Recently, one of my clients told me a story about one of his clients--a major enterprise that has absolutely no interest in off-site data protection. The company's disaster recovery plan only addresses local availability and recovery because the business (a hospitality and entertainment venue) is totally reliant on the buildings that constitute its property.
Because all of the buildings are a part of the same site, the organization's powers-that-be felt there was no need to back up systems to another location. However, this philosophy couldn't be further from the truth.
Just because your business doesn't extend beyond the walls of a building doesn't mean your data shouldn't. While the likelihood of losing an entire facility may be small, it still exists.
Granted, your primary focus should be on the protection of individual systems and groups of systems with local backup and availability measures. However, keeping a current copy of your vital data in another facility is still a good idea.
If the company loses the building or a group of facilities to a disaster, many resulting issues will require the use of the company's data in the weeks and months following the cessation of business activities.
First, there are the issues of dealing with insurance claims. You'll need financial reports and facilities management data stored in the company's data systems in order to assess the amount of the claim as well as be able to prove that the assessment is accurate.
In the event of a disaster, it will be imperative that your company has access to this important data. Failure to keep such records safely stored in an off-site facility could easily lead to your business finding itself with no way to properly file the insurance claims that it needs to rebuild.
In addition, you should expect and prepare for lawsuits that result from the disaster. Such suits are often an unfortunate inevitability of any major calamity.
Make sure you've stored all records regarding maintenance, security, and other factors in another safe place besides the physical location of your business. Should customers or employees suspect arson, sabotage, or other forms of malicious intent, you will no doubt want to have this data on-hand well after the loss of your production data systems in order to prove that the company took the appropriate measures to avoid such criminal activity.
This best practice also applies to data concerning architecture, safety measures, and fire-prevention systems. You'll need this information handy if an insurance company or another party tries to place the blame for the disaster on what remains of the corporate entity.
Just because your organization's business relies on its physical location doesn't mean you can settle for a DR plan that only addresses local data protection. In fact, these organizations should concentrate more on off-site data protection because it will be the only thing that they can fall back on if a disaster destroys their buildings.
If your building is the business, failing over to another site during a small emergency may not be your best bet. But in the case of a catastrophe, it's vital that you can get your data back quickly and accurately--no matter what.
Mike Talon is an IT consultant and freelance journalist who has worked for both traditional businesses and dot-com startups.