Business continuity and disaster recovery (BC\/DR) solutions are many and varied. Which one is right for your company? Your Board of Directors is demanding a complete BC\/DR program, your CEO wants it done yesterday, service providers are promoting their services and calling on you all hours of the day, your different lines of business only care about their IT needs, the media is full of news about the latest and greatest cloud recovery technologies ... and the list goes on. So how do you even begin to move forward when a hundred voices are clamoring for your attention, your money, and your resources?\nLet\u2019s start by cutting out the noise. Forget the hype, the pressure, the latest and greatest. Here are the four secrets you need to pick the right BC\/DR solution for your company.\nSecret #1: Understand the business requirements: these drive everything else.\nI always encourage clients to take a \u201ctop down\u201d approach to understanding BC\/DR business requirements. Here\u2019s why. Suppose you have an IT guy sitting in the bowels of the company. He has responsibility for a particular application cluster. If you call a meeting of your IT staff and say, \u201cWhat are our business requirements for availability and DR? What do we need to focus on?\u201d this guy is going to say, \u201cMy application cluster is critical \u2013 it should be one of our priorities.\u201d After all, it\u2019s his baby and to him, that cluster is mission critical.\nBut is this guy\u2019s application actually mission critical? Maybe, maybe not. To avoid the disconnect that can occur between the IT group and those who run the business at the highest level, you have to start at the top and work your way down. Gather the executives from the different divisions or lines of business and ask, \u201cWhat must be recovered immediately if an outage or disaster strikes? What are the absolutes that we cannot function without?\u201d This approach is going to get an entirely different set of answers than the IT team, working alone, would come up with.\nSecret #2: Know with certainty what is necessary for disaster recovery: minimize scope and complexity.\nOnce you have gathered the full set of business requirements, you\u2019re going to have to engage in some ruthless prioritizing. I say \u201cruthless,\u201d because people are very protective of the business applications they support. Just like the IT guy we talked about before, people are often biased in favor of their own backyard; that\u2019s just human nature.\nBut the fact is, you can\u2019t recover everything at once, in no time flat. You have to be very firm on that point. Some applications do need a Recovery Point Objective (RPO) and Recovery Time Objective (RTO) of near zero. They\u2019ve got to be up and accessible all the time, no matter what\u2026 but there are other applications that can tolerate recovery times of 1, 2, or even 3 days before they are back to normal. We call this prioritization process \u201ctiering.\u201d\nIn other words, we decide which applications are more critical than others, and we come up with a plan to recover them in order of priority. By doing this, we can put them into \u201cbuckets\u201d of technology, with each bucket providing a pre-planned recovery time and point objective meant to meet the business requirements.\nSecret #3: Understand current and future projects and initiatives to ensure they\u2019re considered.\nHaving established what is going on in your IT enterprise and how important it is to the business, you have another question to ask: \u201cWhat else have we got coming down the pike?\u201d You want to be aware \u2013 right from the start \u2013 of any changes in the future IT landscape: changes such as application migrations, network enhancements, or even new cloud platform deployments. It\u2019s also critical to be aware of any major changes to the business such as acquisitions or divestitures.\nAll of these things could cause a major shift in the requirements, and the last thing you want is to start the process of deploying a major BC\/DR project and have to switch gears halfway into it because you failed to consider known changes. That will cost you and your company a lot of money, and it could very well cost you your job.\nSecret #4: Map your critical business applications to the underlying IT infrastructure.\nThere is one more important thing you\u2019ll want to undertake upfront: mapping your critical business processes to the underlying IT infrastructure, and documenting any interdependencies that exist between them.\nYou never want to be caught by surprise in a business continuity or disaster recovery situation because you didn\u2019t account for application and data interdependencies. For example, if Process A can\u2019t run without Application B, it isn\u2019t going to do any good to have Process A placed in Tier 1 if Application B is in Tier 3! Application B has to be at least as high a BC\/DR priority as Process A, and possibly even higher \u2013 otherwise, Process A won\u2019t get back online. Mapping processes to the IT infrastructure will reveal hidden interdependencies, ensuring that you identify all the truly mission critical components of the business.\nSo there you have it: 4 secrets to picking the right BC\/DR solution for your company! Once you\u2019ve nailed these down, you\u2019ll have the foundation necessary to arrive at a business continuity and disaster recovery solution that works for you.