Regardless of the size of your business, disaster recovery is probably something that’s come up in conversation at least a few times. Today, we’re going to look at what disaster recovery is and why it’s so important.
These days, businesses are increasingly dependent on a range of complex IT systems. At the same time, the number of potential threats is also growing exponentially. All this means that the risk of a system or service failing is very real, and that failure could have catastrophic consequences for the business.
There are numerous incidents that could impact business operations. These can range from fairly minor incidents to more harmful or disastrous events, such as power cuts, communications failures or natural disasters like fires, flooding or earthquakes. Given the current political landscape, the company could even be affected by rioting or a terrorist attack.
However, one thing is for sure: if your business isn’t prepared to respond to these incidents, there’s no guarantee that it will survive if they happen.
That’s why having a disaster recovery plan is so important.
The first standard to focus on Business Continuity Management (BCM) was the British standard BS25999. Since then, many other standards have been developed that can be used as guidance when developing a suitable disaster recovery plan.
A Complex Topic
Disaster recovery can seem quite daunting for any business. It’s an incredibly complex topic, and there can be significant costs involved in implementing and maintaining all the necessary systems and procedures.
Indeed, many people are under the mistaken impression that you need to be a specialist to develop a disaster recovery plan. As a result, many small and medium-sized businesses (SMEs) think that disaster recovery is something that they can’t afford. However, while disaster recovery specialists may well have greater knowledge of processes, standards and relevant technical solutions, this doesn’t mean that you need to be an expert to develop your own disaster recovery strategy.
It’s completely untrue to suggest that SMEs aren’t well enough equipped to carry out this sort of project. Ultimately, while your IT techs may not have specific expertise in disaster recovery, they will almost certainly have a great deal of expertise in a wide range of technologies and be perfectly capable of developing the right solutions for your business.
What is Disaster Recovery?
Disaster Recovery (DR) covers all the tasks and infrastructure required in order to restore normal operations in the event of a system or service failure.
On other words, it consists of all the planning, preparation, implementation, maintenance and processes to recover a service after a disaster.
Why is it so important?
Regardless of the type of business you run, having your systems running and available will be absolutely critical. Ultimately, if your production service or invoicing system is down, the company simply won’t function.
System failures can also impact a business in other ways. One aspect that is often overlooked is the company’s corporate image. If customers are constantly suffering from service failures, the company’s reputation will take a significant hit.
Indeed, these days, thanks to computers, tablets and smartphones, we’re all used to being able to access information, news and other content more or less instantly.
On the one had, this has been great for productivity, but on the other hand, it has created an increased dependency on IT systems. Not only that, but it has also led to increased anxiety when systems run slowly or are unavailable, even if only a few years ago, they didn’t even exist. A few years ago, if your connection was running slowly or a website was down, you tried again later; these days, if a site isn’t working, customers simply look for another one to satisfy their need for an immediate service.
All of this means that the survival of any business depends on having all services and processes live and operational at all times.
How to develop a disaster recovery plan
While this is really just an introduction to the importance of disaster recovery, we’re still going to take a brief look at how you would go about developing a Disaster Recovery Plan (DRP).
When developing a DRP, it’s very important to adopt a comprehensive approach that covers all possible areas of the business. This means bringing together all the people, processes and technologies that make up the business management system. This will require significant coordination between various departments. Once everyone is on board, it’s then time to start gathering information and data about business processes, their criticality and their vulnerabilities.
Each business process will need to be analysed in order to identify those that will have the biggest impact on the company’s revenue streams. This way, they can be prioritised in the event of a disaster.
Then, it’s important to identify who the key people are in a disaster situation. Who are the coordinators? Who are the people empowered to make decisions? Who is monitoring the situation to ensure that key processes are carried out and that things are escalated if necessary? What are the most important communication flows when responding to a disaster?
Lastly, it’s important to consider the technology used by each process and what it depends on in order to function correctly.
Once all this information has been gathered, it’s time to consider each and every step that needs to be taken in order to restore a given system and get critical processes back up and running as soon as possible. This means thinking about who needs to do what, when and how.
Clearly, this is a lot of work, and there is no one-size-fits-all solution either. If your company repairs toasters, your Disaster Recovery Plan will look very different to that of a company that sells potatoes. But even if it can seem daunting, it’s not rocket science. It’s simply about careful planning to protect your business against events beyond your control. And that makes it all the more worthwhile.
It’s worth taking a moment, at this point, to mention regulatory compliance. If this is your primary concern, there are various document templates you can use to ensure that you meet current requirements, such as UNE-ISO-22301 (Business Continuity Management Systems). In fact, there are many companies out there that sell such templates. All you need to do is fill in the blanks. However, this is just a tick-box exercise. It’s no substitute for an actual Disaster Recovery Plan, and it’s certainly not going to help you in the event of a catastrophic system failure.
Conclusion
As you can see, disaster recovery is really just common sense, and all businesses great and small should be giving it serious thought. It’s simply about establishing the right checks and processes to make sure that systems can be recovered as quickly as possible when they fail, so as to avoid serious damage to a business and its reputation.
And, as we mentioned, it’s about much more than simply filling in paperwork. No amount of paper is going to save you in a disaster situation.
Ultimately, there are many disaster recovery specialists out there, and their services will certainly be of value. But if you’re a small company with limited resources, that doesn’t mean that you should ignore it. It’s perfectly possible, with the right staff, to develop an effective disaster recovery plan that may well save your business one day.
You can find more information about disaster recovery and related topics on our blog, such as our article Disaster Recovery: What Are RPO, RTO, WRT and MTD? (jotelulu.com).
Thanks for reading!