Any company that relies on IT to function needs to have something known as a disaster recovery plan in place. In the context of IT provisions, this is a company-wide plan which outlines what to do in the event something goes wrong. If your company ever experiences IT downtime, it’s helpful to know that everyone will know what to do.
In cases where ransomware or data breaches are to blame, then a disaster recovery plan can even help to prevent the problem becoming much worse. For example, if everyone in your organisation knows how to spot the signs of a ransomware attack, then the breach may be contained to one system rather than spreading throughout the whole network. This is just one example of how a disaster recovery plan can help your business. Here are some of the most important things to consider when creating your disaster recovery plan.
For a small, independent shop, losing internet for an hour might disrupt card payments, but it won’t completely shut down the business. However, for a large company that relies on everyone having access to the internet, this could quickly become an issue after just 10 minutes without internet. The first step is to decide what constitutes a disaster for your company. Be specific: how long can your IT provisions be compromised before you need to take action? This may differ across different sectors of your business, so make sure you drill down into the specifics.
If your company is hit with a ransomware attack, who is the best person to call? Who manages your IT? Who manages your phones? Are there any remote workers who need to be informed not to access the servers? A key part of your disaster recovery plan is the contact lists as this will ensure that everyone is on the same page about who needs to be informed. Keep this updated, as you don’t want to be tracking down the contact details of a new supplier in the midst of an emergency.
With people taking a more flexible approach to their working environment, you might find that company devices aren’t always under the same roof. If you are hit with a ransomware attack and you need to know which devices are affected, it helps to know which devices you have in the first place. Keeping an accurate inventory (including serial numbers) can help you to understand the extent of the issue and may also be essential to any insurance claim.
A common mistake that companies make is to pay someone to make the plan and then store it away in a filing cabinet, never to be seen again. Everyone in your organisation should be aware that the IT contingency plan exists and they should know where to find it. Another common mistake is to only keep the digital copy up-to-date. Store a physical copy in a safe place so that everyone can access it in an emergency.
If you need help with your disaster recovery plan, or you’re looking for IT support, contact us at Cara Technology today.