Businesses of all shapes and sizes need to insulate themselves from disaster. Whether that is using a unified communications solution to work from a coffee shop while the power is out or a full disaster recovery plan with data backups and a fall back location, the intent is the same. To enable a business to continue to deliver productivity and uninterrupted service during an outage. This article will guide you straight to a successful IT disaster recovery plan.
It doesn’t matter what you do or how large or small your business is, you need some kind of plan to handle external factors. Whether it’s a burst pipe, power cut, hack or DDoS attack or something else, you need to know what to do, where to go and how to handle such a situation. That’s where Disaster Recover (DR) planning comes in.
A DR plan can be as simple as having a laptop, tethered phone and Office 365 . It could be as complicated as full data recovery, backup call centre, server recovery plan and transport to get you to your backup office. It all depends on your size, scope and budget. What both of those situations have in common is the disaster recovery plan itself.
What makes an effective IT disaster recovery plan?
Not all disaster recovery plans are created equal and neither should they be. A good IT disaster recovery plan should be tailored to your exact needs and contain only those elements that you really cannot work without while the situation is ongoing. Anything more and you’re wasting resources. Anything less and your productivity or customer service will suffer.
Here are what I think are essential ingredients of a successful IT disaster recovery plan.
Risk assessment
In most organisations a risk assessment is greeted with either a groan and rolled eyes or worse. When used correctly they are an essential instrument of business strategy and nowhere more so than DR planning. To know how to handle a situation, you must first know the risk it presents.
What business functions cannot be interrupted? What can you do without for a while? How much downtime can you tolerate before customers are affected? How many staff will you need to cater for? Can you work from home or will you need an alternate location? Do you need to factor in data recovery? Server recovery? Or can you work from the cloud? Those are just a few elements that need to be included in your risk assessment.
Disaster recovery planning
Once you know the risks, you can begin devising the solutions. Stakeholders should begin planning as soon as possible and take into account that initial risk analysis along with any impact analysis you carry out. You can then begin putting together dependencies, interoperability and hardware matrixes, floor plans, utility documentation, IT security requirements, configuration profiles and the supporting documentation to make sense of everything.
Depending on the size of your organisation, the IT disaster recovery plan can be a folder with everything in it or an entire dedicated DR platform. As long as you have some kind of plan in place that enables a seamless transition between BAU and DR, you’re on the right track.
People planning
Too often we see DR plans that cover servers, computers, networks and security in minute detail only to omit the most important resource the company has. It’s people. DR planning isn’t just about the stuff, it’s about staff too. If they don’t know where to go and what to do, even the best plan in the world is doomed to failure.
Everyone, from the cleaner to the CEO needs to know where to go and what to do in a DR situation.
Allocating responsibilities is an essential ingredient of disaster recovery planning. If there are just a few of you, that should be simple. If there are several hundred, it gets a little more complicated. If it helps, create DR teams with specific responsibilities. Allocate supporting tasks to non-essential personnel that enable customer facing staff to work uninterrupted. Then have secondary contacts should primaries be out of action for any reason. Making that list accessible to everyone and ensuring everyone knows and can perform their responsibilities comes next.
Inventory and rationalisation
A good disaster recovery plan will include an inventory of the equipment you have and the minimum equipment you need in a DR situation. It should include compatibility, interoperability, any specific dependencies, data storage, security, monitoring and network requirements.
Now would be a good time to look at legacy systems and software and consider upgrading them. Cloud solutions should also be investigated to see if they can deliver data storage, flexibility or usability your business could benefit from. For example, switching from legacy Office installs on each computer to Office 365 ensures you can remain productive wherever you might be. Unified communications does the same for inbound call handling and customer contact without having to make any changes during a DR situation.
Communication
Organisation is usually the first casualty of any disaster. Once our daily routine is disrupted, it can take a while to calm down and remember that we have a job to do. That’s where a robust communications plan comes into its own. Not only do you need to communicate with customers and possibly suppliers or vendors, you also need to coordinate with your DR teams or staff members so they know what to do.
This is where unified communications comes into its own. It doesn’t matter if your phones are down or servers are offline. You can still be contactable through voice, email or SMS. You can still access cloud storage for the DR plan and can still be an effective member of staff. All from a mobile phone or laptop.
Testing
This final element of disaster recovery planning is arguably the most important. As any military commander will tell you, no plan survives the first few seconds of execution. An IT disaster recovery plan will be no different. It is important to test your DR plan regularly and refine it as much as necessary to deliver what you need.
If you don’t test, your plan has already failed. There may be an issue delivering services to your backup location, the coffee shop you were planning to use may no longer have Wi-Fi, the mobile coverage in your home may not be strong enough for 4G. There could be any number of unforeseen issues that only a full and thorough test will show.
DR testing will also test your staff and how they react to a situation. The human element must never be overlooked in any sort of planning. Especially when you are asking them to perform in changing or different circumstances.
Effective disaster recovery planning is time consuming, resource intensive and complicated. Yet regardless of the size of your business, you need to do it. If you need a little help managing everything, Excalibur can help. We have the training and experience to help you through the good times and bad. Call our team to see how we can help.
