You know that you need to see a doctor for your health check-ups. You also know that data is the heart of your business, so why is it that your business doesn’t conduct regular Disaster Recovery health checks?
Just as a health check-up can warn you of any health problems, your Disaster Recovery Plan also needs a review to make sure you are prepared in the event that a disaster occurs.
How often should IT perform a health check on a DR Plan?
To ensure business continuity, it should be conducted at least twice a year or more frequently if there has been a significant change to your infrastructure or systems. Many companies create a detailed disaster recovery plan, put it away and don’t take the time to actually test it.
It’s understandable that businesses are stretched for time and would often much rather spend time on whatever it is that they do best; running their business. At Correct, we always emphasise that data security and data recovery is a crucial aspect of running a successful business. A business that doesn’t check their data recovery plan will most likely get caught off-guard if a data loss occurs. If they have never checked or tested their disaster recovery plan, it’s possible that there could be gaps where their data backup is compromised.
A typical example of data loss occurring is where a business assumes that they need to backup their data on a 3 hourly interval. While a 3-hour backup timeframe could be effective for most departments of that business, it’s possible that some departments of the business have more frequently changing data and require an hourly data recover point. Yet, without testing the plan, these gaps are not likely to be found.
Just like untreated medical conditions, unplanned disasters can be very detrimental to the health of your business.
Often businesses begin taking data recovery seriously after they have suffered from a disaster that resulted in data loss, whether it’s a ransomware attack or a flood or theft. Usually, the first question businesses ask after they’ve experienced a disaster is “How could we have been better prepared?”
If you haven’t tested your Disaster Recovery Plan before. Now might be the time to consult with your IT advisor and start testing:
To help you start the process, ask yourself these questions
How important is the data on your systems? Being able to determine how important your data is to your overall business will help you decide how frequently you should back up. For critical data, you may need a more frequent backup whereas for regular files you may not need as frequent backups.
Is your DR plan current? How long ago did you prepare your disaster recovery plan? Perhaps the plan was accurate for the date that it was written, but things may have changed since then. You may have purchased new hardware or software or implemented new systems and procedures.
Is the information in your plan complete? Testing your disaster recovery plan is just as important as creating the plan in the first place. By testing the plan, you’ll be able to inform and educate staff on how to access the document and be comfortable following its’ plan.
You should check all the information in your DR plan to ensure that it will be useful when you need it. Are all the phone numbers current? Have there been changes to staff numbers? How do you access your offsite data? Are the stated Recovery Point and Recovery Time objectives still valid?
Do all staff have access to the DR Plan?
The completed DR Plan needs to be distributed to relevant staff. It’s important that people know where the DR plan is located and how to access it in the event that it’s required. If the DR plan was created by your IT advisor, then have they allocated a specific contact person within your organisation who will cooperate with the IT provider in the event of a disaster?
Does your company have a comprehensive Disaster Recovery Plan that would allow your business to function in the event of a disaster? Now that you have a starting point to begin reviewing your DR plan, we can help you assess your plan and test it.