What does an effective six-step disaster recovery plan look like?

In every walk of life, we are routinely encouraged to hope for the best and plan for the worst. If 2020 has proven anything, then it’s that preparing for a worst-case scenario – no matter how unlikely it may seem at the time – is a very sensible course of action.

When it comes to assessing business risk, it is important to consider a number of elements; you need to think about where your company is most vulnerable, what is required for it to be able to operate efficiently, what protective steps can be taken, and what can – and should – be done if it is targeted by cybercriminals, if an act of god takes place, or should some – or all – of your systems fail.

Of course, not all businesses will encounter a situation that requires the deployment of such a worst-case scenario strategy, yet to run a business without having one in place is far from a wise approach. That’s why we’re here to help you develop a six-step recovery plan that can be enacted should you be unfortunate enough to suffer a significant business setback.

So, without further ado, here are the steps you should follow.

1. Keep a robust and up-to-date inventory

The foundation of any reliable and robust recovery plan is to know exactly what software, hardware, equipment and various business essentials are associated with your company. This is not only vital should you need to contact your insurance provider in the wake of, for example, a fire, but will ensure you are fully aware of what apparatus needs to be replaced or fixed so that you can get back up and running as quickly as possible.

2. Have an idea of what can be regarded as an ‘acceptable’ level of recovery

Of course, the ideal situation would be that all software and hardware can be restored to the exact state they were in prior to any incident taking place. In reality, however, this is not always viable. It is vital for you to consider what can be regarded as a practical recovery point objective (RPO) for all of the pieces of software and hardware that your business needs to run effectively. It is also important to consider timings; you have to balance how long your company can be out of operation against how long you are willing to spend on the process of recovery.

This is a job that is both complicated and somewhat speculative. It can be difficult to decide ahead of time what your business can and cannot do without, especially if your business is in the process of growing or your processes are altering in any way, but it is something that must be undertaken nonetheless.

Often it can be helpful to break your business up into tiers; tier one can be those pieces of equipment or software you simply cannot do without and need to be up and running immediately; tier two can be things that are important, but can be left to one side during the initial stages of recovery; and tier three should be areas that are not essential to the day-to-day running, and can be left until last without any fear of the business suffering as a result.

It is important that you assess this on a regular basis – perhaps two or three times a year – because it will often be the case that it will need to be modified slightly over time.

3. Have a communications plan

This is something that can very easily be overlooked given that it is not strictly to do with the actual recovery process, but it is essential that you create a plan that will allow you to communicate with your employees should a disaster occur. You will need to tell them what the plan of action is and how – or if – they can carry out their roles throughout the disaster recovery process. Also, depending on what your business does and how it operates, it may be necessary to communicate with clients, customers and vendors to explain the situation and give them an idea of the next steps.

4. Is there a ‘Plan B’?

If your business requires an operational hub, but your primary location cannot be accessed, is there somewhere else that your employees can go should the worst happen? Are they able to work from home, or is it vital that they go to a specific place? This may be one of the most difficult elements of the entire disaster recovery plan, but it is something you will certainly have to consider ahead of time.

5. Think carefully about sensitive and private data and information

Disaster recovery is not solely about getting your company back up and running, but ensuring that it is done so in a way that protects your overall operation, and doesn’t put any of your customers’ private information at risk. This is a facet of disaster recovery that is liable to be incredibly technical and is, therefore, something to discuss with your chosen data recovery partner rather than to be decided upon alone.

6. Commit to testing

It may seem like a bit of a faff at the time, but you need to ensure that should the worst happen, you are fully aware of the steps to take, how to take them, and what the process is liable to look like. When it comes to disaster recovery, time is most certainly of the essence, and if you are able to do things quickly due to the fact that you have done it all before in the planning stages, your business will suffer less than it perhaps would do otherwise.

Want to know more about the process of data and disaster recovery, have a question you’d like to ask about anything we’ve written here, or simply want to enhance your business’ IT solutions? Get in touch with us today and let’s talk about computers, hardware, software and recovery!