As a former senior executive of Swiss Reinsurance, the world’s largest reinsurer of life-health and property-casualty risks, Donna Childs was well versed in both the need and the practice of disaster data recovery. Her experience proved critical when she returned to the United States to start her own small business — in the area subsequently designated “Zone 1” of the World Trade Center on Sept. 11, 2001.
“On that fateful morning, I was in the WTC when the planes struck the towers,” Childs told TechNewsWorld. “In addition, my apartment was in the shadow of the WTC and was the only residential community in Manhattan that was closed by civil authority and placed under the control of the National Guard.”
When Hell Comes Calling
Homeless and office-less for the duration, Childs, like hundreds of others, endured sudden loss beyond the mere imaginable. Besides the loss of essential services, such as electricity, gas, landline telephone, Internet access, water, mail delivery, garbage pick-up, and pedestrian access, there was the overwhelming physical damage to contend with, including environmental remediation to remove the soot, ash and other contaminants.
“In addition to being a human tragedy, 9-11 was an economic catastrophe for Lower Manhattan small businesses, including medical practices, with thousands ceasing operations as a consequence of the terrorist attacks,” she says. “Few were prepared to work through such disruptions or prepared to recover their data.”
Childs was one of the lucky few. Her data was properly backed up and offsite, and she was able to resume operations fairly quickly. In fact, her recovery was so well handled that the Department of Homeland Security profiled her small business in its “Ready for Business” campaign. She has since authored a book, Prepare for the Worst, Plan for the Best: A Small Business Guide to Disaster Preparedness and Recovery, to teach others what she learned from the experience.
The Immortal Thoughts of Mortals
Most people think massive events like 9-11 and Hurricane Katrina won’t happen to them. Whether it will or it won’t is sort of beside the point. “I always thought of a fire or something when planning for disaster recovery. Something like 9-11 never entered my mind,” says Childs. It was the planning for a more ordinary disaster that saved her from the Big One.
Like school fire drills, you must put emergency plans in place before a disaster strikes. If you don’t, you stand to loose a good deal more than a collection of bites and bytes.
“A study performed by a group of CPAs found that, over those small businesses in the immediate vicinity of the World Trade Center at the time of the 1993 bombing, those businesses that could not get back online and recover their data within five business days, 90 percent of them were out of business within one year,” says Childs. “The take-home lesson is that you either recover quickly or not at all.”
After the Bell Tolls for You
If you do find yourself on the back-end of a headlong disaster, don’t make a knee-jerk jump into action, because you can actually make things worse. Getting professional advice based on the exact circumstances will rarely cost you anything more than the time that it takes to pick up the phone and explain your situation. Before you choose any do-it-yourself (DIY) approach, do some homework and talk to a professional.
“If you don’t really care about the data, then trying all of the DIY information on the Internet has very little risk,” Ken Colburn, president of Data Doctors Data Recovery Labs, told TechNewsWorld. “If your data is important, taking the ‘top down’ approach to getting the data back makes the most sense.”
In other words, says Colburn, start by discussing your situation with professional data recovery services and work your way down. “If you start with the cheap DIY approaches then ask a professional to help you, your DIY actions have a high possibility of taking a simple recovery and turning it into a real expensive recovery,” he warns.
Myths That Ruin the Save
Be careful of advice you find on the Web, because much of it is outdated or, even worse, built on harmful myths. Colburn offers this list of don’ts:
- Don’t break the seal on the hard drive: Many techies believe that they can feel their way through a failed hard drive if they can just get it open to examine. The number of data recovery projects that we are presented with that have been destroyed by “do-it-yourself” attempts is on the increase.
- Don’t place a failed hard drive in the freezer: This is one of the most common myths on the Internet about recovering data from a failed hard drive. Years ago, when heat-related failures were common, this had the possibility of providing a short period of time to access a small number of files in a small number of cases, but with today’s hard drives and the volume of files that need to be recovered, a two minute window to get your data off isn’t of any value. The damage from condensation and other environmental impacts to the materials used in hard drives is far more likely than a successful recovery.
- Don’t panic, especially with a business server that has a RAID array, as it will almost always result in further damage and/or expense: RAID recoveries are very complicated to begin with, but when a panicking IT staffer swaps drives around trying to get a server back up and forgets which drive is which (and they aren’t labeled, which is very common) the complexity and cost of the recovery can go up exponentially.
- Don’t withhold info when engaging a professional recovery resource: A very common scenario for data recovery companies is that an IT person that caused the failure is trying to cover their tracks from management when they submit a recovery project. They portray the situation as a drive failure when in actuality they made a mistake that they don’t want anyone to know about it. This misinformation causes the recovery process to go down the wrong path, which increases the time and cost of the recovery. It is very obvious to recovery professionals when a recovery project does not match the description given by the person submitting the project as the recovery process plays out, so don’t try to fool the guys that are trying to save your data (sounds like common sense, but you wouldn’t believe the stories we’ve been told!)
- If the hard drive is making clicking, ticking or any other strange noises, don’t keep restarting it to see if it will stop making noises: Mechanical failures tend to get worse with each restart of the drive, so the more times you restart a failing hard drive, the more damage (and expense) you will likely cause. When you hear strange noises, turn off your computer and start assessing your data backups before doing anything else.
- Never run recovery software on a hard drive that is clicking, ticking or making any type of strange noise: This is an attempt to use software to fix a hardware problem, which will never work and can cause permanent data loss. Clicking hard drives are suffering a mechanical failure which must be repaired prior to any attempts to extract the data.
- Never install recovery software on the drive that you are trying to recover data from: When pointed out, this seems like an obvious point, but one of the most common mistakes we see from novice attempts at data recovery is installing the recovery software onto the hard drive that needs to be recovered. There is a high likelihood of overwriting the very data that you are intending to recover by doing so. Always make the recovery drive the second hard drive on a recovery system so that the recovery software is installed on another hard drive.
- Never tap, slap or drop the hard drive to get it to stop clicking: This is another common myth being spread around the Internet for those that are looking for a DIY solution. Kinetic energy can cause head crashes or scarring of the data platter.
10 Tips for Data Recovery
There are things you can do to help you recover your data in the best possible shape. These 10 tips for data recovery on the scene of a nightmare, Brace Rennels, CBCP and a project manager at Double-Take Software, told TechNewsWorld:ol.thisol { font-weight:bold }ol.thisol span {font-weight:normal }
- Don’t panic and remain calm. If there is a disaster event, the priority No.1 of any business continuity plan is to ensure the safety of the employees.
- Evaluate the disaster. The best business continuity plan is the one that doesn’t have to be implemented, and being able to quickly evaluate the level of disaster will be critical in making the decision to implement the procedures or not.
- Communicate. Make regular communication to your team, managers and your vendors to help determine your options and recruit assistance if needed. Even if there is no status to report, don’t leave anyone guessing or, worse yet, drawing their own conclusions. This should be done after every other step. Let everyone know the procedures that are being implemented, a conservative estimate of time to complete the recovery and then any update, issue or notice that the business critical systems are available.
- Know the plan. Exercising the business continuity plan regularly will help everyone’s familiarity of procedures so there are no questions regarding what to do.
- Make the decision. Once you have determined the level of disaster and everyone is safe to operate, it is time to make the decision if you need to implement the business continuity procedures or if the downtime for recovery is acceptable.
- Start the Recovery. Whether one server or 200 servers, start with recovering the most business-critical systems first to restore business operations to a functional level. This should be outlined in step 4, “know the plan,” so there shouldn’t be any question which order which servers need to be restored.
- Where’s the data? The first step to the recovery is having a duplicate set of data to recover from. This could be anything from archived tape, local disk copy, and a co-location or disaster recovery data center. If it takes you more than 24 hours to receive a duplicate tape from your archive vendor, you might want to start looking for a job now.
- Which is quicker? The fastest way to recover from any failure is a high availability solution where a standby server (local or remote) and or cluster node sharing a duplicate set of data is ready to go, so starting the services on that server and redirect users if necessary is all that is required. This process can be as little as ten to fifteen minutes to resume critical workload operations.
- Employ tier 2 and 3 servers. These servers are less critical, where archived tape and a greater than 24 hour recovery time objective may be acceptable.
- Have a failback strategy. Once the systems are operational, the disaster is averted and systems are repaired it is time to plan the failback strategy to move the workloads back to where they were originally.