Ask the Expert: Practical Advice for Creating an Effective Data Disaster Recovery Plan
Dear IT Expert,
My accountants are asking me about my IT Disaster Recovery (“DR”) Plan. What are the key elements of an effective DR plan?
Sincerely, Want to be Prepared
Dear Want to be Prepared,
Your business creates and manages volumes of electronic data essential to your operations, and the impact from loss or corruption of this information could be significant. An effective DR plan, often required based on industry standards or as a condition for insurance or a clean financial audit, can help you manage this risk. Your DR plan needs to address, among other matters, backup and restoration of data. Here are a few key items to focus on:
- Make sure your plan includes all the data that needs to be backed up: files, databases, email, and server Active Directory information, for local and cloud based systems.
- Think through how the backups will work. You can backup to another server at your current location, to an offsite location (perhaps a separate location where you also operate your business), to the cloud or any combination of these options. Backups should be stored with at least the same level of security as the original data.
- Decide about the retention of backups. Backups should run nightly, at a minimum, and the retention schedule of backups will determine how far back you can go to restore your data. There is an increased cost the further back you need to go to restore data and the answer regarding retention may vary for different types of information. Data should be backed up as frequently as necessary such that business operations are not unacceptably affected.
- Determine how quickly you need your systems to be up and running – this can be broken down between local, offsite and cloud and can vary for different data/systems, i.e. cloud email up and running in a number of hours and file access available within a day. Again, you will need to weigh your business needs against the cost of being up and running sooner rather than later.
- Clearly define responsibilities and authority of staff and suppliers.
- Periodically confirm that your backups, for all systems being backed up, are indeed working. This is key. In assessing technology systems, we often find that backups aren’t operating in accordance with management’s expectations.
You can download our Disaster Readiness Checklist, which can help you think through devising a DR plan or reviewing your current plan.
Developing and maintaining your IT Disaster Recovery Plan is key to your operations. It serves as insurance for and is, in worst case, a process for responding to an event disruptive to your IT systems, whether through a natural disaster or corruption of data. It should incorporate well-defined, easy to use and repeatable processes for returning to normal operations as quickly as necessary to protect your business. If you have any questions on IT Disaster Readiness or any other technology matters, contact us at 781-235-1490.
Related Insights
Enhancing Security Against Ransomware Threats: Ess...
Nov 12th 2024Read More
Balancing Act: The Vital Role of Culture Fit in Hi...
Nov 4th 2024Read More
“Decoding Interviews: Spotting Key Indicator...
Oct 16th 2024Read More