This post first appeared on Risk Management Monitor. Read the original article.
No matter how well-managed IT infrastructure is, there is always the risk that a tiny hiccup could ultimately turn into a real emergency. Given the increasing reliance on technology tools and access to business-critical data to continue operations, every business should have an effective IT disaster recovery plan in place to minimize disruption when disaster strikes. Risk professionals must consider and plan for this situation with regular testing and run-throughs to ensure that all team members understand the recovery plan and know their responsibilities.
As natural disaster season begins, risk professionals should assess the risks and mitigation strategies in place to minimize disruption and losses. The following tips can help ensure that IT disaster recovery plans are as effective as possible:
Plan in the Risk Management Context
Instead of thinking too much about what a disaster would mean for your company, frame your recovery plan in the context of risks. Start by examining which risks your company faces, and what steps you can take to minimize each one. This will ensure that all teams are fully aware of what the risks are, and how they can make a difference in eliminating potential problems.
Nothing exacerbates a disaster like a communications breakdown, so all good recovery plans should focus on communication. The onset of an IT disaster could impact communication systems, so plan an alternative way of communicating with teams in the event of an emergency. Ensure that all team members know the backup communication method, and that everyone understands who they need to contact to inform them of the situation.
Protect Data Continuity and Backups
Data continuity planning is critical to minimize losses during a crisis. At its essence, data continuity ensures companies have alternative processes and infrastructure in place to allow key IT operations to remain intact, taking into account both hardware and software. A first step is often to invest in failover systems across multiple locations as well as backup generators and power supplies, and ensuring you keep them all in working order.
Data continuity also involves backing up all important data and storing it in a location away from potential disruption. Methods range from server replication to continuous protection (continually backing up data on a separate server). For data back-ups, businesses often choose disk-to-tape or disk-to-cloud models. Either way, the most crucial element of backing up data is knowing what to replicate and what to leave. Archiving everything available can mean greater expense, but being selective can increase the risk of losing information. The rule of thumb is that, as a minimum, any backed-up data should be capable of restarting business operations from scratch.
Define Acceptable Downtime
The amount of downtime that a company can feasibly take varies considerably depending on the company’s size and the products or services it provides. Think about how a disaster could affect your company, then decide on the steps that you’d need to take in different potential scenarios. In most cases, a few minutes of downtime rarely constitutes a total disaster, so focusing on recovery plans that can get systems back up and running as quickly as possible will help keep losses as low as possible. Cloud-based technology can be very helpful in such disaster scenarios since data is off-site and services stay operational even if your physical location is impacted.