How to Build Your Business’ Disaster Recovery Plan (DRP)

Have you or your business ever experienced irretrievable data loss? If so, you know how detrimental it can be to your productivity and even the future of your business. How can you avoid this? Create, maintain, and internally circulate a Disaster Recovery Plan (DRP) before potential data loss happens. The information below will educate you on writing an effective DRP which can potentially save your business from catastrophic loses.

A DRP is essential to any organization to ensure business continuity. It should be a well-written, comprehensive document that explains the necessary actions to be taken in case a disaster occurrs. A good DRP should include test procedures that can be followed in order to maintain these operations. Here are some common questions that your DRP should answer:

  • Who are the key contacts and what are their roles?
  • What services need to be enabled first?
  • What time tables should be set for restoration?

The answers to these questions should be easily found in the DRP so there is no question of what the course of action is in a disaster scenario.

The format for a disaster plan can vary. It can be brief, outlining the basic essential actions to be taken or it can be extensive, covering each specific department’s role within the organization, during each particular disaster scenario. Of course, the more comprehensive the plan, the more prepared and proficient your business will be when encountering a disaster situation.

A Complete DRP Should Include:

  • The physical, written plan. This is the bible of the recovery operation for an organization. It should be followed closely in order to achieve a successful recovery. From one server down, to the whole organization, the disaster recovery written plan must outline exactly what is to be done and how to do it. For example, when the production environment goes down, is functionality available for local virtualization or will recovery need to be focused on an off-site base? Will only essential servers need to be up and running, or does everything need to be reinstated? Does the environment need to be brought up from an unexpected power outage that will last for maybe a half hour to an hour during a short duration? Who makes the decision and what base criteria is being compared?
  • Software disks like Windows, and any other programs that require an installation, should be readily available. If this were for a virtualization, it would be important to an approximate time of usage, in order to plan the recovery back to the physical production environment.
  • A common first instinct in a disaster scenario is to call Tech Support. Contacting Tech Support is only one of the first things you should do, however you need to clarify the objective of this recovery. Major companies such as HP use the terms Recovery Time Objective (RTO), which is usually between 1 to 6 hours and Recovery Point Objective (RPO), which clarifies your immediate and future goal. Tech Support is a helpful tool, however they can only assist you as far as you are prepared to go.
  • Make sure to keep local backups and off-site backups as up-to-date as possible. They will constantly provide a wide variety of points to restore from, and will also keep an organization running with little to no lag of possible data corruption to keep your RPO in a reliable state.
  • Stay calm. Restoring from a disaster is not easy, and adding extra levels of stress will not help. Plan for a longer down time then you would normally expect, it allows room for unexpected problems to get resolved.

Do not let yourself be caught without a plan for each possible disaster scenario. What do you do if your hard drives or server fails? Or a fire destroys the local on site BDR device? The risks are endless and while it's unlikely that you'll experience every type of disaster, use your best judgment based on things like your geographic location and individual business circumstances. By creating a comprehensive written plan, accounting for installed software, utilizing but not relying on Tech Support, frequently backing up, and staying calm are ways to ensure a successful data restoration process.

It's a good idea to also have a contingency plan.

Leave a comment!

You must be logged in to post a comment.

Email is the primary avenue of attack for most cybercriminals, who use it to target individuals and businesses with phishing scams, ransomware attacks, and other cyberthreats. Learn how email security maintains the integrity of your emails, accounts, and data.Get a FREE copy now!

a 12 Minute Call