Why is Disaster Recovery Planning Such a Headache?

Share

Today, we’re going to talk about something that can really be a headache for SMEs: Disaster Recovery planning. For many people, it can seem very complicated and tedious. So, we thought we’d take some time out to talk about why it’s so painful and what you can do to make your life easier.

Disaster Recovery is a key part of Business Continuity Management (see ISO 22301) and deals with everything related to addressing a disaster situation and getting your systems back online. However, despite obviously being extremely important, it’s a topic which can make many companies very nervous, particularly those that don’t have huge budgets to splash on security. Many SMEs have no disaster recovery plan at all, and if they do have one, it is probably fairly weak or has never been tested.

In this article, we’re going to take a look at some of the mistaken perceptions people have about disaster recovery planning and suggest some ways to make it much less painful.

 

Why is Disaster Recovery Such a Headache?

 

Disaster recovery planning in the eyes of an SME

When researching the perceptions of small and medium-sized businesses when it comes to disaster recovery, the results are not particularly encouraging. In fact, in a previous article (What is Disaster Recovery and Why Do We Need It) we talked about how there is a certain reluctance among SMEs, often because of a lack of resources, expertise or awareness.

Below, we’ve listed five common themes that are perceived as something of a headache for SMEs. Maybe you recognise some of them:

  • 1: Disaster recovery measures are expensive to implement: Many companies have the false impression that disaster recovery measures are expensive to implement, run and maintain. They believe that the hardware and software required are costly, and of course, you couldn’t possibly address something this serious without the help of (expensive) specialist consultants.
  • 2: Disaster recovery is complex: This is a common belief among many users and entrepreneurs, mainly due to a lack of knowledge. As a result, they’re afraid of doing things themselves in case they make a mistake and end up wasting resources or worse, money.
  • 3: We don’t have the internal resources: Small and medium-sized companies tend to have pretty small teams, and this is because their budgets are much tighter. Furthermore, they tend to believe that their little team probably doesn’t have the knowledge or experience required to implement a disaster recovery system, let alone run and maintain one.
  • 4: We don’t have enough time: If the company doesn’t have enough people, then it almost certainly doesn’t have enough time either, right? How on earth can you justify spending time on something that might not even work if you’re already swamped by your day-to-day tasks?
  • 5: We need to prioritise urgent tasks: Similar to the previous point, many companies are constantly putting out fires or applying updates. The business is constantly changing and there’s no time to waste on implementing a disaster recovery plan. The urgent tasks come far ahead of something that you might not even use.

Of course, these points all share something in common: an underlying confidence that a disaster simply isn’t going to happen. You might recognise this feeling from your childhood. You remember? When you felt invincible and did all kinds of crazy things because you genuinely believed you were going to be fine. Well, this same youthful optimism is shared by a lot of SMEs. On top of this, because they’re “small and unimportant”, they don’t think they’ll ever fall victim to a malicious attack. Well, unfortunately, it’s not quite that simple, and it’s a belief that costs companies 100s of millions each year.

 

Now that we know what all the headaches are, what can we do about them?

As with most security matters, the best way to address these problems is through education, providing training and awareness-raising sessions to all employees, particularly senior managers.

The first thing that everyone needs to understand is that disaster recovery planning is essential for the survival of any organisation. Any disaster that significantly affects the company’s operations could literally spell the end for the business.

However, aside from this basic principle, let’s debunk each of the five points above, and maybe you’ll start to see that disaster recovery doesn’t need to be such a pain.

  • 1: Disaster recovery measures are expensive to implement: Is it really so expensive for an SME? Well, the correct answer is “it depends”. If you want to replicate 100% of all your systems and services, then obviously this is going to be quite costly. But if you actually just want to ensure an acceptable level of service while you fix a problem, it really isn’t beyond the reach of most small companies. The important thing is to assess each work process, system and service to identify those that are most critical to business operations. Then, using this information, you can develop appropriate contingency plans to allow workflows to be redirected to an alternative production environment while you address the issue.
  • 2: Disaster recovery is complex: Systems are only as complex as they are original. If your team is capable of developing an original production environment, then it’s certainly capable of creating a suitable replacement service in case a disaster strikes. Furthermore, the way a contingency plan is activated can vary depending on your technical or financial capabilities. It could be as complex as an automated script or orchestration system or as simple as a manual trigger by an IT technician.
  • 3: We don’t have the internal resources: As we mentioned in the previous point, your existing IT technicians should be perfectly capable of creating and operating backup systems, so you almost certainly already have the right resources in the company. However, we still recommend continuous professional development for all employees to help them keep up with the latest technologies and stay motivated. At the end of the day, no one likes being left behind.
  • 4: We don’t have enough time: This is a really important problem and is linked to the next point. Even though it’s common for employees to be overloaded, it’s vital that they have time set aside for improvement tasks. Otherwise, the business might one day take a hit that it never recovers from. This will rely on support from IT management and other senior management to make sure that time is allocated to disaster recovery planning and maintenance tasks.
  • 5: We need to prioritise urgent tasks: Studies show that 80% of an IT technician’s or sysadmin’s time is spent resolving issues that could be solved with permanent improvements or automation. This just shows why investing time in eliminating efficiencies for good is much better than firefighting all the time. By optimising resources, you can spend more time on your disaster recovery system.

 

Conclusion

In this article, we’ve tried to debunk many of the common misconceptions surrounding disaster recovery. Hopefully, now, you can see that it doesn’t need to be such a headache. With better organisation, you can make your business and its infrastructure much more resilient without having to invest in more resources.

But we understand that this isn’t easy. It requires strong leadership from the top and the commitment of all employees to make it work. It also requires continuous improvement, both in terms of services and staff training, to ensure that staff spend less time on “urgent tasks” and can develop an appropriate and effective disaster recover plan.

If you’d like to learn more about disaster recovery, check out some of our other articles on the topic:

Thanks for reading!

Category:Cloud and Systems

Other posts that may interest you

9 de August de 2024
Choosing the right cloud service provider is a critical decision that can impact the quality of your software, customer
3 de July de 2024
Here at Jotelulu, we have designed our Disaster Recovery service specifically with SMEs in mind. But what arguments should
2 de July de 2024
In today’s article, we will explain some of the basic concepts that are important to understand about Jotelulu’s Disaster

Fill out the form and one of our Sales team will contact you soon.

growth@jotelulu.com  |  jotelulu.com 

You can unsubscribe from these communications at any time. For more information,  check our Privacy Policy.

 

We make the difficult easy

Existing Disaster Recovery tools often require advanced knowledge to manage, demanding expertise that is difficult to acquire.

Jotelulu’s Disaster Recovery aims to make the difficult easy and offers a very simple deployment based on a three-step configuration:

Origin (Primary Site)
Determine the origin location of the subscription on which the Disaster Recovery service will be established.

Destination (Recovery Site)
Set the destination location (availability zone) where you want the Recovery Site to be deployed.

Replication characteristics
Specify the data related to the number of copies to be kept and the frequency at which the replication will be performed.