If your business has ever been affected by an event such as the current flood crisis and recent closing of the Forth Road Bridge, you likely wouldn’t argue that it’s crucial to have an effective disaster recovery (DR) strategy in place. However, while creating a DR plan is a great start to minimising financial loss and threats to your company’s survival in case of a business interruption, that’s only step one. If you create your plan and then neglect to test, adapt and review it, you risk overlooking defects in your DR strategy that, like the Forth Road Bridge, crack under pressure.
To be effective, your DR plan should include the actions to be taken before, during and after a disturbance to minimise the disruption of critical functions, recover operations successfully and provide a sense of security for your employees. With it being the start of a new year, what better time to take steps to create or update a DR plan for your business?
Below are some of the important elements your DR strategy should include.
The Commitment of Top Management
Top management must be involved in the planning process, because they will be able to provide the time and financial resources necessary to help the DR plan be effective within your organisation.
An Established Planning Committee
Considering all the aspects of recovery after a disaster is necessary, so representatives from each department of the company should be included in your DR planning committee to oversee the plan’s development and implementation.
A Risk Assessment
Once the DR planning committee is established, they should perform a risk assessment. The assessment should include a range of disaster scenarios, such as inaccessibility of data, loss of communications, an uninhabitable facility, etc. After developing scenarios and determining how they affect each department in the company, assess the associated costs.
Ranked Departmental Priorities
Each department must maintain different critical functions to remain operational after a disturbance. Identify what these critical functions are and rank them as essential, important or optional priorities.
Recovery Strategies
Your business’s recovery strategy should reflect its individual recovery requirements. The first decision to make is whether or not backup resources, such as equipment and a secondary facility, will be provided in-house or by a third party.
While in-house recovery strategies give the planner more control over their specifications, it can be expensive to keep up with maintenance, depreciation and replacement costs. Contracting a third-party provider can help you save on the overall expense of purchasing and maintaining a backup facility and equipment.
Testing Schedule
Test and evaluate your DR plan regularly to identify problem areas that need revision, address missing recovery steps and prepare your staff before a disaster occurs. If your staff has already walked through a disaster scenario, they will know what to expect when a real disaster occurs, making your business’s recovery a smoother operation.
DR planning should address all of the aforementioned criteria to help you prepare for a disaster so your business can continue to function and serve customers.
[su_box title=”About ITS” style=”noise” box_color=”#336588″]ITS is a nationwide Managed IT Services provider, delivering UK-based services to business of all sizes. ITS offer a broad range of IT services including: managed backup and recovery, tailored UK cloud hosting; complete infrastructure implementation; flexible telephony solutions and web creative services to businesses across the country.
Since the 1960s when ITS first transitioned into computer services, various mergers and acquisitions, have developed into the brand we know today. Formally known as Kalamazoo, ITS is now part of the global IT software and services provider Reynolds and Reynolds. In total, Reynolds and Reynolds employs over 4,300 people worldwide and has operations throughout Europe, Canada and Mexico as well as those in the UK and US.
With three regional offices located in the UK and field engineers stationed from Edinburgh to London, ITS offers customers minimum downtime through various forms of IT support, hardware break/fix and disaster recovery services. The ITS wholly-owned data centre facilities offers customers bespoke “private cloud” services with a single point of responsibility. This key feature means ITS can offer clients a degree of security and visibility that many cloud providers cannot match.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.