Disaster Recovery is being able to recover your data if everything else is gone. Insurance will replace the computer network but no amount of insurance can replace data. Your Accounts Payable will find you, but I doubt your Accounts Receivable will come knocking. An Offsite copy of your backups, stored at a second physical location and address, is a good start. The further away the less likely a disaster, such as fire, flood or theft, will destroy the data at both locations. There are services that can store your data all over the world. Sometimes business’ have a 2nd site across town that will work just fine and can save money. Offsite data is more expensive to store but can be a business saver in times of disaster. Some online services may take weeks to fully restore your data but at least you will have it! We recommend that you utilize local backups for quick recovery time do to hardware failure and offsite backups for data recovery if physical damage applies. Here are some helpful tips when creating a good disaster recovery plan:
- Create a contact list of who to contact in the event of a disaster and what functions are the most crucial to get running again.
- Make sure the list has vendor contacts. (ie: alarm company, IT company, phone vendor, landlord, internet provider, etc…)
- Clearly define how long your business can be down without serious harm to your business.
- Gear your recovery plan to meet that timeline.
- Make sure your IT team has structured your network to comply with the plan and timeline. Make sure they have stock equipment to get you up and running as dictated by your plan
- Make sure copies of this plan are in multiple locations in case he network is down or the building is on fire
- Make sure you name a security officer in charge of making sure all tasks in recovery get done.
- Teach the response team the plan that is in place and specify who does what.
- Create a task list
- It is a good idea to test your recovery plan yearly by mocking a disaster and trying to recover data. Many government regulations require this for compliance. Document date and time of test
- Identify where a second location if possible to do business out of until permanent fix can be implemented
- Have a copy of your customer list and a plan for contacting customers in the event of business disruption.
- Consider a virtual server framework