What would be the consequences for your business if you were unable to operate due to a man-made disaster such as a power outage or a natural disaster such as a flood or fire? Do you have a disaster recovery plan in place? If you take the time to develop a Disaster Recovery Plan you will save your business time and money should a disaster occur. Let’s look at the three basic steps involved in building an IT Disaster Recovery Plan (DRP).
1. Perform a Risk Assessment
Before you can create an appropriate recover plan you need to carry out a risk assessment (RA) and/or business impact analysis (BIA) in order to identify the IT services that support critical business functions and the impact of a disruption to them. The BIA helps you to define those areas of your business that are considered most critical and your RA helps you identify and quantify the internal and external risks (by determining the likelihood of occurrence) that threaten the operation of critical business activities.
Once you have done this you will have established a framework which will assist you decide on what to include in your plan.
Some factors that should be considered are:
- physical location of the computers and equipment and availability of alternate work areas
- hardware and their functionality in the case of disaster
- connectivity to the network and to outside communications
- e.g. methods of data storage, availability of technical support etc.
- availability of resources
- human constraints e.g. potential for duplication of critical skills
- technological constraints e.g. access to equipment space that meets requirements
- regulatory obligations
- data loss: this can be caused by file corruption, problems with storage, hacking and malware or a problem with hardware or software. You will need to consider your data protection strategy.
2. Prevention, Detection & Correction
You should include three different types of measure in your disaster recovery plan: preventative, detective and corrective.
Preventative measures are designed to prevent or mitigate an event resulting from human error from occurring. These measures may include things like regularly carrying out offsite data backup or access to cloud backups.
Detective measures help to detect or alert your business to unwanted events, such installing a fire alarm or updating your antivirus software.
Corrective measures focus on restoration following a disaster. Such measures may include having suitable insurance cover or storing critical documents in your Disaster Recovery Plan.
Your plan should include a succession plan of IT services and IT support. Your plan needs to detail how your IT services will be restored following a disaster and allow you to begin to operate your business again. The plan should follow the priorities outlined in the business continuity plan. Systems should be restored in the order of priority for returning the business to operational status.
3. Test your plan
Once you have developed your initial DRP it is important to ensure your whole team is prepared to execute the plan when required. You should test your plan periodically to check if there are updates or changes that need to be made. All of your employees need to be aware of their roles. Make sure that all of the items that are necessary in the event of an emergency are accessible off-site. Regularly visit the off-site location and walk through the process of accessing your systems, software, data and connectivity to simulate a disaster situation.
Preparation is the key to developing an IT disaster recovery system that will allow your business to operate continuously in the event of a disaster. AWD can advise you on the suitability of your current IT disaster recovery plan and even become part of your DRP. AWD’s layered data protection strategy can help you ensure that you always have a version of your data onsite and offsite with several points of failure.
Should you experience a manmade or natural disaster AWD can assist you with restoring essential data and advise you on the right IT solutions to prevent your business from losing it again. Contact us today on 1300 855 651 for expert advice on safeguarding your business.