Call Us: US - +1 845 478 5244 | UK - +44 20 7193 7850 | AUS - +61 2 8005 4826

online backup services

Disaster Recovery Plan Defined

You might not be able to prevent disasters from happening, but with a solid disaster recovery plan in place, you can be ready for them when they hit and ensure the least amount of impact to your business. Tornadoes, earthquakes, floods, fire, hurricanes, terrorist attacks, cyber attacks; a good DR plan should account for as many potential disasters as possible and lay out clear tactics that ensure critical systems are not only protected but kept online and that revenue loss is kept to an absolute minimum.

Identifying Potential Business Interrupters

The first thing a DR plan needs to include is a detailed analysis of potential threats or “business interrupters”. All scenarios should be considered, even those that are possible but least likely to happen. Just because an earthquake hasn’t occurred in your region for decades, the possibility of one occurring still needs to be taken into account.

Sadly, today it is cyber attacks that are most likely to cause the most damage, so you may want to give priority to these types of threat over natural disasters.

What Should a Disaster Recovery Plan Include?

If you type “disaster recovery plan template” into any search engine, you will be faced with hundreds of different options. However, the most important aspects of any DR plan is that it is easy to understand and implement, tested and proven and up-to-date with the latest business systems and potential threats. A good plan should include the following:

  • Statement, overview and objectives of the overall plan.
  • Contact details for all key disaster recovery personnel. Many organizations formulate a dedicated disaster recovery team.
  • In-depth details of emergency and routine response actions to implement before, during or after a disaster. For example, if a tornado warning has been issued in your region, your emergency response may be to failover all critical systems to a data center out of state and out of harm’s way.
  • Details about any recovery sites, including diagrams of the IT network and instructions on how to get there.
  • Details about the organization’s most critical business assets and systems should also be listed, including the impact of an outage to the business and maximum outage time for each. You should also determine your Recovery Point Objective (RPO) and Recovery Time Objective (RTO) across your organization. RPO relates to the maximum age of files that must be recovered from a backup source for normal operation to resume following a disaster. If you state an RPO of four hours, you must set your systems to backup at least every four hours. The RTO relates to the maximum time a business has to recover its files and resume normal operations. If your RTO is two hours, it cannot be down for any longer.
  • A detailed and up-to-date list of all software, user accounts and license keys that will be used during disaster recovery efforts.
  • Technical information from third-party vendors on how to recover systems in the event of a disaster.