Unpredictability is a fact of life. Any number of disasters including: a power outage, natural disaster, hardware failure, or cyber attack could render your organization inoperable for hours, days, or even weeks. Do you have a step-by-step guide to recovery after a cataclysmic event? The successful completion of a Business Continuity Plan (BCP) or Disaster Recovery Plan (DRP) could determine the degree to which your company is impacted by the event. Here are some steps to consider when creating your BCP or DRP:
Asset Inventory - The first step in creating a disaster recovery plan is to take a comprehensive inventory of what key assets keep your company in business. Start by listing all the assets under IT management, including all servers, storage devices, applications, data (both sensitive and open data), network switches, access points, and network appliances. Then map where each asset is physically located, which network it is on, and identify any dependencies. Be sure to also identify the value of each technology and how it impacts the business flow.
Identify Risks/Threats - Now that you have a good idea of where all your critical data, hardware and other components of your business are, it is important to be open and honest as a team about what threats or risks you face in order to set up adequate protections. Complete a thorough risk assessment that looks at both internal and external threats that range from natural disasters to the more mundane hardware failures. Define how each scenario may impact your systems differently.
Define Your Recovery Solutions - During this step it is important to define the appropriate approach and solution based on the specific asset and how long that recovery may take. For example, in the case of a fire you may need to have a recovery solution that includes finding a secondary business site along with gaining access to your backups in the case of lost data. Solutions can include recovering from tape backup or disk backup, or data replication to an offsite location.
Draft a Recovery Plan - Now that the critical assets, potential threats, recovery time and potential solutions have been identified it is time to draft a detailed recovery plan. Included in your plan should be a well documented process of what to do in each scenario. Assign roles and responsibilities to the key members of the plan since far too often only one member of a business knows the whole picture, leaving a company vulnerable in the moments following a disaster.
Test and Review the Plan - It is important to practice and test a recovery plan. Each time a scenario is played out you will be able to see the holes or vulnerabilities that need reworking.
Does your business need help drafting a disaster recovery plan? Call Spectra Networks at at 978.219.9752, or visit our website at Spectra Networks.]]>