As we deal with hurricane season in South Carolina and with wildfires wreaking havoc in California, it’s more important than ever for small businesses to implement or revise their disaster recovery plan.
A disaster recovery plan is an important aspect of your overall Business Continuity Plan and identifies your organization’s objectives in the event of a disaster. It will identify precisely how you are going to prioritize, plan for, and recover from a disaster. A disaster in this context can be anything regarding weather (hurricanes, flooding, wildfires), cybersecurity (ransomware, breaches) and other scenarios like a theft or building fire.
These plans are typically thought of as just for large enterprises, but it’s also important for our small businesses and non-profits to place a focus on their disaster recovery planning. Small businesses and non-profits play a key role in our local economies, we wouldn’t be what we are without you!
If you don’t have an IT solutions partner to help you build a disaster recovery plan, here are seven key components that are important for you to include:
1. Goals
These are specific goals that you are going to outline for the organization and all the departments such as your RPO (Recovery Point Objective) which details how much data is acceptable to lose – For example you could have a 2-hour RPO which means you will need to ensure you have backups every 2 hours to meet this objective.
And your RTO (Recovery Time Objective) what is an acceptable amount of time for the organization to be down at a given moment – For example you might set a 3-hour RTO which means you need to be back to normal operations within 3 hours.
2. Staff Involved
In this part of your IT disaster recovery plan, you will be outlining which staff will be handling each part of the including what to do if these designated staff are not available.
3. IT Assets
Detail all your IT inventory, be sure to include your cloud applications, servers, and other critical infrastructure items. This will be used to categorize the least important to the most important.
4. Backup Procedures
In this part of the plan, you will detail how often you would like your backups to run, and it should align with your RPO, it’s important to note that if you can only lose 1 hour worth of work that – you have backups that are set to run every 1 hour.
This can also include a plan to regularly test your backups to ensure they are in a useable state.
5. Disaster Recovery Procedures
The disaster recovery procedures talk about what you will be doing in the moments leading up to a disaster. This can vary based on the specific incidence. For example, with wildfires and hurricanes we typically have a few days’ notice prior to evacuation orders. This gives you the time needed to run final backups for the day, unplug all the equipment and move the critical on-premises equipment elsewhere. This will also include mitigation planning, reducing damages to your organization, and preventing cybersecurity threats to the organization.
6. Restoration Procedures
The restoration procedures outline in detail how the organization will restore normal operations after a disaster. This includes details on how you are going to recover key systems in the event of a disaster.
7. IT Disaster Recovery Training
Training is an important part of the disaster recovery plan. This will give everyone involved an opportunity to familiarize themselves with their role in resuming normal operations, planning, and recovering from an IT disaster. This also gives you an opportunity to run through the potential pitfalls and resolve them.
Your staff needs to know how to communicate with each other and with clients during a disaster. Having your business communications planned out helps maintain confidence in your team and with your customers that you are still in business and doing everything possible to help them, keep them updated and assist where you can.
Creating a disaster recovery plan takes time out of a very busy day but there are several benefits to having one in place including:
- Increased Productivity
When you have a plan in place, everyone knows what their role in responding to an incident or disaster. You are much more prepared and ready to jump right into recovery mode immediately rather than standing around trying to think of a response while you’re stressed and potentially in shock.
- Customer Retention
We live in a fast-paced world, and we are not typically forgiving of failures or downtime. If your customers can’t reach you, they’ll call your competitor to find the solution or product they are looking for. With a plan in place, you are better able to get back up and running quickly which will minimize the amount of downtime you experience.
Here at EIS we work with our clients consistently to plan and prepare for disasters. We implement backup solutions, cybersecurity services, and prioritization of all the IT systems that make up your organization’s infrastructure.
If you need help with IT planning, get in touch with us today.