Floods, fires, hurricanes, and other disasters have been the downfall of many organizations — all as a result of too much downtime in the recovery process. In fact, more than 90% of companies that lost their data center for more than 10 days went bankrupt, according to the National Archives and Records Administration.
That’s why thinking ahead about the safety of your data, networks, and business is necessary. After years of working with businesses who have dealt with disaster, we’ve seen it all. A disaster recovery (DR) plan in the face of the unpredictable will help you avoid:
- Lost productivity
- Missed sales
- Brand damage
- Lost progress
- Unnecessary costs
But we do admit, there is a lot of information out there about disaster planning and recovery, so we want to keep things simple for right now. Here are the top 5 things every IT leader needs to know as they consider preparing a plan for the unpredictable.
1) A well-communicated plan builds confidence
When you have a well-thought-out disaster recovery plan, the organization needs to know about it early on and in detail. A strong plan builds confidence with stakeholders in the business and makes employees feel confident about their jobs and their future. And that’s great for culture and for business.
It’s saying, We’re prepared. No matter what happens, we have a plan to get us through this. The anticipation of disaster and incidents has less of an impact on the company as a whole because now, each department will know their part of the plan, how to execute it, and where to go to make that happen. There is an element of trust that comes from having a plan communicated throughout the organization.
2) Disaster recovery is not synonymous with business continuity
“Disaster recovery” is often used interchangeably with “business continuity.” The truth is, a DR plan is a critical part of the overall business continuity plan (BCP) — not the exact same thing. The DR is the process of getting all IT infrastructure, operations, and support back up and running, while the BCP is about getting the business as a whole back to full functionality after an event. DR answers the questions:
- How will I ensure that our data is backed up and accessible?
- How much time will it take to get IT operations running again?
- How will I make sure our applications are available to end-users?
- Will users be accessing systems from home, or a common office point.?
- Is the DR environment secured?
3) The unpredictable will still happen
No matter how much you prepare, the unpredictable will still happen. The best you can do is be nimble in the face of disaster (be ready to change, adjust, and roll with the punches); determine your go-to method of communication ahead of time (and communicate with the team about it); and make yourself aware of some of the most common threats:
- Logical Data Loss: Software and data storage can be corrupted from non-physical damage, including botched updates, user interference, or software bugs. The data either becomes corrupted or irretrievable, although the storage media remains functional. But one of the most common sources of logical data loss is computer viruses, especially ransomware. In fact, ransomware incidents appeared to explode earlier this year, in June, according to an IBM report. That month saw one-third of all the ransomware attacks IBM Security X-Force has remediated so far this year.
- Physical Data Loss: Unlike logical data loss, hardware failure occurs when the devices storing and managing data malfunction, and the data become irretrievable. Hard drives and servers are two storage devices that fail most often. In a 2015 survey of 2,084 IT professionals and executives by cloud services firm Evolve IP, 47% of total losses were attributed to hardware failure. Desktops were the most likely to fail, followed by servers.
- Natural Disasters: We’ve been talking about this one the most. Severe weather is the ultimate test for a business’s disaster recovery plan, and few have the business continuity measures in place to handle a catastrophe. It is important to realize that the threat is not only from the event, but also from the extended utilities outages afterwards.
- Human Error: Sometimes, people are their own worst enemies. Human error is when a person harms company data, which usually occurs from an employee accident. In a survey of 400 IT decision makers, 31% of data-loss incidents were reported to be caused by workers, according to data-security publication Infosecurity Magazine. But not all human damage is accidental, unfortunately. An investigation by the FBI recently uncovered losses ranging from $5,000 to $3 million, at the hands of malicious, disgruntled employees.
4) Making the right plan takes time and testing
To develop a strong data backup and DR plan, it takes time, testing, high-level prioritization, research, and vendor selection. So, you want to block off the proper amount of time to make a plan. In other words, if you start planning today, it may take 6 months to a year before you have something that everyone feels good about — but don’t worry, it’s well-worth the effort for the future of your business.
A great way to start making a plan is by bringing a team to the table and start thinking through all the “what-ifs.” As you come up with a rough draft responding to these “what-ifs,” you’ll be able to vet it out and find the cracks in it — in fact, that’s what you want. You want to poke holes in the plan wherever possible, so that essentially nobody else can.
Another reason why creating a solid DR plan requires some time is that it means giving each department their own roles and responsibilities as it relates to DR. Various departments of an organization have different functions, vendors, operations, and even locations. These will change how they work with the plan, individually.
Once the plan is drafted and strong, it’s time for testing — a huge part of making sure you have something that will work when disaster strikes. That can mean a variety of mock scenarios, so you can see how the team will dynamically deal with changes and challenges.
And then, you’ll want to revisit the plan annually. Things change quickly in companies and especially technology. Even something as simple as a primary contact to a department can change — and that make a big difference when executing the DR plan in the face of an incident or disaster. You need to make sure every aspect of the plan is up-to-date so things run smoothly during a difficult time.
5) You have to be ready to react and decide, quickly
Lastly, someone has to be ready to react. You can have the best plan for the job waiting on the shelf, and then if there is no one to pull the trigger… what’s the point? When the time comes, there should be key individuals company-wide and departmentally who are confident in invoking the plan.
How do you know when it’s the right time? Often, if it’s a simple case of an electricity outage or you get news that a hurricane may be forming, it’s likely not the right time to invoke. However, if there is a specific forecast, giving a timeline of urgency, your key individuals need to make a consensus on putting the plan into action — without questioning it.
The Right Experience Can Help You Prepare
There is a common belief — or rather, misconception — that simply understanding the concept of a DR is enough to create one, but it’s very different. Experience is key to grasping and developing a thorough, comprehensive plan. It allows companies to be acutely aware of every possible scenario and solution.
Experience like the following is key when creating a DR plan:
- Having worked with similar plans
- Experience getting through previous disasters/incidents
- Having worked with plans across multiple industries
- Being familiar with critical infrastructure and operations
- Knowing how to orchestrate communication between teams
All of this helps you develop how you’re going to protect your business and better facilitate in the face of disaster. With Venyu’s experience and the pitfalls we’ve already hit and overcome, we are helping businesses avoid significant bombshells early on — by walking them step-by-step to get them back online.
You Don’t Have to React Alone
VENYU has been in the offsite data backup business for over 13 years, a pioneer in the industry of online data backup. Since we’re headquartered in hurricane country, we have been battle-tested and have triumphed every time. We deliver peace of mind for your important business data.
We’ll help you scale and evolve through the unpredictable.
Companies are always growing and adapting, which often leads to changes in DR requirements. That’s why DRaaS is a flexible solution — because it comes with managed evolution.