How to Build a Disaster Recovery Plan

The term “disaster recovery” is a bit misleading.

Yes, it refers to your ability to recover from a natural or man-made calamity, but in IT, the term is actually used to describe two things: how you back up your data and applications and the plan you have in place to recover quickly should a disaster occur.

Every business, small or large, needs to have disaster recovery measures in place. Without it you risk:

  • Disrupting your business continuity, which can lead to heavy financial losses and potentially irreparable damage to your company’s reputation
  • Losing data, which not only prohibits you from recovering quickly from an event but risks running afoul of compliance and legal requirements
  • Erasing customer trust and confidence in both your company and its products

So how do you develop and implement a solid disaster recovery plan? While the measures you ultimately put in place will vary depending upon your company’s unique needs, the first — and arguably most important — step is to ensure everything is properly backed up.

dyn_disaster_recovery_plan_banner1.png

Building in redundancies

Most of us now utilize some form of backups in our daily lives. Photos on our phones that also live in the cloud, for example, or tax filings that exist both digitally and in physical copies.

In IT, backups generally have three components: devices, internal infrastructure, and cloud platforms. 

There are devices — laptops, desktops, phones — where specific data folders can be automatically backed up via services, like Microsoft 365 or Dropbox, and applications and settings via other platforms.

Things get a bit more complicated with internal infrastructure like servers, where best IT practices now involve both a physical backup — another server that can quickly be switched on should the primary one fail — and a backup in the cloud.

Lastly, there’s the backup of your information stored in your company’s cloud platforms, and it’s here that companies often run into their biggest challenges. 

Contrary to what you may assume, the cloud is not a vault where you can store your data and applications and then forget about them. The major cloud providers only retain deleted files for 30-120 days, and while this isn’t an issue when things are running smoothly and backups are happening regularly, that’s not always the case.

For example, say a disgruntled employee decides to delete some files on their way out the door. A lot of the time, the damage they’ve intentionally done isn’t discovered until months later, meaning any attempt you make to restore those files from your cloud backup will be a dead end.

Scenarios like this are why it’s important to have a  third-party backup of your cloud data. 

For our clients, we deploy a backup system that automatically duplicates the client’s data from platforms like Microsoft 365 and deposits it into a third-party cloud platform that can’t be accessed by unauthorized employees.

In addition, we always ensure geo redundancy in backups of servers and workstations that are separate from the client’s main cloud. That way, should the major earthquake we’re all expecting to hit the Pacific Northwest actually arrive, the client has a backup in a different region — Arizona, for example — that can be used to restore everything from that region or our own local datacenter.

dyn_disaster_recovery_plan_banner2.png

Making your disaster recovery plan

Once you have your backups buttoned down, it’s time to focus on your actual plan for recovery.

Since there are a wide range of potential cyber disasters — everything from ransomware and targeted hacking to natural events and foreign conflicts — it’s important to develop a plan that is flexible, beginning with:

  • Identifying potential threats and vulnerabilities and evaluating their impact on your organization
  • Determining the critical systems and processes that must be prioritized for recovery
  • Developing a comprehensive disaster recovery strategy that outlines the steps needed to restore operations
  • Allocating the necessary resources, including personnel, technology, and budget to implement the plan
  • Documenting the disaster recovery plan in detail and ensuring that it is accessible and understandable to all stakeholders

Once all of these steps have been completed, it’s time for the implementation stage. This, again, is a process that includes steps like:

  • Educating employees and stakeholders about the disaster recovery plan and their roles and responsibilities
  • Deploying the necessary technology solutions like your backups and cyber security measures
  • Conducting regular tests and simulations to ensure that the plan works as intended and to make any necessary adjustments
  • Consistently monitoring and updating your disaster recovery plan to address new threats and changes in the business environment


Get disaster recovery in place now

The very nature of disasters is that you rarely see them coming. The root of their cause may be known, but actually knowing when one will happen is all but impossible to predict.

Because of this, even those small to mid-sized businesses that lack the time and resources to fully develop and implement a disaster recovery plan need to get started on one ASAP.

That’s where a managed IT services provider can help.

If you need assistance with disaster recovery, or already have plans in place but want to ensure they’ll be effective, schedule some time to talk with us.

dyn_disaster_recovery_plan_cta

 
Kevin Gemeroy

Kevin Gemeroy

Kevin is the Founder and CEO of Dynamic Computing. He’s both a visionary leader and an expert hands on practitioner with years of experience in all things IT. Dynamic Computing makes technology work for top-performing small to mid-sized organizations in the Seattle area. We offer managed IT services, IT consulting and transformations for companies from a few to a few hundred employees. Kevin founded Dynamic Computing in the year 2000 while in attending the Foster School of Business at the University of Washington. As a fourth generation small business owner and entrepreneur, Kevin knew that small to mid-sized companies needed a better solution to help guide and support their use of technology. So he set out to build a company that would look closer to truly understand our clients' businesses and partner with them to guide and support them on their path. Over the past few years, we've focused our energy on growth, change and improvement, scaling our operations and improving our processes with every step. We've managed to triple the size of our team and revenues while consistently ranking among the best in class for industry performance. Kevin was recognized as a 40 under 40 honoree by the Puget Sound Business Journal in 2018 and as Washington State's Mr. Future Business Leader by FBLA in 1998. So what’s next? Well, we're building the premier managed IT services company in the Pacific Northwest and we won’t stop until we get there. We hope you’ll join us on our journey.
View Profile