Unfortunately, disasters or business disruptions hit organizations much more often than many managers think. Hurricanes, floods, fires, tornados, earthquakes, and mudslides happen with astounding frequency. That’s not all—human errors, power outages, general mishaps and accidents can also bring business operations to an unexpected halt.
Whatever the disruption, Gartner reports that 40% of small to midsize businesses that can’t get to their data within 24 hours after a crisis eventually close as a result. More specifically yet, the US National Fire Protection Agency found that 43% of companies never resume business after a fire.
Today, many regulatory and industry-mandated best practices require a written disaster recovery (DR) or business continuity (BC) plan. Even in industries unrestricted by regulations, disasters present competitors the opportunity to steal customers. That’s how something as simple as a disaster recovery plan can determine the success or failure of a business. If your organization hopes to survive an operation-halting event, you should have a working, tested, and current DR/BC plan.
It’s not as difficult as you might think—DR/BC involves surprisingly simple and inexpensive technologies. The technology components are well known, widely available, and reasonably priced. Options for small to midsize businesses include:
- Readily available, low-cost, disk-to-disk (D2D) systems and virtual tape libraries (VTL)
- Various cloud-based and managed-service options
- New communication options, such as cellular, Wi-Fi, Blackberry/smartphones, social networks, or shared online space
While the technology is simple, disaster recovery plans do require a suitable amount of preparation and maintenance to be successful. Disaster recovery plans work best when the technology is ready, tested, and up to date. These DR plans are enterprise-wide and include the full commitment and participation of senior management.
When an emergency hits, you need the right people, the right data, in the right places fast. That takes time and preparation. Here is the first of six best practices to help you prepare and maintain an effective disaster recovery plan.
Your organization likely has hundreds of operations in its overall business—but it probably only requires a percentage of those operations to survive a disaster. For a fully developed, robust disaster recovery plan, you’ll want to make sure you get a thorough Business Impact Assessment (BIA).
A well-executed BIA will identify your company’s most critical business functions as they relate to your company’s survival after a crisis. It will identify recovery point objectives (RPO) and recovery time objectives (RTO) for each of your business processes— that is, it will identify which parts of your organization incidents are most likely to affect and how they will affect the company as a whole. You’ll use this information to prioritize your business processes and identify which you consider truly critical.
Finally, the BIA will map the business-critical processes to the underlying IT systems that support them. Then your disaster recovery planning team will use the results of the BIA to design disaster recovery strategies for these processes.
Our next blog post will explore 2 more best practices for disaster recovery. As always, we’d love to hear your thoughts and ideas for best practices, so please comment.
