With a single typo, an Amazon Web Services employee caused parts of the internet to stop working. Widely used workplace collaboration tools Slack and Trello lost functionality in the middle of the business day. Other websites, including Netflix, Spotify and Airbnb, slowed to a crawl. Service was eventually restored, but the damage was done.
The lesson of this story? It doesn’t take terrorism, malware, massive hardware breakdowns or a natural disaster to bring down your business. Sometimes an errant keystroke can put all your operations on hold. That’s why it’s more crucial than ever to develop, implement and frequently test an information technology disaster recovery plan (IT DRP).
Here’s how to get started.
Integrate IT DRP Into Your Larger Recovery Plan
Information technology plays a significant role in your organization, but it’s one of many things to consider in disaster recovery. If there is a natural disaster, can your employees return to work — and where will they work from? Who oversees decision making if managers or executives can’t be reached? What operations need to be brought online immediately, and what can wait?
Making your IT DRP part of the organization’s larger disaster recovery plan will help you prioritize the sequence of recovery events and create a clear chain of command. Coordination will be essential, as your resources will be stretched to the limit following a disaster.
Know What You’re Working With
Before disaster strikes, you need to know what you own and how all the pieces fit together. That requires taking inventory of all your hardware, software and data. For a small company, an Excel worksheet might suffice. For larger organizations, consider IT asset management software.
Consider the Cloud Advantage
Many companies have moved away from desktop-based applications in favor of cloud-based applications. Saving files to Dropbox, OneDrive, Office 365 and Google Drive is increasingly common. Some of the most popular enterprise software, such as Salesforce, works entirely on the cloud. Applications that once needed hosting on company-owned equipment can are now run in the cloud.
Cloud-based services are generally reliable. Both Amazon Web Services and Microsoft Azure have guarantees of 99.95 percent uptime each month. But remember, there’s always a possibility that something can go wrong with the cloud provider, as happened with Amazon.
Back it Up
What happens to your data that’s not in the cloud? If it’s all stored in one location, it might disappear if the equipment is stolen, malfunctions or is destroyed. Your IT DRP should call for off-site storage of backup data, as well as software that automates the backup process. Depending on the needs of your company and the importance of the data, backups can be made hourly, daily or weekly.
It’s important to keep a copy of these backup materials off site — in fact, as far away as from your company as possible. If a destructive hurricane wreaks havoc across Florida, you’ll feel better knowing that recent backups are stored in another part of the country.
Since your company has a lot of data, be sure to prioritize which data is most critical. This data should have the most frequent backups and be first in line for restoration as you recover from a disaster.
Test and Improve
Don’t wait until a disaster to see if your IT DRP works. Fire drills test preparedness long before a fire occurs, and similarly IT DRP drills can help you evaluate your policies, procedures and readiness to respond.
The testing period is the right time to determine what improvements need to be made to the IT DRP process. Are there things slowing down recovery? Are there communications challenges? Do people know their assigned roles? It’s especially important to revise your IT DRP frequently, as company structures can change rapidly and new technologies are always being adopted. You might find that annual testing is adequate, but some companies might feel more comfortable with a faster pace.
The biggest mistake you can make with IT DRP is to ignore it because you don’t think anything will happen to your organization. It’s also dangerous to postpone planning because everyone is busy and the task seems too large. Make IT DRP part of your mindset about the IT function in general, and make sure to dedicate the time and resources you need to design, implement and test a plan that will meet your needs, no matter what challenges arise.
