rolffimages - Fotolia

The difference between disaster avoidance and recovery

Today's businesses can shift away from disaster recovery and prevent outages from occurring in the first place with a disaster avoidance plan.

Disasters are an unavoidable fact of everyday business. If the forces of nature aren't conspiring against you, there is certainly no shortage of man-made atrocities that can shutter a data center. This means disaster planning and preparation are a critical aspect of any business plan. But there is no single approach to disaster preparedness, and the emphasis on disaster response is changing as new technologies and capabilities become readily available to everyday businesses. Let's examine the relationship between disaster recovery and disaster avoidance for the modern data center.

What's the difference between disaster avoidance and disaster recovery?

Disasters can be caused by natural means, such as an earthquake or hurricane, they might be caused by accident, such as a fire, and they may also be man-made, such as acts of war or terrorism. But in every case, a disaster is an unplanned event which invariably disrupts the primary data center.

The notion of disaster recovery is all about the strategy used to minimize the effect of disruptions and restore mission-critical business functions after a disaster. Disaster recovery generally involves discussions of recovery point objectives (RPOs) and recovery time objectives (RTOs) along with the hardware, software and practices needed to achieve those objectives.

For example, a traditional disaster recovery plan might be to restore five key business applications to normal functionality within 60 minutes after a disaster event (this is the RTO) while losing only up to 10 minutes of data (the RPO). The actual RPO and RTO will depend upon your specific business needs and the corresponding investments in hardware, software and personnel. Organizations with many critical applications under short RPO and RTO requirements must typically invest substantially more in hardware and software infrastructure to achieve those objectives compared to a business with few important applications and liberal recovery objectives. A simple example of disaster recovery (DR) is backup restoration where servers are reloaded from the latest backup set saved to local or remote storage subsystems.

By comparison, the idea of disaster avoidance is all about the efforts involved in preventing disaster-based disruptions in the first place. The discussion is about "resilience" rather than recovery -- maintaining application availability in the wake of foreseeable disruption. A simple example of disaster avoidance is virtual machine migration. For example, all of the workloads on a virtualized server can be migrated to other available servers so that the original system can be maintained or upgraded which eventually prevents hardware failures (disasters on a small scale). Similarly, if you know a hurricane is bearing down on your main data center, it's possible to migrate workloads to servers at other remote facilities until the storm passes and repairs are made.

A key consideration in both cases is "foreseeable" disasters. It is often not feasible or cost-effective to plan for every possible disaster, so disaster planning always strives to protect businesses against the most probable situations. For example, a data center in Miami will certainly have a disaster plan in place to deal with hurricanes, but probably doesn't account for the possibility of an armed incursion from Cuba.

Is disaster recovery or avoidance better?

Disaster recovery technologies typically offer the widest variety of deployment options and price ranges, and are generally used by organizations that can tolerate some level of workload disruption or data loss. However, recovery must be tested and practiced periodically to ensure that recovery works as expected -- regular drills minimize recovery delays caused by human error or inexperience.

Disaster avoidance is often the most aggressive and expensive form of disaster preparedness, because multiple data centers are required to work cooperatively to supply computing resources or share computing tasks. Since all data centers are running continuously, IT staff work with all of the equipment regularly and IT administrators generally stay current on all systems and configurations across the enterprise.

So the ultimate choice of disaster preparedness must be guided by business needs (such as RTO and RPO) and regulatory compliance requirements rather than technological availability. A business that simply cannot afford to be down should consider a disaster avoidance approach, while less demanding businesses can potentially save money and simplify their infrastructure with more traditional disaster recovery deployments.

Next Steps

Planning on prioritizing disaster recovery? Learn about implementing, securing, testing and updating your plan.

Dig Deeper on Disaster recovery, failover and high availability for virtual servers