Practical Disaster Recovery Plans for Small Business

Practical Disaster Recovery Plans for Small Business IND CORPYour IT system is the linchpin of your business. Any disruption can affect your day-to-day operations or bring your business to a standstill—but how do you ensure your network and data will rebound and recover quickly enough to minimize your financial losses? A practical, proactive disaster recovery (DR) plan.

A disaster recovery plan is a set of policies and procedures designed to identify, protect and repair your IT infrastructure and systems before, during and after a disaster. This is an essential component of your overall business strategy. Without it, your business, employees, shareholders, and your customers are at risk of substantial financial losses.

Typically, IT disruptions are not caused by a single natural or manmade cataclysmic event. According to a 2014 report from research firm Forrester, Inc., most are the result of operational issues like power outages (43%), hardware failure (31%) and human error (13%). Theft, computer hacking and malware, fire, extreme weather conditions, drastic calamities (earthquakes, floods, explosions, etc.), and violent crime or terrorism all fall into the remaining percentage.

The main focus of your DR plan is to keep your IT system operational and protected to minimize or prevent significant loss of data from crippling business disruptions. A strong disaster recovery plan should also help you get back online and operational quickly.

Four Critical Components of your Disaster Recovery Plan

Careful planning is the key to developing a powerful and detailed DR plan. A strong plan is proactive, includes maintaining vital communications with staff, customers, vendors, and other relevant parties, and is designed to safeguard and restore your important business records and IT systems.

Step one in this collaborative process is to conduct a risk assessment and analysis to identify those areas within your IT infrastructure (including all business applications) that are most critical and costly to replace. These include:

  1. Personnel. Identify the people who will drive your disaster recovery plan, including internal stakeholders (management, manufacturing, sales, IT, support staff, etc.) and external stakeholders (clients, IT service providers, utility companies, other vendors). Provide critical DR skills training for at least one primary and one back-up employee for each needed skill set.
  2. Alternate locations. Determine alternative work sites in case of emergency: another company office, third-party locations, employees’ homes, etc.
  3. Identify critical IT systems. Identify your business systems that are critical to the daily operation of your business, and back them up on a regular basis to ensure a strong, dependable layer of protection. We cannot stress the importance of system backups enough, as noted in a post last year. Depending on the size and requirements of your business, utilize fail-safe redundancy with an on-premise back-up server as well as an off-site Cloud server to safeguard your digital assets. The back-up server at your office takes images of your production servers throughout the day, including the entire operating system, software and files. Critical data is encrypted and backed up automatically.
  4. Your recovery objectives. Establish your business’ recovery point objectives (RPO) and recovery time objectives (RTO) to determine how long you can operate without specific applications. Your RPO determines how much data your business can afford to lose and how frequently you should back up your IT system. Your RTO helps you identify your tolerance for the duration of an IT outage and amount of data replication (via Cloud, disk or tape back-up). If your tolerance is zero, install a completely redundant IT infrastructure with replicated data either at an offsite location or in the Cloud. If your RTO for an operation is 48 to 72 hours, a data-level Cloud-based backup may be acceptable.

How To Implement Your Disaster Recovery Plan

Write it down. To be consistently effective and reliable, your business’ DR plan should be written and shared with all relevant stakeholders. Your plan must be detailed and presented in clear, declarative language. Organize it logically, with the most critical and costly to replace elements identified along with strategies to address loss prevention, response and recovery. Don’t take chances—deliver your plan to all relevant departments and individuals, and post it online.
Test your plan. According to a report by the Gartner Group, 77% of companies are not confident that their disaster recovery plan will work. Best practices call for an annual drill with all relevant stakeholders on procedures to ensure important preparation for potential disaster events. You can take it a step further by earmarking a day that your employees all work from home or another offsite location and apply the back-up DR procedures they would employ during a real emergency.
Move to the Cloud. Utilize an IT service provider that offers Cloud-based storage for your data and IT infrastructure; this ensures the retention and safety of your IT system in the event of a disaster. This solution offers many advantages, chief of which is the efficacy of your business’ digital assets and a vastly improved post-disaster success rate.

More and more organizations — three times more than just three years ago (Forrester Inc.) — are turning to Cloud-based systems to protect their IT data and systems—proactively, before costly business disruptions occur.

IND Corporation provides affordable, turn-key Cloud back-up and disaster recovery solutions for small and mid-size businesses in NJ. All data and images from your servers are backed up to two bicoastal Cloud data centers each night or at agreed upon intervals. In the event that one or all of your on-site servers are in jeopardy or unavailable, we can virtualize (start and run) your servers in the Cloud, dramatically reducing downtime compared to traditional back-up systems. Contact us at 973-227-5020 to discuss your IT support needs.