Disaster Management

 

  For disasters management we intend all the practises to improve and sustain the business continuity of the archive and its data preservation in case of disasters, Some best practises in the IT market can be implemented, connected to different deployment and operational scenarios, such as:
  • use two archives on different media technology.
  • have two archive sites geographically separated.
  • use media copies, to be put offline in a different location.

ARK can implement all scenarios depending on the Customer RAMS requirements.

Disasters Type

Disaster management (or emergency management) is the creation of plans through which communities reduce vulnerability to hazards and cope with disasters. Disaster management does not avert or eliminate the threats, instead it focuses on creating plans to decrease the impact of disasters. Failure to create a plan could lead to damage to assets, human mortality, and lost revenue. Events covered by disaster management include acts of terrorism, industrial sabotage, fire, natural disasters (such as earthquakes, hurricanes, etc.), public disorder, industrial accidents, and communication failures. In this extent also a media longevity not meeting its design specification is a disaster.

 

Use different technologies

Different media technologies have, be design specification, different longevity values. Moreover experience said that operational lifetime is always less than the specs depends also on the media storage conditions such as temperature, dust, magnetic fields. In the past some bad experiences have been done with DLT, where the nominal media lifetime was higly degraded in operations by the number of read/write done and on the operational mode they have been done i.e. full tape reading/writing or partial media read and write. In general media longevity also depends on the number of read/write per week/month (e.g. LTO). 

In some cases, for media recently available in the market, the experience its not yet formed and moreover it would need long time (e.g. Optical Disk Archive states 50 years as longevity). 

For a Long Term Data Preservation system like ARK, if the Customer procuring it has strict RAMS requirements, there is the need to manage two archives, kept aligned in terms of content, but on different storage media technologies. Some examples :

  • mixed magnetic and optical : one archive on LTO and one archive on ODA
  • only magnetic : one archive on LTO and one archive or ORACLE/STK media

ARK allows this transparently at application level. 

Deploy two archive in different sites and the problem of archive alignement

Once that we decide to have two archives, the best is to put them at geograhicall well separated distance, to be able to cope with natural disasters like earthquakes, hurricanes and flooding.

In 2002 and 2003, U.S. federal regulators had planned to require financial institutions to move their disaster recovery centers 200 or 300 miles away from primary sites. However, this initiative had failed not only because the banks have strongly opposed such regulation, but also because it has proved to be quite unfeasible. The situation in the majority of other countries is similar. Most of the regulations that deal with this matter do, however, say there must be a disaster recovery site at a “safe distance”. Note that either ISO 22301 (new international business continuity standard), nor BS 25999-2 (its predecessor), or any of the standards from NIST SP 800 or ISO 27k series are precise about it.

Factors that tend to push the location further away, to be considered in the Customer distaster recovery plan:

  • Earthquakes – if your location is in a seismic-sensitive area
  • Floods – you should position an alternative site out of the same flood plain
  • Tsunamis – you shouldn’t place both primary and secondary location on the coast of an ocean
  • Other natural disasters – e.g. forest fires, tornados/hurricanes, volcanos – if your primary site is close to such areas, the disaster recovery site should be further away
  • Large industrial facilities, nuclear power plants, or military installations – again, at least one of your locations should be at a safe distance Dependence on the same source of electrical power – you should look for locations on a different power grid
  • Even if your risk assessment proves none of the above are applicable to you, take into account risks like pandemic diseases – in such cases, authorities will likely close the whole metropolitan area 

 ACS suggests to have the two archives at a distance of minimum 500 km, to cover most of the above factors.

ARK is equipped with a plugin to manage the archive content alignement between sites, working in background wrt nominal data check in and check out.

 

Media copies

If the Customer has not enough money allocated to the LTDP system, instead of having two archives, one can program a systematic copy of each file on two media, one defined as "the master" and one set as "the copy". The latter one can be out offiline in the robotics and moved in a storage area at a considerable distance wrt to the location where the master copy of the media is operational. This covers the natural disaster but does not protect the system from media longevity risks.