Combining the words ‘disaster’ and ‘recovery’ can sometimes feel like it has a very dismal and ominous ring. However, the point of planning for business disaster recovery (BDR) is not so much about putting sandbags out to prevent a flood, but rather making architectural changes to the landscape to stop the flood from happening in the first place, and then divert it if it does happen. Here is what you need to do to achieve complete security.
1) Risk Assessment
At the heart of every good BDR plan is a thorough and updated risk assessment. This involves asking several key questions regarding possible scenarios and outcomes. The more critical thinking involved, the better the risk assessment will be. It can help to outsource this part of the process, as some of the elements – such as calculating potential cost per minute of downtime – can be quite difficult.
However, the aim is to identify every possible thing that can go wrong, and what will happen if it does. Once you know where the weak links are, plans can be put in place to either prevent them from happening or to respond to them if they do happen.
2) Business Continuity Planning
Disasters are best managed when they are background events that interrupt work rather than causing a catastrophe. For businesses to sail through an IT interruption episode, it is necessary to know which systems need to be prioritised and how to get these up and running swiftly.
Good business continuity planning involves having designated personnel and pre-rehearsed roles, as well as the correct resources. As businesses go through both subtle and overt changes over time, this is something that benefits from regular review.
3) Implementation
All companies have a fire drill, and disaster recovery planning works on the same principle. A fire might burn down an office, but data loss can burn down a company. Testing a plan not only helps to demonstrate its efficacy but keeps employees up to date with what to do if the worst should happen so that the response becomes automatic.
The best way to test implementation is to practise a range of potential scenarios, such as different types of cyber-attack. For example, ransomware can be very psychologically intense for employees, and this is something that can be prepared for.
4) Restoration
Getting up and running again is vital for business continuity. Cloud-based BDR systems are the key to this and can be extremely effective at getting systems on their feet in a matter of minutes. However, full restoration can take several weeks. Having a good plan in place and a managed backup and disaster recovery service will speed this up, but if an attack has slipped through your current systems, changes will need to be made in order to prevent a repeat episode. This might involve data cleaning, new hardware and new software. Factoring in the necessary GDPR reporting compliance is also important.
Next Steps
Start by reading up on the topic. At Technology Means Business, we offer both support and information. Download our free Disaster Recovery Guide to learn more.
Image source: Pixabay
