Disaster Recovery Plan to Ensure Business Continuity

September 3rd, 2018
Disaster Recovery Plan to Ensure Business Continuity

IT-Disaster-Recovery-Plan

Disasters do not come with a warning. A tornado might strike tomorrow, your computer might crash the next moment or your phone may fall victim to a hacker. All these potential hazards put your data at a great risk since you can lose access to it all any moment unless you have a reliable data recovery plan in place.

When we talk about ‘disasters’, we do not only mean natural disasters. We mean everything that can put your data at risk, which may be something as small as a short circuit or something as major as a theft.

This is why companies have data recovery plans that guide what to do in case a disaster strikes so that the business can be up and running with as little downtime as possible.

What is a Disaster Recovery Plan?

A disaster recovery plan is basically a backup plan designed to ensure business continuity. It is in a written form – often with the help of an IT consultant - with guidelines to follow in case of a disaster. It ensures that the IT system keeps on running no matter what.

Since we do most of our jobs on the computer today, the IT department is of more importance than ever. It going down can take the whole business down, hence there is a need for a reliable recovery plan.

Why is There a Need for a Disaster Recovery Plan?

Simply because of the potential losses. Let’s have a look at some stats:

  • One hour of downtown can result in a loss of about $84,000.
  • According to a Touche Ross study, only 10% of companies can survive a disaster if they do not have a disaster recovery plan. In fact, 60% fail within six months of the incident.
  • Downtime is very common. In fact, about 54% of businesses experienced one full day of downtime in the last five years.

What are the Potential Risks?

Businesses should assess risks and identify potential vulnerabilities. These include:

  • Natural Disasters: Natural disasters such as earthquakes, fires, and rains impact about 30% of all small businesses. Hurricanes appear to be the most destructive. They can lead to power failure, hardware issues and closure for a long time.
  • Operational Disasters: About 45% of all outages are operational. These includes hardware failures and software issues.
  • Man-made Disasters: Believe it or not, man-made disasters such as viruses and ransomware are very common as well. About 10% of all issues faced by small business are due to man-made disasters. In fact, 70% of all successful network attacks are carried out by insiders.
  • No or Poor Recovery Plan: Only 5% of businesses check their recovery plan once a month. About 22% never check it and about 33% have a look at it once a year. Moreover, less than 10% appear to be satisfied with their plan.

The risk factor changes from business to business. It is very important to identify these risks and to come up with a reliable solution.

Moreover, there is a need to concentrate on all that can go wrong and not stick to just one ‘worst case scenario’ that may cause managers to neglect other risk factors.

The focus should be overall – to manage the situation – and not to prevent one occurrence.

Disaster Recovery Plan – Where to Get Started

Google “disaster recovery template” and get started. You will get a template which you can edit according to the nature of your business.

The plan should be well detailed with steps to follow in case of a disaster. It should highlight:

  • The goal of the plan.
  • Contact information of the recovery team.
  • Actions to take in case of an emergency.
  • Explanation of the IT network with a diagram.
  • Way to the recovery site.
  • The most critical assets.
  • The maximum acceptable outage time.
  • Software with details that will be needed during the recovery.
  • Insurance details.

In addition to this, you must be aware of terms such as Recovery Time Objective (RTO) and Recovery Point Objective (RPO). The former defines the maximum number of hours a business can be down (RTO = 2 = the system cannot be down for more than 2 hours), the latter defines how often the system must backup (RPO = 4 = system must backup every 4 hours).

Moreover, the plan should be easy to understand and be readily available.

What to Do After a Disaster?

Assess the situation to judge how useful your plan was. Pay attention to all factors, such as how much damage the system had to bear and what all was affected.

The Future of Recovery is In the Cloud

A lot of our data is already in the cloud, and what isn’t there needs to be there. While many businesses use free cloud services, there’s a need to turn to professional cloud hosting services that are affordable, easy to deploy and also reliable.

Cloud is usually very easy to use but may need the company to improve its capabilities in terms of bandwidth.