Could you run your business without your email? Could you run it without your service? What if you had an office fire? I’m not trying to scare you, but if the thought of any of those was terrifying to you, it’s probably a sing that you don’t already have an effective disaster recovery plan in place.
Disaster recovery refers to a company’s procedures and strategies to protect from and mitigate the effect of “disasters” that could impact their operations. A “disaster” might refer to…
- A fire in your office damaging your equipment
- A ransomware attack on your critical infrastructure (like your servers)
- Major data breaches
- A sustained period of downtime for your communications tech
For each organisation, the threats they face, and the scope of possible disasters would be different and so their disaster recovery strategies and the procedures that will need to be implemented by them (or their managed IT provider) will also vary. There are a few basics, however, that any good disaster recovery plan should include;
- An established goal
- A timescale for a return to minimum viable operations
- A timescale for return to full operational capacity
- A detailed IT network diagram
- A designated recovery site (this may include work from home provisions)
- A process for restoring your business-critical data
- Specific roles for certain staff members as well as replacements if that staff member is away on that day
These are the basics for any company, but there will be other considerations to make that will be unique to your organization, industry or premises. As the circumstances of your company shift, you should, in turn, update your disaster recovery plan.
You can test your disaster recovery plan periodically, much as you would for any other emergency plan like a fire drill. Each staff member should know their duties and responsibilities in a disaster situation. The best way to be prepared is to frequently rehearse your disaster recovery plan. Hopefully, you may never need to implement your disaster recovery plan, but you should still be confident that you can implement it if needed.
Disaster Recovery Technologies
There are several technologies involved in an effective disaster recovery plan. These include cloud technologies. Many businesses use cloud services such as Microsoft Azure or Amazon AWS for disaster recovery backups. Technologies like VoIP telecoms can
DRaaS (Disaster Recovery As A Service)
More companies have recently hired managed IT support providers to develop and execute their disaster recovery plans. This is often referred to as disaster recovery as a service (DRaaS). DRaaS also includes the use of cloud services technology such as Amazon AWS disaster recovery. A company’s entire system is constantly backed up to a secure off-site cloud platform.
One of the benefits of DRaaS is that as a cloud solution, it is less expensive, easier to implement and easier to test. In order to use cloud disaster recovery as a service effectively, it is critical that your business has ample bandwidth available so it can manage the high volume of data required to back up an entire system in one go.
Recovery Point Objective and Recovery Time Objective
Two important considerations in any disaster recovery plan are what are known as the Recovery Point Objective (RPO) and the Recovery Time Objective (RTO).
The Recovery Point Objective refers to the age of files to be retrieved by an agency to restart their business operations after a disaster. The minimum permitted frequency of data backups is defined by the recovery point objective. If a company has a four-hour RPO, for example, the network must back up every four hours at least in order to comply with the RPO.
RTO stands for Recovery Time Objective. This is the maximum time permitted for the disaster recovery plan to be executed effectively. Described another way, this is the maximum allowed amount of downtime that could be sustained by your company. If your RTO is 2 hours, your entire disaster recovery plan will have 2 hours to be completed.
It can be tempting to say, “Well, I need to restore all my data and I need it immediately,”. That’s possible but will be very expensive. Instead, be rational about both your RPO and RTO. Be truthful on what is really needed, as this will balance your recovery needs with your budget.
Building Your Disaster Recovery Plan
Your organization’s disaster recovery plan will differ depending on your business needs. The easiest way to set up a disaster recovery plan is to contact a third-party managed IT service provider that specialises in disaster recovery. They will work with you to devise an effective disaster recovery plan for you. Determining your RTO and RPO, evaluating it, setting up systems like AWS for your disaster recovery and helping you implement your plan if and when it is ever required.