Here’s the standard scenario: Company leadership recognizes the need for disaster recovery and business continuity. Company leadership funds such an effort, including staffing. Consultants are likely to be hired. A plan is created, reviewed, tweaked, agreed to and executed.

In reviewing these plans, it has been discovered that these plans don’t account for one of the leading reasons for data loss, “The Human Factor.” The Human Factor is defined as the impact of either “not everybody and everything follows the plan” or “self-imposed limitations on the scope of the plan.” Examples of the gap in disaster recovery and business continuity plans are when:

· Key executives have extremely confidential strategic, financial or personnel content or reports that they do not want kept on shared storage.
· Employees work off-site or off-network and do not back-up that new content.
· Back-up server misconfigurations are only discovered when the back-up data is needed.
· Scenarios to be covered in Phase II happen before Phase II is completed.
· Updates to the plan may not keep up with changes to threats to and complexity of the data.
· You can only predict so much of the future.

Enterprise-size companies have known that business continuity and disaster recovery planning is a good business practice because they now put a substantial value on their data. They understand that their digitized data or content is extremely valuable, and in most cases, it is impractical, if not impossible, to recreate. And they realize the new reality that their data leaves the office on laptops, thumb drives and PDAs, and that there are numerous updates when working from home or when traveling, all which are at risk of being lost.

Successful, forward looking companies created CIO positions and introduced content management systems as additional examples of recognizing the value and importance of their data and content. They have calculated the financial impact of business interruptions, knowing that there is little productivity unless individuals have access to their data or content.

Having proved themselves with enterprise clients, disaster recovery companies are now offering service for small and mid-sized companies because storage costs and bandwidth costs have dropped. These small and mid-sized companies have responded positively to these offerings as they too recognize the value of the data and content.

Definition: Data Recovery differs from Disaster Recovery

They may sound very much alike, but they are two distinct components of protecting your content. Data Recovery is an action needed to salvage data from a failing or failed storage media. Disaster Recovery is the planning that minimizes the need for data recovery by planning and maintaining back-up systems (as well as planning for other business continuity efforts).

To add to the confusion, some IT professionals confuse the terms, potentially adding to the gap.

Analysis

Far better than the 80/20 rule, companies can expect 95% to 98% of its employees to follow plans and protocols. The remaining 2-5% is The Human Factor gap, consisting of situations when employees store files off-network either intentionally or because of temporary time and location challenges. It is no coincidence that the people who have files stored off-network are the people who create highly critical, valuable data.

The existence of The Human Factor receives no exposure because data recovery customers don’t brag about needing and using data recovery services, and data recovery companies protect their customers’ confidentiality.

Nonetheless, the loss of access to one’s data is a regular occurrence as proven by data recovery companies’ existence for more than two decades, and the growing number of data recovery providers.

Fire, water damage, electrical surges and coffee spills do happen. When it impacts individual users, we refer to them as “solo-tastrophes” or “personal data twisters.”

One can easily imagine, if not having been personally involved, how some of these unforeseen, unplanned, disruptive events evolve into all-out corporate fire drills impacting multiple users and support infrastructure.

Recommendation

To have a complete business continuity plan, partner with a company for disaster recovery planning and implementation; at the same time, develop a formal relationship with a data recovery company to have an adequate plan to cover The Human Factor. The partnership with a data recovery company should include

- Establishing the process for delivering and processing the storage media.
- Determining if chain-of-custody is needed.
- Establishing pricing and the billing process.
- Identifying points of contact.

The better data recovery companies should also provide:

- Training for IT departments to understand how to recognize if there is a hard drive problem and when to stop trying software tools to restore the data.
- Reviewing how malfunctioning drives are stored.
- Optionally reviewing a company’s relevant Knowledge Base articles for accuracy and thoroughness.

A formal relationship, such as a preferred or approved data recovery vendor, will reduce the loss of time and productivity, and maximize the likelihood that the data is recovered.

The benefit to the company is that they will have an established process and vendor ready to quickly, effectively respond to “solo-tastrophes” and “personal data twisters” caused by The Human Factor.