Disaster Recovery: Are You Ready for the Big One?
The world can be a dangerous place. Every day, people put more and more data out in “the cloud,” and every week, there is a data breach in the headlines. With the increased reliance on computers and the cloud for storing data, it’s easy to forget that all it takes is one spilled glass of water to turn that finely-tuned laptop into a paperweight, and one careless employee or contractor to expose all your confidential information to the world. Disaster lurks around every corner. Are you ready for it?
Examples of common disasters.
Information Technology disasters range from the mundane to the bizarre. You have computers reach their end-of-life every day; they become unreliable and eventually they fail. Internet and power outages are regular occurrences for most businesses. And there are malicious players out there that want to get at your data because they believe that someone, somewhere, is willing to pay them money for it.
There are also less likely but all-too-real disasters that happen only occasionally, but with devastating consequences. And it’s not only hurricanes or earthquakes: In one of the early computers, a moth flew into the computer and caused a short-circuit, giving rise to the often-used term “bug”. Or a car may crash into a bridge post, taking down power for the section of the city where your business resides.
How to prevent a disaster from being disastrous
Unfortunately, you can’t stop disasters from occurring. However, you can prevent the external disaster from becoming a disaster for your company with some planning and preparation. There are many things that need to be protected when disaster strikes, such as your personnel, your data, your equipment and your business’ reputation. For the sake of brevity, this article will focus on preventing data loss.
The three “P’s” of disaster prevention are “planning”, “preparation” and “practice”.
The key to preventing an external event from becoming a disaster is having a plan.
- When starting their planning, many people fall into the trap of identifying every possible bad thing that can happen and quickly become overwhelmed. Instead, begin your planning by identifying what the disasters could be at a high level. What you need to focus on here is the net result instead of the disaster mechanism. It doesn’t matter why the power went out: You need to plan for power failure as a category.
- For each disaster category, the plan should identify what you would lose in case of a disaster of that type occurring. For example, if you are looking at data loss prevention in case of a power outage, it may help you to prioritize the data into critical, important and miscellaneous.
- Data is critical if you will need it and can’t re-create it. Data is important if you will need it and have the ability to create it again. Data that you won’t need should be considered miscellaneous.
Preparation involves taking steps to make sure that you don’t lose what you think you could lose for each item identified in the Planning phase. For each of the categories that you listed, identify something you can do to mitigate the loss. In many cases, something as simple as backups could be all you need. In other cases, you may need to look into anti-theft devices, firewalls, or fire suppression.
It’s a good idea to include others in your planning and preparation. Specifically, include key business leaders to help you identify the priorities for restoring services in case of an outage. Restoring Internet services may be critical for you and your department, but it may make sense to focus on phone services first for the rest of the business. Discussions with key players in the business will help you ensure that things are restored in a sequence that gets your company up and running again in the shortest time possible.
Make notes about your disaster prevention tactics and keep them someplace safe. Make sure to put them someplace you, or someone else, would look in case of a disaster. Make sure to review your plans on a regular basis. Set up a recurring quarterly meeting to help you remember to review your plans and preparation.
Finally, it is absolutely critical that you practice your prevention plans. If you are backing up your data, regularly try restores to make sure that the restored data works as desired. Document your process for rebuilding critical servers or restoring them from images, then make sure that your documentation works. If it’s possible, simulate a disaster to make sure that you and your staff know what to do.
What to do in case of a disaster.
When disaster strikes, start by identifying whether or not you have a plan for this type of disaster. If so, follow your plan.
If you don’t have a plan, identify what you believe you have lost. Get detailed. Get some paper and make notes. If you have put anything in place for a similar type of disaster, review your notes and make a plan for recovering your data.
If the worst case happens, and you either don’t have any disaster prevention in place or your prevention doesn’t work as planned, you have to make some decisions:
- Think about what those things are worth to your business and whether you can live without them. If you lost all your email, will you still be able to ship orders to your customers?
- If you find that you can’t live without the data you lost, then you need to figure out whether there is someone who can help you get it back. There may be a company out there that specializes in recovering data, and they may be able to help you…for a price.
What you need for an effective disaster plan
For a disaster plan to be truly effective, it needs to be written in such a way that anyone at your business can implement it. You may be on vacation in Timbuktu when disaster strikes, and someone else may be the one to put your plan into action. Make sure that your plan explains the following:
- Identify whom to contact. It’s obvious to you, and you have all the contacts in your phone, but you’re not there. Identify the person, his or her role and several ways to contact him or her.
- Identify what to say. The person responding to the disaster may be contacting customer support at multiple vendors or agencies. List account numbers, location information and answers to the questions that will most likely be asked. Make notes the next time you call support so that the person making the call isn’t scrambling for information.
- Identify how to escalate your issue. Many times, your ticket starts at the lowest support level and works its way up. If there are key phrases to use with the vendor to automatically boost the priority of your issue, make sure they are noted in the document.
There are many kinds of disasters out there waiting to happen. But planning and prevention can help you avoid them and can make them far less painful when they do happen.
If you want help identifying the kind of disasters your business may be facing and strategies for avoiding and preventing them, Outsource IT can help. Contact us today and start protecting your critical data.