We recently formed a relationship to manage the continuity program for a new client. At the start of the discovery phase, we had a hearty discussion about backup practices. The new client used a well-known and reputable local data backup provider but had not thoroughly fleshed out the agreement or contractual obligations with them. Though our client was very confident in the services they were receiving, after reviewing the contract we were still uncertain how the provider supported testing or recovery of the backup data.
With reservations, but in response to our urging, the client contacted their supplier and, after several weeks and many discussions with varying levels of management – leading up to the owner – he found that, while they were backing up a great deal of data, the backup files were wrong for their core processing system to start recovery. In fact, key files they would absolutely need during any recovery procedure were not getting backed up at all because they labeled them as “backup files” – not required for critical processing during usual business. The backup system was simply filtering them out. Clearly we were not concerned with business as usual!
Though our client had previously felt very sure of their recovery capabilities and had, for several years, paid a first-class disaster recovery provider to back their data up, the system had never been analyzed to recognize its clear flaws. While the provider was technically holding up their end of the contract, our client would never have been able to recover from any data loss impacting their core system. Because of a few simple questions and conversations with the back up and core process vendors, this client now has a better sense of certainty with evidence to prove his recovery capabilities!