With disasters comes the risk of losing data that’s critical to your business. It should come as no surprise then that some companies that have lost critical data end up going out of business within a year. The recovery of your data is just as important as how secured it is stored. If creating a disaster recovery plan (DRP) is overlooked, it affects not only your business operations, but also your clients who make use of your products and services.
The challenge grows as businesses experience influx of big data. This means that there is an equally increasing need for a resilient disaster recovery plan that’s strategically aligned to drive better reliability and business continuity.Businesses are seeing this need and are now actively creating a DRP that suits their needs. And there are five key aspects to ensure the implementation of a successful Disaster Recovery Plan.
It is good to start fully knowing and understanding the capabilities and identify the gaps (if there are any) in your network and infrastructure. It would be wise to start the process of creating your own DRP with full knowledge of your systems, to understand which DRP solutions would best fit your network’s requirements in order for the DRP to be successful.
Business Impact Analysis
The network audit is a key first step that paves the way for performing a business impact analysis. By now, you should have a list of all the processes that your company uses to deliver your products and services. Partner those processes with the resources (employees, partners, IT infrastructure, and technological assets) they need to power up.
Then start asking yourself these questions:
How is crisis going to impact your business?
If you lose a week’s or a month’s worth of data, would you still be able to operate and deliver your products and services?
In the event of complete wipe out (fire or complete system failure, etc), how long is your business going to function without your data (your maximum tolerable period of disruption or MTPOD)?
What are my business’ legal liabilities should we fail to deliver the agreed upon products and services to our clients?
What’s the warranty status of all my hardware?
Do we have a capable support technician on board who could restore my business data as soon as possible?
Do I have an inventory of all the software and hardware that are critical for my business?
Does my backup work? When was the last time I checked it?
Be sure to address all these (and more if need be) in order to get a full picture of how your business will survive and how much impact data loss would be should a disaster happen.
In order for all project implementation to be successful, careful planning should be done – all T’s are crossed and all I’s are dotted. Since you already have the knowledge from your completed audit, you may just fill in the details and as the IT Manager, assign key people in the company with their roles and responsibilities during a disaster recovery scenario.
Make sure the communication channel is clear and that people know who their primary, secondary, and alternate contacts are during this time. A strong chain of communication can be the difference between a temporary outage and a big business disaster.
Since you would’ve known by now your maximum tolerable period of disruption (MTPOD), it is time you plan for your Recovery Time Objective (RTO) – the goal you’ve set for how long a recovery will take.
With this goal in mind, start preparing the recovery plans for each team and department of your company.
These plans should include:
Tasks that need to be done in a crisis
People assigned for each specific task
Key contact people for communication
Hierarchy of priority information to be recovered
How much data stored in a hard drive or cloud at a time
Regular backup testing
Regular network auditing
This basically your Standard Operating Procedure that all of the company employees are aware of, completely understand, and would be able to implement in the event of a crisis.
Backup and post-disaster storage are of utmost importance as any of the key elements in building your own disaster recovery plan. For this part to be a success, partnering with a trusted and reliable brand or company for your backup and storage method and provider is key.
There is no one-size fits all backup storage solution. Each company’s needs are different, with regards to how much data is needed to be back full swing after a disruption or compliance regulation.
Small-scale companies or those with non-specific needs could opt for managed backup providers or go for cloud backup services.
Large companies with more specific data requirements can choose an in-house solution that’s tied in with their existing IT staff.
Companies that are gradually growing could opt for a backup solution that’s scalable and could grow with their needs without too much hassle on costs and hardware.
So now, what are the key requirements for choosing a backup solution?
Recovery data should be kept in multiple different physical locations by a significant distance. (e.g redundancy and duplication of stored data in multiple data centres by cloud providers)
The recovery data should be stored securely in a physical media not located in your office. (e.g HDD stored in a firebox)
Warranty status of hardware coincides with your RTO (e.g next business day warranty)
What makes for a prompt recovery to take in place in the event of a crisis? Great detection and monitoring. This includes having a system in place that keep tracks of and alerts you of disasters – the obvious and especially the non-obvious ones like fire or outage when no one is in the office, physical or cyber intrusion with malicious intent. The faster the detection, the faster you can jump right into your planned recovery process.
Make sure you have created a “survival gear box” that contains the following:
Business continuity plan documentation
Team and department recovery plans
Key information about IT infrastructure
Product (hardware and software) serial numbers
Contact information of key personnel during crisis
Practical items – bottles of water, flashlight, first aid kit, cellphone, laptop, canned food
A good recovery plan should be tried and tested to ensure that it will indeed work in a time of need. Running crisis simulations and practicing test runs should be all you need to do to know the extent of how effective your DRP is. Be consistent in testing your backup – whether it be monthly, quarterly or yearly. Recover data in another computer or laptop and see if it runs smoothly to test out the integrity of the data backup solution.
If creating your own disaster recovery plan seem to be overwhelming and complicated, you can give us a call and we could help. We’ll start with a network assessment to check the integrity of your IT system and create a plan based on the results and your goals.