How Far is Far Enough for the Disaster Recovery Site

 I am sure you must have had this question asked at least once, if you work in an area that deals with business continuity. Whether you represent business or technology, you would be losing a good night's sleep over it. Should we be creating the DR within 25Kms, 50Kms, 100Kms, or 500Kms, across the country, or across the continent? Question becomes even more complicated when you are dealing with a vendor hosted solution. Regulators also do not provide a straight answer except having it at a safe distance. Like many things in life, there is no one-size-fits-all answer to this question. It depends on a lot of factors that I will cover below.

Internal

There are things that you can control when it comes to planning a DR site. If planned meticulously, it will avoid many issues later when it's time to actually fall back on DR.

Power: 

You must not place your DR in a zone that is backed by a single source of electricity for both DC & DR. that is a big no-no. Ideally if you can afford, power must come from at least two redundant sources for each site, so that if DC is down, and one power source is also down for the DR site, you are still surviving on the fourth power source. Other option is to have a power generator on site that could run on gas or diesel. Have sufficient amount of fuel stored at a safe place.

Latency:

If you have latency sensitive applications, then you want to keep that below the threshold. Latency is directly proportional to physical distance. Higher the distance, higher the latency. If you have the DR site within 50 kms, it could be as low as 5ms. If you have it in another state/province, then it could be up to 30ms. If you have it in another country (let's say from Southern Canada to Southern America), it could be anywhere between 80-90ms. If you have it in another continent (let's say from anywhere in Canada/USA to anywhere in India), it could rise to the 300ms level. You catch my drift now. You don't want your latency to be too high, because then it will affect the performance of your application due to increased lag times.

Telecommunications:

Each of your site must have redundant connectivity from two different suppliers using disparate paths. Whether it is internet line or private line, you need to build redundancies. If you can't get two different service providers for some reason, ask the same supplier to provide it on different routes and different last miles. If your primary last mile is wired, have the redundant last mile on wireless. If the wired last mile is disconnected because of construction in the area, then you are at least connected through wireless. Have two dark fibers sync the two sites using the same principle of redundancy. 

RTO:

Consider the RTO for your application, and decide how much would it take the engineer to reach the DR site, do the repair , test it and bring it back online? Farther the DR site, more the time your engineer would take to reach there, and lesser the time (he/she/they) will have for remaining activities. Then we are talking about putting the RTO at risk of failure. Add more time to coordinate if the application needs vendor support, you need to open a ticket, get a resource. RTO (along with latency) is one big reason, why it is discouraged to have DR and DC site at extreme distances (think East Coast and West Coast) of each other.

External

Natural Disasters:

You can control the internal factors to a great extent, but then there are factors that are macro and unpredictable in nature. It's the nature itself. You don't want to have your DR site in a zone that is prone to earthquakes, floods, tsunamis, tornadoes, hurricanes, volcanoes, forest fires and other forms of natural disasters.

Pandemic:

COVID-19 taught us many lessons, and we need to consider how will we access the DR that if pandemic strikes. Like what happened in few countries, travel was banned between states and provinces. Consider the possibilities of not being able to access the DR due to pandemic.

Political and other factors:

You do not want to have your DR site in a country that has a high risk political climate, civil unrest, is prone to wars or a city that has a nuclear plant, a military base or an explosives factory.

Considering these factors, you can't have the DR site too close or too far. So what is the right distance? Experts advise that the ideal distance is between 50Kms - 100Kms (+10% variance). Critical business applications must be hosted more than 100Kms away (or 62 Miles away if you are in USA). Try to have the DR site in a different region and different zone first, followed by same region and different zone. Avoid having it in same region, same zone because then you are inviting trouble. Plus, I can't stress more on the importance of doing regular DR Testing and Drills. You can discuss with your technology team, if Cloud Service Provider is an option for hosting DR site. 

A well planned DR site can be a boon for your company, your employees, your customers, and your partners. It helps in business continuity planning and a higher uptime, something that everyone values.