Blog

3 Tips for Disaster Recovery Compliance

 Disaster recovery (DR) planning is no longer something businesses can afford to ignore. For a start, if a natural or manmade disaster strikes, companies will not be able to resume operations without a DR plan in place.

Also, many jurisdictions now have regulations in place that mandate DR planning for certain industries. If an emergency arises and a company isn’t prepared for it, it could face fines and legal penalties. Complying with these regulations will protect your firm in the long run, because it forces you to plan for a disaster and you’ll avoid running afoul of the law.


Here are three useful tips for adhering to DR regulations and making sure you’re up to speed.

Understand Your Compliance Requirements

Your compliance requirements will depend on your industry. Bear in mind that some regulations affect virtually all industries.

Consider the U.S. as an example. The Sarabanes-Oxley Act of 2002 (also known as SOX) was passed by Congress to protect the American public from fraudulent enterprise practices.

Although the goal of the act was greater financial transparency for all companies, it has implications for the IT sphere. SOX states that firms must save all business records, including electronic records and messages, for no less than five years. Should they fail to comply, corporate leaders face imprisonment and the company could be fined.

Ensure Your DR Plan Complies with Regulations

You may have a DR plan in place. However, if it doesn’t meet the standards set out by government regulations, you could face serious repercussions.

For instance, the Federal Financial Institutions Examination Council (FFIEC) has guidelines about the maximum allowable downtime for IT systems based on how critical it is to the business. If an IT system is part of a critical process, the recovery team must make it operational within a period of minutes. Therefore, financial institutions should set their recovery time objectives to FFIEC guidelines if they want to avoid prosecution.

Choosing the Right Infrastructure

No government regulation will say that businesses must use a particular type of infrastructure in order to comply with the law. That being said, some technological solutions make it easier to adhere to legislation than others. What you need to know is which infrastructure will best meet your DR needs while ensuring you don’t violate the law.

Some DR solutions enable you to perform failover testing without bringing the network down and disrupting the business. This means that you’d not only be complying with the law, your DR plan would exceed legal requirements of maximum allowable downtime. DR testing is critical, because it demonstrates whether your plan will work if disaster strikes. Many organizations avoid testing their DR plans because they fear the cost of downtime.

NetApp’s disaster recovery solutions are built on its Data ONTAP operating system, enterprise-grade scale-out storage. Data ONTAP is architected for non-disruptive operations and efficiency. With the Data ONTAP operating system, you can leverage your DR infrastructure to perform failover testing, and you won’t experience a moment of downtime. You can support vital DR testing without having to sacrifice crucial business continuity.

Want to get started? Try out Cloud Volumes ONTAP today with a 30-day free trial.  

-