Disaster Recovery Plans for Homesteaders
Know the building blocks to creating a plan to keep your 3000 running
By Paul Edwards
Editor's Note: Substantial portions of this article were adapted from a publication titled "The Disaster Recovery Guide" and copyrighted by John Painter of Computer Solutions, Inc., which operates Minuteman Recovery disaster recovery for HP 3000s (www.minutemanrecovery.com)
The term homesteading comes from the days when the pioneers first settled in the Midwest and Western US. Homesteading usually meant that you were far from your nearest neighbors and had to be self-supporting. Also, you had to plan for disasters of many kinds such as storms, attacks, medical emergencies, lack of food and other supplies, and equipment repairs. As an HP 3000 customer that continues to get cost effective and reliable use of your equipment for many years into the future, you must be self-sufficient and plan for disasters to ensure a stable and protected environment.
This article, and its second part next month, will not go into all the details of writing a disaster recovery plan, but we will discuss the main points to consider. There are extensive resources available to help write a plan: A search of the Internet for the words Disaster Recovery Plan for companies offering solutions; papers presented over the years at the Interex HP World conferences and Solutions Symposiums; articles in this newsletter, and various vendor sites like Robelle, Allegro and HPs own Jazz site. A request to the 3000-L mailing list and newsgroup for sample plans and a search of its archives may produce results. The Disaster Recovery Journal at www.drj.com, Contingency Planning & Management at www.contingencyplanning.com, and Disaster Resource Guide at www.disaster-resource.com are some sites that offer a wealth of disaster recovery planning information. My firm, Paul Edwards & Associates, offers a Web-based product to produce a complete plan and also provides consulting services.
Your HP 3000 system is probably the heart of your companys business operation. Some organizations would cease to function after a few minutes of system downtime, and other organizations might do just fine without their system for a few days. The top 10 types of disasters, which have caused the most damage in recent years, are power outage, storm damage, flood, hardware error/failure, bombing, hurricane, fire, software error, power surge/spike, and earthquake. Each of the various types of potential disasters listed has to be addressed in the contents of a recovery plan. The average time period in which essential company functions will continue, following a data center failure, is an average of 4.8 days for all types of industries. The loss of the data processing function and most of the corporate records can put a company out of business. The current world situation requires that every company be prepared for almost any eventuality.
Building an IS disaster recovery plan and the recovery of the data processing functions of the company is a vital part of the job description of the data processing manager. My article in the January, 2004 NewsWire, Homesteading: Plan for the Future, details the contents of the Systems Manager Notebook that is a starting point for constructing the IS plan. The contents include hardware and software information that is vital to recovering your system in any type of disaster. The rest of the companys business operating procedures must be combined with the IS plan to form a comprehensive corporate disaster contingency plan.
The goal of a successful recovery plan is business continuity. Recovery planning should aim to control any crisis from spiraling out of control and provide a stable path to full recovery. To begin the recovery planning process on the right foot, it is important to identify the critical functions that your HP 3000 system fulfills in your organization and the personnel critical to the management of these functions. The daily payroll and financial functions may be critical to the organizations long-term viability, but any enhancement or development effort could be postponed for a few weeks without jeopardizing the whole organization. However, by limiting the scope of your planning to your critical functions and by including all layers of management in the initial discussions, you lay the groundwork for an affordable and achievable recovery solution. This may be the single most important principle in successful recovery planning.
An essential technique used by successful IS professionals is to involve upper management from outside the IS operations in the planning process from the start. This accomplishes three things. First, backing from upper management will enhance cooperation from the rest of the organization for the project. Second, it is better to understand upper managements concerns now, rather than have them shoot down your plan in its final form. Third, if upper management has helped define the critical functions for the organization, you will encounter less debate from everyone else. After all, every user of your system will feel that their function is critical.
After establishing the critical functions for the organization, you should prioritize the functions and determine the time frame in which each function must be restored. In actual disasters, the time spent using a recovery system after a disaster is typically two to four weeks. In that amount of time, the original system becomes available or a replacement HP 3000 system can be purchased and delivered. While it is possible that the nature of the disaster will result in a longer recovery period, it is unlikely. In determining the time frame that critical functions must be restored, use the two to four week estimate as a rule of thumb and functions that need not be restored in that amount of time also need not be considered as part of the plan.
Creating the Plan
When it comes down to committing a plan to paper, there are three approaches. One approach is to hire a consultant who has done this sort of thing before. Some consultants specialize in recovery planning and he or she may be certified by various disaster recovery organizations. Another approach is to purchase a recovery planning methodology. Some are word processing based and some have a database structure with reporting capabilities. There are some fill in the blanks word processing planning packages, but many find that the structure a computer based plan provides is more successful. The data needs to be merged with the written procedures for each section to provide a complete planning document. The newest technologies are web-based on your servers or at an ASP, while some are client server or simply reside on a PC. The third approach is to simply sit down and write it your self. This approach is not for the faint of heart.
Regardless of the approach you choose, there are items that should he included in every plan. Every recovery plan should establish a recovery team that would be activated in the event of a disaster. This team becomes the command and control mechanism to implement the recovery and make the quick decisions that may be required. For smaller organizations, team members might only include a handful of IS staff. Larger organizations will include members from other departments such as insurance and corporate management. Some organizations are large enough to require multiple teams, with each team assigned a specific task.
The recovery team members should be knowledgeable about your organizational requirements, be available on short notice, and have the authority to pursue the means necessary to ensure full recovery. Obviously, all current contact information for the team needs to be available to all members of the team. The team should meet on a regular basis and each member must be made aware of updates made to the plan. The recovery team is essential for smooth recovery.
There are a number of lists that are helpful to have in an emergency situation. The origin of the items from the HP 3000 system is detailed in my article in the January NewsWire. A list of suppliers and vendors should be included in your plan, each complete with the address, phone number and a contact name. Include your HP 3000 hardware vendors, your forms and supplies vendors, your software vendors, your maintenance vendors, your offsite storage vendor, and any other vendor or supplier that might affect computer operations. A list of alternative vendors is also helpful. In an emergency, it may not be possible to find the employee who knows where your organization buys a certain item. The vendor list ensures that vendor support will be available.
A list of all HP 3000 hardware with serial and model numbers should be included for insurance purposes, and a detailed floor plan of your data center should be filed right alongside. A list of applications prioritized according to relative importance should be included for reasons discussed earlier. Its a good idea to make a copy of the front page of each software application manual too. This page will have the version number of the software and will offer some proof of ownership if the software or the manuals must be replaced quickly.
Next time: How agreements can form a disaster recovery bedrock.
Paul Edwards is an HP 3000 certified consultant and founder of Paul Edwards & Associates, an HP 3000 consulting firm that offers a Web-based product to produce a complete disaster recovery plan and provides consulting services. A 27-year veteran of the 3000, chairman of the MPE Forum and an OpenMPE board member, Edwards can be reached at email@example.com or 972.242.6660.
Copyright The 3000 NewsWire. All rights reserved.