A disaster is classified in two broad groupings:
- Natural Disasters – Floods, tornadoes, earthquakes, fires, and hurricanes
- Man-made Disasters – Failed changes to systems, infrastructure damage, hardware failure, file deletion etc.
10.1 What is Disaster Recovery?
Disaster recovery, or disaster recovery plans, involve a specific set of procedures and policies that are put in place to enable the continuation of vital business processes after a natural or man-made disaster. Disaster recovery plans tend to focus on the restoration of IT and technology systems that support critical business function.
10.2 Benefits of having a Disaster Recovery Plan
As previously mentioned, internal IT systems have become an integral part of business functionality and profitability. It is therefore vital to have a strong plan in place in case of disaster and files or systems need to be recovered. Disaster recovery plans can be configured to run automatic failover procedures, meaning that if one data storage structure fails, systems divert to an alternative framework.
If specific systems and procedures fail, such as the system that logs calls for a taxi company, then no disaster recovery plan in place could mean complete closure of a firm.
10.3 Disadvantages of having a Disaster Recovery Plan
The main disadvantages of having a disaster recovery plan, does not lie within the concept itself, but in the improper planning, testing, and management of a disaster recovery procedure.
In-depth planning is key to begin with. If a business has ideas for what to do in case of disaster, it is best to get this written in detail and known by key members of staff.
Secondly, it is crucial to test the processes written in place. They may look good on paper, but if failover diversions and backups do not actually work, this could be detrimental to regaining normal business functions.
Lastly, the proper organisation and management of a disaster recovery plan is the most important step; who will manage each step of the process?
10.4 What Systems need Protection
There are many types of files and data that could be deemed worthy of protection in times of disaster:
- Files and Documents – Word, Excel, PowerPoint, Adobe PDF files etc.
- Photographs and videos – Business videos and photographs, perhaps done by a hired professional.
- Emails – There are vast amounts of important internal and external communications in email.
- Financial records – To keep a business’ books and records up-to-date.
- Customer, client, and supplier details – Contact information, the specific needs of customer and clients, and past supplier order details are all important to have readily available.
Although protecting the above types of data is the typical go-to for most organisations, it is often more wise to protect the actual systems that hold the data as well – the servers. Servers come in a variety of forms:
- Application Server – Hosts applications within a web browser, typically requires an internet connection.
- Communications Servers – Maintains an endpoint-to-endpoint communications environment.
- Computing Server – A standard server that shares vast amounts of resources across a network.
- Database Server – Shares any type of database over a network accessed via the internet.
- File Server – Essentially storage space, file servers hold shared pools of folders and files.
- Game Server – Allows several computers or devices to connect simultaneously to play multiplayer games.
- Mail Server – Maintains an email communication environment, allows people to send emails to the server, which are then sent from the server to the endpoint device.
- Media Server – Allows for media streaming as digital video and audio files are accessed through a network.
- Print Server – A print server allows for multiple devices to connect to the machine without the need to be physically connected.
- Proxy Server – Proxy servers act as a halfway house between endpoint users. They are used to control content, filter data, and prevent unauthorised access to a network.
Systems can be backed up on or off-site. For more information please refer to section 9.
Cloud Hosted Disaster Recovery
Cloud hosted disaster recovery is a specific security model of backup and restoration that stores and maintains copies of electronic data in a cloud computing setting.
Contact us Contact us for all your office’s IT needs
10.5 Things to Consider when Choosing a Disaster Recovery Provider
Depending on the size and technicalities of the plan a business needs, it may be wise to implement an all-in-one plan. All-in-one solutions tend to include automatic failover and various storage mediums, but it may also be more efficient for a business to look at a plan that stores locally. These plans provide tiered levels of protection, for example, should important files be lost locally, then on-site storage would kick-in, and if on-site storage is compromised then off-site storage would save the files from being permanently lost. It is therefore imperative for businesses to choose a provider that can implement tiered disaster recovery plans.
Recovery Time Objectives
When choosing a provider, businesses should bear their recovery time objectives in mind. A recovery time objective is the maximum amount of time deemed acceptable by a business’ decision makers for that business’ functions to be offline. When selecting a disaster recovery service provider, it is important to get them to set out a plan and give their estimated downtime, being sure to measure it against recovery time objectives. Other more general questions that will give you an idea of how long the provider will take are how many companies they support, and what happens if multiple companies report disasters at the same time?
It is also important to look at how many times potential providers test disaster recovery procedures, and whether they keep the plan up-to-date and in line with business growth. As previously mentioned, improper testing, or not testing at all can lead to the permanent loss of data, so annual testing is a must.
Checking to see if the provider’s staff are qualified to give the necessary support is key. Look for an ISO certified data centre, this shows that the centre is adhering to industry standards.
For more information on the types of certifications to look out for in technical staff, please see section 7.5
Lastly, checking to see if the provider can support a business’ systems is important. A company may use various operating systems, email software, virtual and physical storage environments, different types of database and management software, does the provider have the technical and academic competence to support the business?
10.6 Disaster Recovery for Small Business
It is crucial for small businesses to have a disaster recovery strategy, as being offline for an indefinite amount of time could be detrimental to business progress. When small businesses look to create a disaster recovery plan, they are often much simpler than if they were to be implemented in a large business. Nevertheless, they are still time consuming and because of limited resources and knowledge, it may be cost inefficient. Resources may be better spent outsourcing disaster recovery at a fixed cost.
10.7 Disaster Recovery for Large Business
With large businesses, it is important to consider the sheer number of files that have to be recovered, and whether the provider would be able to cope with volume. If a disaster recovery provider takes a long time to recover a large business’ files, this could have serious repercussions in the media and negatively impact a company’s reputation, that may well have taken years or decades to build. Therefore, having a disaster recovery plan can protect a brand, and keep a customer base entirely intact.
Contact us for all your office’s IT