escrow account and the user gains access to that source code only in specific circumstances. Typical events that trigger a release of the source code include loss of vendor support, ceased business operations, insolvency, bankruptcy, a merger or acquisition, or other situations where the developer can no longer support the software.
When it comes to ensuring application continuity, a software escrow solution is an important, yet often overlooked, piece of the puzzle.
Protect what matters
Protecting the source code for your important applications via a software escrow agreement is a simple, cost-effective way to ensure application continuity. This way, the software that you’ve licensed is protected in a secure environment and available when needed.
While business continuity and disaster recovery plans are focused on the user and their environment, it is also important to think about your software developers and how their situations can have an effect on your business or government agency. Circumstances affecting your software developer, such as financial insolvency, bankruptcy, contractual disputes, mergers and acquisitions, staff defection or excessive rotation, can impact the IT infrastructure in a way that can create business continuity problems. Software is the lifeblood of your organization, and leaving it unprotected it can be catastrophic.
Although “classic” disaster recovery scenarios may appear to be the most devastating cause of IT outages, application problems are the most frequent threat to IT uptime. According to Gartner, people and process problems cause an estimated 80 percent of unexpected application downtime.
What if you could ensure that your applications would work for you both in a “classic” disaster recovery scenario and if your developer failed to perform their obligations? Since people and processes are such a major factor in application downtime, it is wise to use software escrow as a way to mitigate this risk and help ensure application continuity.
How can you set up application continuity for your business?
It’s important to think beyond those super critical top few applications covered by managed recovery services. If an application is not easily replaced with off-the-shelf software packages, it should be protected with a software escrow agreement and verification testing. With a software escrow and verification solution supporting your existing business continuity/disaster recovery (BC/DR) plan, you can extend the number and type of applications that can be protected in a cost-effective manner.
Read in detail at :- http://cdrn.org.in/show.detail.asp?id=22867
No comments:
Post a Comment