This article includes a list of general references, but it lacks sufficient corresponding inline citations. (August 2019) |
A backup site (also work area recovery site[1] or just recovery site) is a location where an organization can relocate following a disaster, such as fire, flood, terrorist threat, or other disruptive event. This is an integral part of the disaster recovery plan and wider business continuity planning of an organization.[2]
A backup, or alternate, site can be another data center location which is either operated by the organization, or contracted via a company that specializes in disaster recovery services. In some cases, one organization will have an agreement with a second organization to operate a joint backup site. In addition, an organization may have a reciprocal agreement with another organization to set up a site at each of their data centers.
Sites are generally classified based on how prepared they are and the speed with which they can be brought into operation: "cold" (facility is prepared), "warm" (equipment is in place), "hot" (operational data is loaded) –- with increasing cost to implement and maintain with increasing "temperature".
Classification
editCold site
editA cold site is an empty operational space with basic facilities like raised floors, air conditioning, power and communication lines etc. Following an incident, equipment is brought in and set up to resume operations. It does not include backed-up copies of data and information from the original location of the organization, nor does it include hardware already set up. The lack of provisioned hardware contributes to the minimal start-up costs of the cold site, but requires additional time following the disaster to have the operation running at a capacity similar to that prior to the disaster. In some cases, a cold site may have equipment available, but it is not operational.
Warm site
editA warm site is a compromise between hot and cold. These sites will have hardware and connectivity already established -- though on a smaller scale. Warm sites might have backups on hand, but they may be incomplete and may be between several days to a week old. The recovery of pre-disaster operations will be delayed while more up-to-date backup tapes are delivered to the warm site, or network connectivity is established to recover data from a remote backup site.
Hot site
editA hot site is a near duplicate of the original site of the organization, including full computer systems as well as complete backups of user data. Real-time synchronization between the two sites may be used to completely mirror the data environment of the original site using wide-area network links and specialized software. Following a disruption to the original site, the hot site exists so that the organization can relocate, with minimal losses to normal operations in the shortest recovery time. Ideally, a hot site will be up and running within a matter of hours. Personnel may need to be moved to the hot site, but it is possible that the hot site may be operational from a data-processing perspective before staff has relocated. The capacity of the hot site may or may not match the capacity of the original site depending on the organization's requirements. This type of backup site is the most expensive to operate. Hot sites are popular with organizations that operate real-time processes such as financial institutions, government agencies, and eCommerce providers.
The most important feature offered from a hot site is that the production environment(s) is running concurrently with the main datacenter. This synchronizing allows for minimal impact and downtime to business operations. In the event of a significant outage, the hot site can take the place of the affected site immediately. However, this level of redundancy does not come cheap, and businesses will need to weigh the cost-benefit-analysis (CBA) of hot site utilization.
These days, if the backup site is down and misses the "proactive" approach, it may not be considered a hot site depending on the level of maturity of the organization regarding the ISO 22301 approach (international standard for Business Continuity Management).
Alternate sites
editGenerally, an Alternate Site refers to a site where people and the equipment that they need to work is relocated for a period of time until the normal production environment, whether reconstituted or replaced, is available.
Choosing
editChoosing the type of backup site to be used is decided by an organizations based on a cost vs. benefit analysis. Hot sites are traditionally more expensive than cold sites, since much of the equipment the company needs must be purchased and thus people are needed to maintain it, making the operational costs higher. However, if the same organization loses a substantial amount of revenue for each day they are inactive, then it may be worth the cost. Another advantage of a hot site is that it can be used for operations prior to a disaster happening. This load balanced production processing method can be cost effective, and will provide the users with the security of minimal downtime during an event that affects one of the data centers.
The advantages of a cold site are simple — cost. It requires fewer resources to operate a cold site because no equipment has been brought prior to the disaster. Some organizations may store older versions of the hardware in the center. This may be appropriate in a server farm environment, where old hardware could be used in many cases. The downside with a cold site is the potential cost that must be incurred in order to make the cold site effective. The costs of purchasing equipment on very short notice may be higher and the disaster may make the equipment difficult to obtain.
Commercial sites
editWhen contracting services from a commercial provider of backup site capability, organizations should take note of contractual usage provision and invocation procedures. Providers may sign up more than one organization for a given site or facility, often depending on various service levels. This is a reasonable proposition because it is unlikely that all organizations subscribed to the service are likely to need it at the same time. It also allows the provider to offer the service at an affordable cost. However, in a large-scale incident that affects a wide area, it is likely that these facilities will become over-subscribed due to multiple customers claiming the same backup site. To gain priority in service over other customers, an organization can request a Priority Service from the provider, which often includes a higher monthly fee. This commercial site can also be used as a company's secondary production site with a full scale mirroring environment for their primary data center. Again, a higher fee will be required; but the cost could be justified by the security and resiliency of the site, which would give that organization the ability to provide its users with uninterrupted access to their data and applications.
See also
editReferences
edit- ^ Paul Kirvan. "Checklist for work area recovery site planning". SearchDisasterRecovery.com.
- ^ Baraniuk, Chris (23 March 2020). "How firms move to secret offices amid Covid-19". BBC.
General references
edit- Records Management Services (2004, July 15). Vital Records: How Do You Protect And Store Vital Records?
- Haag, Cummings, McCubbrey, Pinsonneult, and Donovan. (2004). Information Management Systems, For The Information Age. McGraw-Hill Ryerson.
- IT Service Continuity (2007, ITIL v3). IT Service Continuity. Retrieved from: http://itlibrary.org/index.php?page=IT_Service_Continuity_Management on 03SEP14
- The Three Stages of Disaster Recovery Sites by Bryce CarrollNovember 20th, 2013