Your business operations and productivity are intricately linked to your servers, workstations and web apps. How do you prepare for a natural disaster recovery situation? Do big storms and floods threaten your productivity? Where does your IT disaster recovery plan stand? Have you performed a risk analysis? What and who should the disaster recovery planning process include?
What is disaster recovery?
A disaster can be anything that puts an organisation’s operations at risk. Your disaster recovery plan should be coordinated with each business area’s continuity planning process. Defined recovery point and recovery time objectives need to be determined in order to solidify overall process, technology and application readiness.
Start now. With a business continuity and disaster recovery plan in place, you are able to mitigate the impact of severe weather events and meet the challenge should your data centre be hit by water, wind, fire or structural damage.
Be prepared: disaster readiness and risk reduction. The goal of a disaster recovery plan is to maintain technical operations and quickly restore your company’s ability to operate. To effectively prepare your IT infrastructure in the face of hurricanes, tornadoes, floods, fires, earthquakes or other adverse conditions around the world, consider the following five steps of disaster preparation for your data centre(s).
What Is the Business Impact of a Disaster on Your Organisation?
Your disaster recovery plan should start with identifying and ranking your key services so you can focus on the most critical outcomes during an emergency service outage. You need the clarity for both your disaster recovery plan (DCP) and your business continuity plan (BCP) to be able to respond most effectively in the event of a disaster.
What is business continuity?
Business continuity is when an organisation can ensure regular business processes in the event of a disaster or unplanned incident that can impact systems. Business continuity planning is the process of preparing for these situations cross-departmentally to prevent data loss and preserve critical information.
By addressing aspects of the organisation as a whole, business continuity planning requires a more extensive strategy than disaster recovery, which focuses only on the data centre.
How does business continuity affect the supply chain?
Many natural and human-made disasters can threaten your organisation and its supply chain. It’s essential to have a solidified business continuity and disaster recovery plan in place to mitigate disaster-related interruptions in your supply chain and keep your business running as usual.
What is disaster recovery planning?
Disaster recovery planning is a documented strategy that outlines the procedure of how an organisation can quickly keep IT assets up and running during an emergency. Disaster recovery planning is a part of a larger business continuity plan — which applies to all areas of an organisation. Every department in a business should have a basic disaster recovery plan to ensure that business continuity is a priority. Use this simple disaster recovery plan template.
What’s the difference between disaster recovery and business continuity?
The disaster recovery planning process targets IT infrastructure, uptime, data and how it supports business operations. A business continuity plan is a broader strategy that focuses on maintaining regular business functions throughout the organisation during a disaster.
Pre-Determine Disaster Recovery (DR) Team Members
A Disaster Recovery Plan (DRP) needs many points of view and operational focuses to be truly comprehensive enough to be effective. A planning process, action and communication will take place on multiple levels before, during and after a disaster. Ensuring the appropriate team members are involved will make for a smooth process.
Involve key business leaders to play a significant role in your disaster recovery planning process. It is a company challenge and responsibility, not just an IT problem. Facilities and customer support should also have a place at the planning table.
THE DR PLAN CONDUCTOR
Assign a Disaster Recovery plan owner/project manager who understands the scope and impact of the project. They should be able to clearly articulate what is needed for your disaster recovery solution from the various team members, and to hold all parties accountable.
Your disaster recovery team members should include those with IT infrastructure expertise – as well as collective problem-solving skills, decision-making confidence, detail-orientated focus and the ability to communicate effectively.
Do not overlook your vendors and partners’ disaster recovery solutions. These professional contacts can generate helpful input, experience and tactics to strengthen your disaster recovery solution.
How to Create Your Disaster Recovery Plan
Start with a business impact analysis (BIA).This detailed audit will help you to determine the ramifications of business disruption on your critical functions. Using this analysis, you can identify gaps and the impact they may have on the organisation.
To get started with collecting data for your BIA, begin with a survey from each department outlining their top 3-5 critical processes with risk analysis and provide documentation for each. The results will help you to identify the essential business processes and resources needed to maintain business continuity.
Use the insights from the survey data you collect to create your BIA report that details the risk potential on each department in the event of a disaster. This report should describe each process and prioritise the order of events that need to take place in your disaster recovery solution to restore business as usual.
Determine Your Recovery Time Objective and Your Recovery Point Objective
You should take your business impact analysis a step further by defining your Recovery Time Objective (RTO) and Recovery Point Objective (RPO). Each involves a detailed risk analysis.
Technopedia defines Recovery Time Objective as “the maximum desired length of time allowed between an unexpected failure or disaster and the resumption of normal operations and service levels”. Your RTO designates the point in time after a failure or disaster at which the consequences of the interruption become unacceptable. Beyond downtime, RTO also includes the steps IT must take to resolve the application and its data.
RPO stands for Recovery Point Objective and addresses your organisation’s definition of the maximum amount of data that can be lost before the impact on the business is unacceptable.
When thinking of the RPO, focus on the point in time you need to be able to restore back to. Historically, organisations had an RPO of whenever nightly data backups were taken. This is changing with replication becoming more widespread, allowing for Recovery Point Objectives to be as short as 5-10 seconds.
How Detailed Is Your Disaster Recovery Plan?
Your plan should include a host of business continuity details including staffing, technology (hardware, software, systems), power options, data backups, relocation sites and internal/external communication.
Before the planning process begins, ensure that all key business systems are backed up and test the backups. This is the most important thing you can proactively do to combat the adverse effects of a disaster.
As you start or continue down the planning path, at a minimum, your plan should include:
disaster recovery team member contact information and roles
essential vendor/partner contact information
a list of essential/prioritised services
clear expectations as to what events will engage which specific actions
a communication chart of who is involved in the response actions
status checks and reporting
location details for where process documentation can be accessed
You can also create a Disaster Recovery plan for additional environments such as your smaller secondary sites and remote offices. Depending on the size of your organisation and level of expertise, this could be a recommended strategy in addressing the multiple steps needed for each focus area.
Test Your Disaster Recovery Plan
As the wind speed increases or the flood waters rise, your goal is protecting and preserving uptime, not discovering weaknesses in your disaster recovery response. One popular method for testing your plan is a tabletop exercise. A tabletop exercise is a meeting to discuss a simulated emergency situation. The goal of a tabletop exercise is to uncover the strengths and weaknesses in your disaster recovery plan. Testing your plan for the first time during an actual disaster will not serve you well.
To set up for a successful tabletop exercise, plan for the following:
Set goals. Determine what you want to achieve and how you will evaluate the state of your plan. Which issues do you want to address? For example, availability/accessibility of fuel for generators, slow restoration of city services due to skeleton crews, transportation and power challenges, communication strategies with employees, partners and customers.
Select participants. For initial testing, it can be best to start small. Retest with a larger group as your disaster plan evolves.
Establish ground rules. Don’t throw in the kitchen sink. Stick to the goals. And maintain a no-fault/no-blame attitude.
Develop a disaster scenario. Make it realistic. Use real-world situations and, if possible, use an emergency event that has happened within your organisation.
Conduct the entire exercise. Run through the exercise from start to finish. Document uncertainties for follow-up.
Key vendors. Do you rely on any third-party vendors? Consider asking them to participate as well.
Document results. Take detailed notes throughout. Discuss what went well and what didn’t. Is this a realistic disaster recovery solution? Update the plan!
Even if your business operations are located far from a hurricane-prone overseas coastline, you could still find yourself dealing with the business impact of a natural disaster. Your disaster recovery strategy needs to ensure the security, performance and post-disaster operations of your data centre(s).
Use the five essential questions above to help to direct what your disaster readiness plan should include or to evaluate your current disaster recovery solution. With time, clarity, input and careful preparation, you can build an effective strategy for your IT team to successfully respond to any unwelcome disaster that may threaten your data centre.
Service Express’ professional team is happy to assist with your disaster recovery solution to get your data centre back up and running as quickly and efficiently as possible.
IT professionals deserve a level of service based on a foundation of trust, reliability, technical expertise and partnership. Yet IT teams continue to settle for data centre support that does not meet their needs or expectations. After years of poor communication, missed SLAs and delayed repairs, IT leaders at a national healthcare provider decided it […]
When Service Express received the call from a Midwest America's hospital's data centre which had been flooded, the hardware and service teams immediately created an emergency response plan and raced to help. A group of ten technical engineers was quickly assembled and worked around the clock to prepare over 25 servers within three days.
The distribution company dealt with repeated service gaps, support issues and a lack of confidence in their current third-party maintenance (TPM) provider’s expertise. A new solution would include responsive communication, reliable service and consistent responses. The IT team connected with Service Express to support over 400 systems, including Brocade, EMC, HPE and IBM, in 28 locations.