Business is becoming more reliant on technology for its day to day operations. What happens when a disaster strikes? Find out how to build a strong disaster recovery plan in this guest blog from our partners at Matrix.
Every minute holds the potential for an unexpected disaster. The causes range from the simple malfunctioning of software or hardware to major events such as natural calamities or large-scale cyber attacks. The effects vary across industries depending on the type and magnitude of the disruptive occurrence. However, the immediate result is downtime that may last for minutes, hours, days, weeks — or forever.
Beyond its negative impact on company reputation, downtime cost can shake the financial stability of a business. Gartner conservatively estimates the average hourly cost of downtime at $42,000 and the Aberdeen Group at $110,000, but Ponemon Institute boldly assesses it to be a whopping $336,000.
The key to avoiding losses is to be prepared with a disaster recovery (DR) strategy that comprehensively defines all actions to be taken before, during, and after a disaster. It should be documented, tested, and disseminated to all stakeholders. Most importantly, it should ensure orderly recovery and maintain business continuity. Building a plan is not an easy task, but DR managers can take guidance from the following considerations.
Assess the Risks
The creation of a DR plan starts by identifying the causes and effects of unexpected events.
- What could happen?
- When would and how likely is the event to happen?
- How severe will it be?
- What is the expected impact on business?
The planning committee should perform a risk and business impact analysis on a range of possible scenarios, including worst-case situations. Each functional area of the enterprise should be reassessed in order to minimize potential exposures from the loss of data and destruction of equipment and other resources.
Consider the Disaster Recovery Coverage
The coverage of a DR plan will depend on the goals of the enterprise. Data center security is paramount in any DR strategy. Data center resources should be managed appropriately and distributed strategically, making sure that secondary sites are similarly protected and ready for any emergency.
User requirements should also be considered in order to determine how much storage, CPU, and RAM resources are needed to remain operational. Workloads, applications, equipment, and other user resources need to be reviewed and made ready for allocation to users in a DR event. The planning committee must also build a redundant WAN system by having connections to multiple Ethernet service providers, ready to take over in case the primary link fails.
Document the Disaster Recovery Plan
Any good plan comes with documentation. When everything is properly spelled out on paper and distributed to all concerned parties, there is less reason for finger-pointing if something goes wrong. The documented DR plan should encompass all the responsibilities of each person and team, and managers should make sure that they understand their roles. It is also important that the document be periodically updated to include changes in technologies, systems, and facilities within the plan coverage.
Test the System
A plan that is not tested is as bad as having no plan at all. Scheduled mock drills to simulate certain situations are good testing practices. Tests can also be done during off hours or through a mock off-site environment. The test activities should be able to mimic disaster aftermath scenes to assess familiarity with the plan and further improve its effectiveness.