8 tips to improve your disaster recovery strategy
Nearly every modern business is reliant on data and IT infrastructure, meaning that a disaster recovery plan is no longer a nice-to-have but an essential part of running business operations, as much as no one likes to dwell on the prospect of a disaster occurring.
Disasters can cover everything from minor power outages that take a while to recover from, to hardware failures, extreme weather affecting physical data centres, cyber attacks and even non-technological catastrophes such as flooding, fire or theft at your own offices.
Having a disaster recovery strategy won't prevent a disaster happening, but it will significantly reduce and mitigate its effects. A good disaster recovery plan will help get the business back on its feet quickly and with all the applications that are most crucial to productivity.
Download nowSo whether you've got a well-rehearsed disaster recovery strategy in place or are just beginning to pull one together, here are some tips to take it to the next level and ensure a speedy recovery.1- Have full documentationNo one likes paperwork, but fully documenting your disaster recovery plan will make it much easier to get buy-in from senior management, and ensure that key players know what they're doing.A DR strategy document should cover the aims and tactics of the plan, as well as roles and responsibilities - including emergency contact numbers - guidance for the initial incident response, and who is involved at each stage of the plan.Documentation also helps in the eventuality that the person in charge of the DR strategy moves on, as decisions and actions can be traced back and implementation can continue with minimal disruption.2 - Assess the risksAll the best-implemented things in business start with a risk assessment, and disaster recovery is no exception. A good DR strategy will consider all the functional areas of the business, asking what potential threats they face and what IT resources are relied on.A full IT inventory and data audit can help with this task by identifying both critical software applications, and any hardware infrastructure needed to run them.A risk assessment should also consider any issues that might affect external partners and service vendors, especially in cloud environments, which in turn will form the basis of your disaster recovery plan.3 - Drill for disasterHaving an evacuation strategy for your building won't stop a fire happening, but regular fire drills mean that when the alarm goes off, everyone knows what to do and where to be, and will all theoretically get out safely.A disaster recovery strategy needs the same treatment, with regular, periodic testing to ensure each process and system works as it should. Having an effective DR plan in place is the goal, but it's much more reassuring to know that it will be followed, should the worst happen.4 - Prepare for different disaster levelsThere are many different types and scales of disaster, and sometimes just a small disaster can lead to a longer outage if organisations aren't prepared.A good DR strategy will have different levels of response detailed for different levels of disaster, ensuring that smaller problems can get the right teams dealing with them straight away.5 - Consider the cloudYes, disaster recovery as a service (DRaaS) is a thing! Not all cloud-based disaster recovery systems are the same or work the same way; some offer cloud-based backup and recovery, while others use virtualisation to maintain a copy of your servers and applications, while data is replicated from production systems to the virtualised failover systems.Cloud DR has its pros and cons, but as with many cloud-based services, it's accessible to a wide range of businesses without the upfront investment costs of backup and recovery hardware. See related What is cloud-to-cloud backup? How to create a business continuity plan 6 - Prioritise resilienceDisaster recovery is one of the IT services organisations pay for in the hope it never gets used. That's why it's important to make resilience a guiding principle in your IT infrastructure.Ensuring your infrastructure is resilient comes down to a combination of good practice and investment in technologies and services that both support the business, and minimise any risk of failure.The most important principle when aiming for resilience is to avoid having single points of failure. If a key application runs from a single server, and can only run from that server, then that's a potential weak spot.As part of your disaster recovery strategy, assess the resilience of both the hardware and software in your organisation and see if there are any areas for improvement. Failover connectivity, uninterruptible power supplies, backup generators and backup servers can all help reduce the risk of failure.7 - Evaluate security practicesSecurity is a separate topic in itself but is inextricably linked with your disaster recovery strategy. In theory, good security practices will minimise the risk of that DR plan ever having to be enforced.Nonetheless, as part of a comprehensive DR strategy, potential weaknesses in security should be evaluated, and action taken if necessary to strengthen them, as well as a plan for what happens should particular defences be breached.'The IT Pro guide to disaster recovery' shows you how to plan for recovery in case the worst happens, and keep your business data protected.
8 - Revise and revisit
It's tempting to shelve your DR plan once it's all in place. But as quickly as new technologies are adopted, new staff come on board and situations within the business change, so the strategy should be revised.
If a new cloud technology is implemented for example, a disaster recovery plan should be updated with the specific strategy for that particular tool, including how and where the data is being backed up, and how to recover it.