Building a Disaster Recovery Plan

Disaster Recovery Plan

Your business can be seriously impacted if your networks and IT infrastructure go offline unexpectedly. Whether you are running a small start-up or an enterprise, a crises do happen, and should be expected.

However, if you are prepared for IT outages, you can restore business operations quickly. A disaster recovery plan is, therefore, essential to minimise losses in the face of a breakdown.

What is a Disaster Recovery Plan?

A disaster recovery plan or DRP is a document created by a business with details on how to respond to situations such as natural calamities, pandemics, cyber-attacks, power outages and the like. A DRP primarily contains strategy for damage control, so that you can quickly resume critical operations in the event of a disaster.

One of the first things a company stands to lose in the face of a breakdown is data. It is important to note that DRPs can be triggered even by small events that might not necessarily be thought of as a disaster. Even a seemingly small incident such as an electrical fire or failed air conditioning can destroy a company’s valuable data by bringing down its servers.

Best Practices for your Disaster Recovery Plan

DRPs should contain hardware and software inventory

Your company’s DRP must include a complete list of hardware and software items. Begin by naming priority elements at the top and finish the list with the least important ones at the bottom. This will form a checklist which your team can quickly go through in the event of a disaster.

You can either make one inventory list with both hardware and software elements or two separate lists if your business has a lot of different items. Vendor contact information, if applicable, must accompany each item on the inventory for technical support during an emergency.

Define downtime and data loss tolerance

If you own a restaurant, your technology requirements might be limited. However, if you are running an eCommerce business, your servers cannot go down even for a few seconds. Place your business on this spectrum and evaluate a reasonable recovery time objective (RTO) and a recovery point objective (RPO).

By analysing these two metrics, you can prioritise what you need in the face of a disaster. Divide your inventory list into three categories to do so:

  • Hardware and software applications that your business cannot survive without. These mission control items cannot be down for more than a few seconds or minutes;
  • Applications your business can survive without for at least 8 to 10 hours, and in some instances, up to 24 hours; and
  • Items and applications that your business can survive without, for at least a few days.

By classifying items in this way, you can prioritise recovery.

DRP should distribute responsibilities and identify in-house personnel

Your DRP must lay out the critical roles of all the parties involved, along with their contact details. Identifying and documenting responsibilities helps the team move straight to resolution as roles are already defined. This is especially critical if third-party vendors are involved, as they too need to be aware of their responsibilities for the disaster recovery process to work seamlessly.

Conduct sessions with senior executives down to front-line employees to make sure all stakeholders understand the disaster recovery process. Share protocols including contact information of relevant people to get the systems running as soon as possible.

DRP should create a robust communication plan

It is no secret that effective communication is the key to avert a crisis, but you would be surprised how often it is overlooked. Ensure that your disaster recovery process includes a good communication plan. Answer questions like:

  • How will you communicate with your employees during a crisis?
  • How well trained are your employees when it comes to accessing systems needed during a DR event?

Educate your staff on alternative platforms of staying in touch as email and chat applications might not be available during an emergency.

Valid and reliable means of communication must not only extend to employees but also third-party vendors and remote associates. These channels must allow stakeholders to sustain contact even beyond the initial notification of crisis.

DRP should create and list a backup site

Depending on the nature of your business, you may need backup infrastructure (such as leased dedicated server) in the event your primary datacentre is unavailable. Similarly, your team may need an operational worksite with adequate equipment, communication, and electricity backup in the event of a disaster. These contingencies should be accounted for in your Disaster Recovery Plan.

When writing your DRP, list out compliance requirements to help staff ensure that data remains confidential, and that they are enough safeguards against misuse.

Over to You

A Disaster Recovery Plan is not a static document. You should regularly review and update it, given the constantly shifting digital landscape of business. For example, if your company’s tolerance for data downtime changes or key personnel leaves, the DRP must reflect these changes as they happen.

Make sure that your disaster recovery plan is updated so that your business is protected.

If you are looking for a disaster recovery plan, Intergrid is the right partner for you. We ensure that our clients’ valuable data remains safe. Our datacentre solutions helps you store data off-site, which can be made available easily. Also, our Backup Cloud product helps consolidate your data and can be easily accessed from anywhere. Get in touch with Intergrid to find out more.