Disaster Recovery Planning in the New Economy: The Opportunity of Electronic Vaulting

As a result of technical and economic shifts, disaster recovery technologies are poised to become a new business standard for Windows NT/2000 sites. No longer too expensive or inconvenient, discover recovery planning is emerging as the must-have Windows NT/2000 technology that breaks the nightmare of backup-and-restore cycles.

• 10/01/2000

Despite their best intentions, Windows NT/2000 professionals routinely sleep through their disaster recovery planning obligations. Blame it on the expense, the inconvenience or the dearth of organizational resources needed to support effective backup and planning, disaster recovery is a nightmare for most Windows sites. Unlike large enterprises with the budget common to mainframe computing, smaller resource-constrained organizations with less powerful systems typically see disaster recovery planning as an impossible dream.

Flash forward to summer 2000: the Internet changes business practices, making 24x7 operations standard and raising data as the new king. Powerful yet manageable computing platforms, such as Windows NT/2000 deliver enterprise-class processing to small- and medium-sized businesses.

Enterprises store customer orders in the e-mail database, collect customer profiles on their Web servers and make inventory available online. Critically dependent on their data, businesses are at high risk to even the shortest loss of data availability. Disaster recovery is now an operational imperative that can be supported by new technologies. New bandwidth offerings combined with Internet-based data centers and revolutionary data replication technologies make protecting data easier and more affordable than ever before.

As a result of these technical and economic shifts, disaster recovery technologies are poised to become a new business standard for Windows NT/2000 sites. No longer too expensive or inconvenient, disaster recovery planning is emerging as the must-have Windows NT/2000 technology that breaks the nightmare of backup-and-restore cycles. To appropriately protect their business data in the new economy, Windows NT/2000 professionals must understand the technologies that support disaster recovery planning today as well as the steps necessary to implement a sound backup and recovery strategy.

The cost and effort involved in performing routine backup of system data in connection with an effective disaster recovery strategy was a long, distasteful but necessary function for small- and medium-sized businesses. Backing up data to tape was inconvenient, especially as backup windows began to shrink with round-the-clock system availability. Trucking tapes off-site was costly, and engaging a dependable recovery solution – hot site, cold site or replacement equipment on-site – was a significant expense. In case of a major disaster, getting personnel to the appropriate system location was a logistical and budget nightmare. In the end, most companies took their chances and hoped for the best – often with disastrous results.

Fortunately for Windows NT/2000 professionals, three critical new technologies are forever changing the face of disaster recovery planning: bigger bandwidth, Internet Data Centers and byte-level replication technologies. A carefully executed plan using these three technologies can help companies implement a combined backup and disaster recovery strategy that is affordable and easy to manage. Additionally, new services are emerging to automate the full complement of disaster recovery functions and make disaster recovery planning a staple in the management of Windows NT/2000 sites.

The first critical new technology is better bandwidth offerings, which create a bigger pipeline for businesses’ data to travel during the backup and recovery processes. With DSL leading the charge, these bandwidth technologies deliver high-speed and fat pipes at low cost. For example, for as little as $500 per month, DSL connectivity can protect tens of gigabytes of data during a byte-level backup process. Compared with the historically high cost of a dedicated telecom lines, DSL offers tremendous savings to some sites and an entirely new backup opportunity to others unable to afford the higher-cost alternative.

The second key technology is the availability of Internet Data Centers. Using fat pipes and powerful servers, Internet Data Centers provide dot.com companies and application service providers with the security and redundancy to host the applications that run the world’s most powerful businesses 24x7. These service providers can also sell even small volumes of server space to small- and medium-sized companies, making the service affordable for those without big IT budgets. Managed service providers standardizing on Windows NT/2000 servers can offer server space in Internet Data Centers on a rental basis for Web sites, ASP services and realtime archives of critical company databases. These organizations provide full management of the servers, including backup and recovery.

Service providers can now extend disaster recovery to companies by backing up their local data over the Internet and storing it at the data center. This service eliminates the company’s need for IT staff time to manage tapes and backups. If the site needs to copy or restore data back to its primary systems, the process executes over the Internet with no need for physical tape transfer. Storing data at an Internet Data Center also offers companies the physical isolation necessary for effective disaster recovery planning. If the business experiences a disaster that makes its own site unavailable, the Internet Data Center can deliver the data to an alternate site where processing can resume.

The final key technical change is the emergence of new replication technologies available for Windows NT/2000 sites. In both operating systems, the Windows File Filter API notifies the system when a byte in an application’s stored data has been changed. Sophisticated new replication products take advantage of this API by replicating only changed data at the byte level. Instead of reproducing and transporting entire files for every backup, new replication technologies copy and move only changed data, reducing the processing load and the network impact that traditionally accompanies backup operations.

Further, these new replication technologies function in realtime, backing up data around the clock. No backup window is required to execute data replication, which means that systems can operate without planned downtime. Because they are only updating changed bytes, the new replication technologies can send the data continuously. This feature allows sites to have current replicated data stored in support of 24x7 systems operations.

Implementing Effective Electronic Vaulting

The combination of these three new technologies allows Windows NT/2000 professionals to combine their backup and disaster recovery planning practices into a unified electronic vaulting strategy that addresses both the need to replicate and store current data and the ability to restore data and applications in case of a disaster. Electronic vaulting replaces the multi-day practice of trucking backup tapes to safe centers and bringing them back to restore data in case of disaster. The backup process moves to the Internet Data Center, where both current data and histories can be maintained in a safe and remote environment. In effect, electronic vaulting can deliver the backup and recovery protection that data-centric businesses need without breaking the budget or increasing headcount.

There are two ways to implement an electronic vaulting strategy in Windows NT/2000 sites. Electronic vaulting services can be purchased as a package from service providers, or enterprises can build their own electronic vaulting operations. When purchased from a service provider, electronic vaulting pumps changed data across the Internet to an Internet Data Center. The data center updates current copies of the stored data or applications and stores the new versions for safekeeping. In case of an inadvertent data deletion, corruption or larger disaster, current or historic copies of the data can be downloaded back to the Windows NT/2000 site across the Internet. In the event of a site disaster, companies can prearrange to use a high-speed link to an alternate site, where all company systems can be recovered overnight.

Windows professionals with the expertise and desire to keep the backup and recovery processes in-house can also develop their own electronic vaulting strategy. In this case, data is replicated to either a remote site of the organization or to servers placed at a rented location, such as an Internet Data Center or a disaster recovery hot site. This strategy ensures that data is always available and current in at least two physical locations. Data updates and recoveries can transmit across private networks or across the Internet utilizing Virtual Private Network (VPN) technology, which adds encryption and security, thereby creating a private connection over public networks.

The emergence of electronic vaulting services delivers to the Windows market an affordable, Internet-based method of uploading changed data and copying or restoring data to the system in case of a disaster. Internet-based electronic vaulting providers usually offer one of three types of service:

Vendors offer server space accessed across the Internet, which the buyer can use to store critical data and access it at will; the buyer is responsible for the actual replication and recovery.

• Vendors sell the service of copying and uploading data, and the vendor archives the data on a frequency specified by the buyer.

• Vendors provide an automatic service for continuous replication of data to the Internet Data Center; and a full range of recovery services from individual file recovery to full disaster recovery to alternate locations.

As with most Internet-based services, Windows professionals can choose electronic vaulting options that range from no-cost to high-cost. Vendors recently began offering free Internet-based storage space, but these services are designed for individual users rather than businesses. Vendors that execute replication or restore services at the user’s request are a low-cost alternative, but the responsibility for requesting services remains with the user. The most valuable services automatically perform continuous replication and updating without any user intervention. Although these services are more expensive than the other options, for some sites they are the most cost-effective due to reduced management overhead. Continuous replication services provide full coverage of all data (an important feature for data-centric businesses) automatically and continually, removing the responsibility for scheduling backups and tape management from the using organization.

Using electronic vaulting services often requires no additional communications capabilities at the user site. Because continuous Windows NT/2000-based replication technologies isolate byte-level changes, they transfer only small amounts of data. In most cases, the system overhead required by realtime replication is less than three percent of the total processing potential, and network usage is reduced to a fraction of that required by traditional backups or any form of full file archiving.

For example, a site with a 30 GB database can easily support continuous replication using DSL bandwidth. After an initial full copy, the technology replicates and transfers only changed bytes and allows regular processing to continue unaffected. Traditional backup services send an entire copy of the file or database for each scheduled backup, which could take days over the Internet. Even local backups of a large database require an overnight window of several hours or more, when all other processing is stopped in deference to the backup operation. In contrast, current replication technology offers the benefits of speed, currency and transparency to Windows NT/2000 sites while simultaneously delivering offsite disaster recovery protection.

Another benefit of electronic vaulting is the lack of training and intervention required to execute reliable backups and simple recoveries. Where traditional backup technologies required training operators to insert tapes, execute backups, monitor and record volumes and ship tapes to safe centers, online replication technologies used by electronic vaulting services seamlessly and easily upload changed data with no manual intervention.

In addition, data being sent to the electronic vaulting service via a DSL line does not interfere with data being received by the site’s servers. DSL allows data moving upstream and data being downloaded to transmit simultaneously. A company using a small- or medium-sized connection could send replicated data to the electronic vaulting service while users were viewing Internet pages without users noticing any delay in the download.

When evaluating an electronic vaulting service provider, Windows professionals should consider two basic questions: how secure is the remote data copy and how much data history do you want to store? Experts say that maintaining current data is critical, but storing previous versions is important in case today’s data becomes corrupted and the site needs to rollback to an earlier version of the data.

The issue of continuous replication raises a security concern: How safe is it to use electronic vaulting services? As with any Internet access or any vendor-provided service, security breaches are possible, but generally avoidable with good planning. Windows professionals can take several steps to ensure the security of their data.

The first step is to ensure that the servers used to store a business’s data should be physically located outside of the buyer’s region, to prevent a widespread disaster from preventing restoration of data. The service bureau can be located nearby, but data should be stored in a geographically distant location.

To avoid security breaches posed by continuous replication technologies, experts advise that you carefully choose an experienced Virtual Private Network (VPN) provider. VPN technology converts public networks such as the Internet to private networks that can only be accessed by authorized parties. For example, your VPN provider should offer encryption techniques, electronic keys, password protection and electronic certificates to guarantee the authenticity of sites sending or receiving data.

The Internet Data Centers used by electronic vaulting services to store data should also be adequately secured. Most are equipped with diesel generators in case of their own power outage, redundant cooling systems, on-site security guards, fire suppression systems, and earthquake-safe facilities. Many also have geographically remote sites to which data is replicated.

The final option for Windows professionals interested in electronic vaulting is a do-it-yourself strategy employing data replication and a backup product. This option allows the site that owns the data to maintain control over the replication and restore processes.

There are several options for those who choose a do-it-yourself electronic vaulting strategy. Businesses that have remote sites can designate a branch location to host its electronic vaulting service. Companies can also rent space in a geographically distant location; owning the property is not required. Or buyers can rent server space from Internet Data Centers and implement the replication technologies at their own site.

Each of these options allow Windows sites to replicate data in realtime over their intranet or the Internet, saving the cost of physical tape transport, training of local personnel, and lost productive system time. The remote vaulting site takes responsibility for backing up the replica, managing tapes and performing restores. To relieve this burden, "lights out" products perform backups and keep months of history in tape libraries automatically and without user intervention. Administrators can monitor the operation remotely and recover data over the Internet. If the site has been compromised by the disaster, the lights out site can serve as the recovery location. Alternate possibilities include another corporate branch site, a site provided by a disaster recovery vendor, or a site contracted through a service organization. Windows professionals interested in a do-it-yourself electronic vaulting strategy should focus on the key steps needed to create an effective solution:

• Replicate data as currently as possible.

• Remove data to a safe, geographically distant location.

• Archive data frequently, preserving histories in case current data is corrupted.

• Create a "plan B" – designate an alternate site in case a regional disaster impedes your ability to recover data at your local site.

Now that disaster protection technologies have caught up with the Internet and Internet-related disaster recovery services are emerging, companies can no longer justify remaining unprotected. The risks grow higher each year that a data disaster will cripple or wipe out an unprotected business; even a minor loss can cost millions of dollars to an unprepared site. The new generation of disaster recovery planning services is easy to use, simple to cost-justify, and hard to ignore, in light of its value versus the potential for loss. What was once a nightmare for Windows NT/2000 sites now feels like a dream come true: the new generation of disaster recovery technologies protects business-critical data automatically and cost-effectively, without straining IT budgets or schedules.