Saturday, 20 May 2017

8 Steps to Creating an Efficient IT Disaster Recovery Plan

National disasters aren’t the only things that can cause widespread outages and damage. In Kenya, millions of homes and business were without electricity thanks to a monkey.

Your business isn’t safe based on your geographic location alone. Various threats can destroy data and ruin an organization. That’s why it’s important for all companies to have a solid IT disaster recovery plan.

In the event of an emergency or disaster, make sure your systems, personnel, and data are well-protected by following these disaster recovery solution guidelines.

1.    Keep an Inventory of all Hardware and Software

Include in your DR plan a complete inventory of all company hardware and software based on priority. Next to each name, list the vendor contact information and phone number for technical support.

2.    Decide What You’re Comfortable with for Downtime and Loss of Data

After listing your hardware and software, the framework for your DR plan starts here. If you’re an electrician, you could probably keep your business going for a while without technology or servers. But if you’re Amazon, you’re limited to mere seconds of downtime. Knowing where your business falls on the spectrum will help you decide which disaster recovery solution you need.

Take your list of company software and applications and rank them into three tiers.
·         Tier 1 = systems you can’t do business without and need immediately
·         Tier 2 = applications or systems you need within 8-12 hours, even up to 24 hours
·         Tier 3 = applications you could survive without for a couple days

Defining your applications and systems helps you prioritize and improve the speed and success of recovery. Be sure to test your plan at least twice a year and update your tiers based on the results.

3.    Identify Who Is Responsible and for What

Your DR plan should clearly define roles and responsibilities including designating a person responsible for declaring a disaster. Defined roles make disaster recovery tasks easier to manage when all parties are familiar with their responsibilities. This is even more critical when working with third party vendors. When everyone is on the same page, the DR process works as efficiently as possible.

Protocols for an effective DR plan should include who to contact, how to contact them, and in what order they should be contacted to get systems up and running. Create a contact list with all DR personnel to include the details of their position, role, responsibilities, and contact information. Also, consider putting a succession plan in place with trained back-ups in case someone is on vacation or leaves the company.

4.    Establish a Communication Strategy

Good communication plans are often overlooked, but incredibly valuable. If disaster strikes, how will you communicate with employees? Do they know how to access the systems they need to do their job? During a disaster, phone or email may be down so alternative methods of communication should be identified.

A good plan also includes initial communication when a disaster takes place and ongoing updates to keep everyone informed. Clear communication is essential in managing IT disaster recovery with timely updates sent to employees, suppliers, and vendors. A written communication process can help lead to action and align organizations, employees, and partners.

To keep your customers up-to-date in the event of an emergency, publish a statement on your website and social media platforms. Offer prompt status updates showing you’re aware of the situation and working to take care of it.

5.    Tell Employees Where to Go in an Emergency

A good DR plan doesn’t just back-up your technology. It protects your employees and keeps your team operational. In the event your primary office isn’t available, select an alternate site for employees to work. Make sure employees know where to go and how to access systems from the new site. Offer a clear map of the alternative site including where to sit.

Keep in mind any compliance regulations and contract dedicated workspace where employees and company data remain private. Contract a large enough space with seats for all employees needed to meet recovery requirements.

6.    Check if Your Service-Level Agreements Include Disasters or Emergencies

If you store systems in a data center or outsource technology, have a binding agreement with the provider which defines the level of service you’ll receive if a disaster takes place. The agreement may include the timeframe to get systems back up and running.

7.    Outline How to Manage Sensitive Data

Outline IT disaster recovery technical procedures to make sure sensitive data is protected. Address how the information is maintained and accessed when your DR plan is activated.

8.    Test Your DR Plan Often

Backups and systems may fail you, the internet connection may be too slow, and a key employee may have changed her cell number. The only way to find out if a plan works is to test it.

Define how your DR environment will be tested including the methods and frequency. Infrequent testing often leads to DR environments that don’t work as planned. Create a testing schedule that measures your recovery time objective (RTO) and recovery point objective (RPO) goals to validate they can be met. The more comprehensive the testing, the more successful your company will be at surviving a disaster. If a DR test fails, identify the issues and fix problems early so you’re ready for any crisis.

Don’t forget to test key DR employees. They should be well-versed in the plan and their role in completing tasks. Simulated disasters and drills give your staff the experience and confidence to execute the plan if an actual disaster occurs.


Avoid being caught off-guard when a disaster strikes. Map out disaster recovery solutions and put them to the test so your business can handle any challenge. 

No comments:

Post a Comment