It is 2008, and I was called by yet another area business with a server failure. Certainly, their backup system was in order; they expected to be able to have their data restored in short order.
Unfortunately, their tapes were corrupt, and no one maintained the systems on a regular basis. Once the repairs were done, it took several months to restore the lost data, as they had to recreate much of it from paper copies and worse yet – memory.
This painfully demonstrates that data loss can be a disastrous and costly event if you do not have a suitable recovery plan and oversee its function. You can lose data through hardware and software failure, viruses, accidental deletion, sabotage, or natural disasters, none of which is predictable, but beyond data loss is the larger picture of business continuity. Servicing your customers or maintaining production without interruption is paramount; just keeping staff working productively when systems are down can be challenging and costly. These are the things that business owners need to keep earning money.
Businesses need a comprehensive disaster recovery plan to maintain operations in the event of a disaster whether that is a failed server or a flood over the weekend. A complete plan addresses all aspects of the business such as staff, facilities, operations, etc. and since technology is part of all these things, often the plan is IT’s responsibility. In general, these four steps are the minimum for developing a disaster plan:
1. Analyze risk (or business impact). Risk analysis is often where business owners are in denial and granted, a hurricane is not going to happen in southeastern Wisconsin, but a sprinkler system can go off accidentally or a fire can happen anywhere. These things can destroy your infrastructure as easily as a natural disaster. Denial of risk can cause you to fail to take any action at all.
2. Define your budget and needs. You may accept that you could have to reconstitute your business completely, but it is financially impractical to keep a warehouse of PCs in case of disaster. suitable compromise may be to see what kind of equipment is in stores that are in the next city or have your current tech provider give you a list of your critical systems and verify they can have comparables shipped to you in an acceptable timeframe. This will not save the cost of a backup system or service, but planning can save upfront costs.
3. Document courses of action (or contingency plans). Every need or risk identified previously needs to have a response to address it and it must be documented. If the servers have to be recreated, what are the exact steps to do that, including who, what, when, where, and how. Things such as where is the hardware, software, and data, how does it get installed, etc. Someone besides the regular person should be able to follow the plan and get your business operational.
4. Monitor and test, test, test. Things change every day in a business; therefore, frequent reviews of the disaster plan need to occur. Then test all the components. Are the resources I list in my plan available on any given day? Do my recovery steps actually still work? Is my data offsite still valid? At the very least, failure to test can create unnecessary delays in the recovery, and at worst, there is no recovery at all, just disaster.
If you do have a disaster, stay calm. If you have a plan, execute the relevant parts. If you don’t, start going through the process. Risk and needs analysis can help you make effective decisions in the aftermath. Also, get professionals involved. They can help you develop an effective and budget friendly plan that shortens your recovery time.
