Disaster Recovery is the process an organization uses to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans.
While Disaster Recovery plans, or DRPs, often focus on bridging the gap where data, software, or hardware have been damaged or lost, one cannot forget the vital element of manpower that composes much of any organization. A building fire might predominantly affect vital data storage; whereas an epidemic illness is more likely to have an affect on staffing. Both types of disaster need to be considered when creating a DR Plan.
Thus, organizations should include in their DRPs contingencies for how they will cope with the sudden and/or unexpected loss of key personnel as well as how to recover their data.
Disaster Recovery Plans are generally part of a larger, more extensive practice known as Business Continuity Planning. DR plans should be well practiced so that the key players are familiar with the specific actions they will need to take should a disaster occur.
DR plans must also be adaptable and routinely updated, e.g. if new people, a new branch office, or new hardware or software are added to an organization they should promptly be incorporated into the organization’s disaster recovery plan.
Companies must consider all these facets of their organization as well as update and practice their plan if they want to maximize their recovery after a disaster.
Good planning and management are key for business continuity and disaster recovery success. Disaster recovery and business continuity planning isn’t a one-time event. Good DR/BC requires ongoing management. This section offers information on conducting business impact analyses and risk assessments, how to form an incident response plan, personnel issues and training, DR testing, change management, and BC/DR standards.
Storage and servers
Enterprise operations can grind to a halt without access to data, so it is important to have a strategy in place that allows you to get back up and running quickly following an outage. Advancements in server and storage technologies have streamlined business continuity and disaster recovery in recent years.
WAN optimization can help enable data replication over distance and some of the challenges associated with this approach. The articles in this section are also about designing resilient networks, VPN considerations for DR, dealing with failover/failback issues, protecting voice and data networks, and more.
Protecting against threats
Security is one the important part of Disaster recovery and BC planning. Which includes protecting intellectual property, access control, and encryption.
BC/DR planning considerations for facilities. From protection against natural events to setting up a secondary disaster recovery site or alternative workspace, BC/DR planning for an organization’s facilities encompasses a wide variety of factors. Some factors may apply to many organizations, while others will be business-dependent which includes about emergency power supplies, fire suppression, conducting damage assessments and more.
A good disaster recovery/business continuity (DR/BC) plan is not a deliverable, it is a collection of artifacts that represent the state of things at a point in time within an ongoing carefully managed process. You cannot treat the creation of a DR/BC as a once and done piece of shelfware that is created to satisfy an audit requirement. If you do, both the plan and your job will likely have a short effective life span.
1. A good disaster recovery/business continuity (DR/BC) plan is not an IT plan, it is a business plan that has significant IT components. As discussed above, more and more focus needs to be placed upon data recovery beyond ensuring that programs and processes are returned to operational status.
The plan should be scenario-based and aligned to the likelihood of varying levels and types of risks as specified by documented business impact analyses and business risk assessments..
2. A good disaster recovery/business continuity (DR/BC) plan must include explicitly prioritized goals and performance objectives that can be articulated in both quantitative and qualitative terms. The Department of Homeland Security recommends the following objectives as guidelines:
Protect the health and safety of people (employees, visitors, contractors, etc.).
Minimize product/service disruption.
Protect facilities, physical assets and electronic information.
Protect the organization’s brand, image and reputation.
3. A good disaster recovery/business continuity (DR/BC) plan must include all critical aspects of supply chain as part of the end-to-end process. Having the assembly line up and running is not terribly useful if there aren’t parts available to feed the manufacturing process.
4. A good disaster recovery/business continuity (DR/BC) plan must be an end-to-end plan that usually begins and often ends with a customer or significant stakeholder, not with the execution of a program or update to a database. Just because the system is up and running does not mean that staff can get to work or customers can get to the point of sale, e.g. following a hurricane or blizzard.
5. A good disaster recovery/business continuity (DR/BC) plan must include a robust communications plan to ensure that all appropriate levels of internal management, customers and external stakeholders can be notified as quickly as possible so that their expectations can be effectively managed. Clearly, minimal disruption to key stakeholders should be a major objective of any good plan.
6.A good disaster recovery/business continuity (DR/BC) plan must be regularly tested and tests should include all aspects of end-to-end business processes, IT readiness, facilities readiness and staff readiness.
All phases of each test should be well-documented including those aspects that succeeded as well as those that failed. Post-test results should be discussed by business and IT and discussions should explicitly address areas for improvement.
7. A good disaster recovery/business continuity (DR/BC) plan must include appropriate budget to carry out the necessary testing and plan enhancements that are identified. The establishment of a DR/BC oversight committee and the appointment of a program coordinator are standard practices in most organizations.
8. A good disaster recovery/business continuity (DR/BC) plan must meet regulatory requirements. These baseline requirements will differ by industry and should be thought of as the minimal acceptable plan. In many organizations, meeting regulatory requirements is considered necessary but not sufficient.
9. A good disaster recovery/business continuity (DR/BC) plan must be explicitly covered within documented and officially accepted enterprise standards, policies and procedures.
Documentation regarding all aspects of the plan, testing and implementation, enhancement and on-going maintenance should be made available for review and comment by internal and external auditors and regulators, as appropriate.
© 2017 – 2018, Techrunnr. All rights reserved.