Disaster can strike at any moment, and there’s no convenient time for it to strike. On top of its unexpected timing, it can devastate any business. According to the UK’s Department of Trade and Industry, 70% of businesses that suffer a major data loss go out of business within one year. Knowing this, it’s critical to have a solid disaster recovery plan prepared, in case the worst should happen.
An effective data disaster recovery plan is split into three parts: planning, storage, and recovery. Each part is equally important, and each one should have a detailed plan of its own. In this blog post, we’ll outline how to build a disaster recovery plan so you’re prepared to handle any unfortunate event and be back in business as soon as possible.
PLANNING
A solid disaster recovery plan requires that everyone involved knows their role and is ready to act on a moment’s notice. Designate someone to oversee that all preparations are laid out and that all critical data is backed up on a regular basis. Ideally, this is someone other than you, since you as the business owner will want to go back and double check their work.
This is the second key aspect of planning for disaster recovery — always make sure processes are checked and double checked. Set up all channels of communication so that everyone knows who to call as a primary contact, and who to get in touch with if the primary contact person is unable to be reached. Make sure that everyone knows who the person to contact is in case of a major IT issue, as well as who the alternate contacts are. Maintaining a strong chain of communication can be the difference between a temporary outage and a major business disaster.
STORAGE
Storing your data securely for a post-disaster recovery is just as important as planning. The first step to storing and protecting your data is choosing a backup and storage method and provider. There are a variety of options available for backup and storage, and choosing the right one is based largely on the unique needs of your business.
Larger companies with more involved data needs can opt for an in-house solution using their existing IT staff. Smaller companies, or those with more generic data needs, should instead look at one of the cloud backup services or managed backup providers. Whatever option you choose, it’s important to make sure it meets two requirements:
- Your recovery data should be kept in multiple physical locations separated by some distance. Most cloud and managed backup providers already guarantee this level of duplication and redundancy by distributing your stored data across multiple different data warehouses in multiple locations. However, if you go with an in-house or custom solution, make sure that backups are not all located in the same datastore, and certainly not in the same building as your offices.
- Your recovery data should also be stored on physical media somewhere in another location, in case a recovery is necessary and an internet connection cannot be established. Magnetic tapes are the best form of backup due to their longevity and ease of storage, but DVDs or CDs can work well for short term storage.
RECOVERY
The recovery step begins with creating a policy of detection and monitoring. Your disaster recovery plan should include a system for carefully keeping track of your data in case of less obvious disasters, like fires when you are out of the office, malicious intrusion (either physical or cyber), power outages, and the like. The faster you learn that your data is in danger, the quicker you can react, and the easier the recovery process will be.
Like we mentioned before, every employee should know exactly who to contact in the event of a major disaster. Assure your employees that their safety is your top priority. If you’ve been regularly backing up your data properly and storing it offsite, losing equipment in a disaster is only a temporary setback. Be sure that you know where your data is and how to retrieve it. Practice complete recovery drills throughout the year so that everyone on your staff knows what to do should a crisis occur. Learning an unfamiliar system will only add confusion to all the post-disaster stress.
It is also important to establish a plan for what needs to be recovered first, where all your priority information is, and how to get to it. For many businesses, this will be customer-facing data, such as websites, client login portals, and any information that your customers need to access. The plan should also include sensitive business information.
Establishing a disaster recovery plan before you need it makes the time between disaster and recovery much shorter than it would be without one. Even more, the upfront work required to implement an effective plan is minor compared to the risk of losing your business. Be one step ahead of most business when it comes to unexpected crises—plan for the worst, and you will be able to weather any storm.