In our last blog post, we discussed the importance of having a Business Continuity Plan as part of a comprehensive set of plans to protect the critical assets that your company depends on for continued success. One of the key components of a Business Continuity Plan is the ability to create, implement, and execute a Disaster Recovery Plan. A Disaster Recovery Plan allows a company to respond accordingly to a disaster in all its forms. So, the question is: What’s a disaster? Does it mean that you just lost the ability to do business? If so, how do you recover? How do you ensure that your clients can continue doing business with you? The initial key is understanding what constitutes a disaster to your business. This could be:
- Server outage issues
- Human user error
- Power outages
- Malware attacks
- Ransomware attacks
- Updates that have gone wrong
- Weather anomalies
- Fire damage
Once you have created a Business Continuity Plan and know what critical assets you must protect, you can also become more attuned to what disasters are most likely to affect your business. Perhaps your company is not in a flood zone or earthquake area, or you have power backup. However, you may be more susceptible to malware attacks due to the data you are housing. Or perhaps you have a high turnover of personnel due to contracting, and there is a possibility of human errors. All these considerations will lead to you understanding what scenarios you need to prepare for. These scenarios will be key in Disaster Recovery documentation and preparation.
Now you might be ready to create a Disaster Recovery Plan. Let’s look at the steps you should consider:
- Start the plan by determining which assets are most critical and what scenarios are most likely to affect you.
- Identify the potential scope of the disaster. How far could it spread?
- Designate a team of different business unit leaders who can make the hard decisions.
- Appoint contacts (both internally and externally) for emergency purposes.
- Ensure roles and responsibilities are understood.
- Designate proper backup sites, whether they be in a different state, country, or perhaps in the cloud.
- Perform scenario testing (tabletop) with the proper personnel to understand actions to be taken during a disaster.
- Test the backups to ensure that when a disaster happens, data will be available within your expected timeframe.
- Probably most important of all: Maintain the plan to reflect your organizational changes. Don’t leave it on a shelf, never testing or adapting it to your evolving ecosystem.
At ConvergeOne, we have helped many clients create, implement, test, and maintain Disaster Recovery and backup solutions specific to their risk levels and security requirements. Contact us to discuss how we can help you succeed during some of the most stressful times in the life of a business. Remember, as Kafka stated: When you need a plan, will you have one? Ultimately, it’s all about availability—on all fronts.