Business disasters can range from staff not being able to make it into the office due to natural disasters and inclement weather like the snow, to IT failure, to terrorist attacks. Whatever the reason, the key to successful disaster recovery is having realistic and understandable objectives that are based on the needs of the business.
In the event of a disaster, it’s often hard to know where to begin or who to turn to. For many businesses, it’s something which isn’t even on the radar, yet faced with a disastrous situation knowing your options could limit the damage and have you up and running again with minimum hassle.
Planning and preparation is paramount, from the business impact analysis, to understanding and quantifying the risks to classifying and prioritising applications and data for recoverability, no stone should be left unturned, no risk left exposed.
From an IT perspective, disaster recovery planning should form part of your daily operations. The dynamic nature of IT requires continuous review and updates of the process and the plan. It’s also worth making investment in a solid technology basis which provides higher performance at a low cost, or at the very least ensuring all data backups are functioning well and kept offsite.
10 Tips For Disaster Recovery Planning:
- Business and IT need to be linked
Creating a Disaster Recovery plan is a compromise and while people are aware of best practice, they face issues related to cost. Preparing for it should not be a burden but integrated with day-to-day priorities.
- There needs to be a Disaster Recovery plan
The plan needs to represent all functional areas within IT prior to, during, and after a disaster. It needs to include applications, networks, servers and storage. Contingencies, such as “what-if” scenarios should be considered as part of the planning process.
- Keep the Disaster Recovery plan current
Disaster Recovery planning needs to be part of the day-to-day operations of the IT environment, and updated with changes. Even though it is an exception, it should always be accessible.
- Test the Disaster Recovery plan
The plan needs to be tested regularly to ensure the business can recover the operation successfully and in a timely fashion. If recovery has not been tested all the way to the application level, it is very likely that problems will occur.
- Set realistic recovery objectives
Frequently, organisations have established objectives and prioritised servers and applications in accordance with Disaster Recovery policies that are often unrealistic. It is important to set sensible Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO).
- Define Disaster Recovery responsibilities
Roles and responsibilities need to be clearly defined. Even in situations where tragedy is not the issue, any planning scenario must consider redundancy of roles to ensure that people are available to cover various responsibilities in the process.
- Address Disaster Recovery risk
The plan needs to address the right risks as it is essentially an insurance policy. The definition of what constitutes a disaster also has to be considered.
- Ensure application-consistent backups
What happens when the backups don’t work? Application recoverability must be validated through the recovery of backups to the application level.
- Alternative recovery services
Data needs to be protected offsite so that if disaster strikes it can be recovered to the affected site.
- Consider Disaster Recovery costs
Data protection and recovery requirements may seem expensive, but what is the real cost of downtime? Being able to address the IT cost for Disaster Recovery is an issue of integrating Disaster Recovery into standard operations as much as possible.