A Disaster Recovery Plan is a vital tool in ensuring business continuity. A DRP is the documentation that helps managers and technicians deal with any disaster that can affect a business – a concern if you have a Website or any business files.

(image from iosphere on FreeDigitalPhotos.net)

Why prevent risks?

It’s a familiar story: A person has the best vacation of his life. When he pulls out his computer to show you the photos, his heart sinks – the photos are gone, and he did not make a backup. Data can be lost for a number of reasons:

  • Server or hard-drive crash
  • Hijacking or virus
  • Fire
  • Burglary
  • Earthquake
  • Losing critical skills
  • Terrorist act, like the attack on the World Trade Center in 2001

 

The same thing could happen to a business. However, instead of losing a digital memory of a good time spent on the beach, a business could lose valuable files and suffer financial harm. A DRP could help a business rise from the ashes.

 

Interestingly, 90 percent of businesses without a DRP do not survive a disaster.

 

What to consider:

Three factors are worth considering when evaluating how a disaster could affect your business:

  • the impact of down time;
  • the impact of lost data; and
  • the impact on your business’ reputation.

 

Think about these questions:

  • How much down time can your business afford?
  • Is there a risk of losing relevant or confidential data?
  • If the media reports on your losses, how would it affect your business?
  • Will customers continue to trust you?

 

Regarding your business, double-check your backup solution; procedure to rebuild your business or IT infrastructure; and depending on your company, any other things that could affect your business recovery.

 

What to do? Well-defined infrastructure documentation is essential to a DRP. How would you manage if something appends to your CTO? Could someone else, even outside of your company, take back control of your IT? As CEO, do you have access to infrastructure passwords? Are you able to decrypt data without your CTO?

 

For business security, your should consider immediately ordering: a detailed technical documentation about how your IT architecture works; and a Disaster Recovery Plan that includes a detective process and corrective and rebuild procedures.

 

Even if you have a great CTO, it’s good to have an external review of your IT infrastructure and someone able to check that the documentation is understandable by even someone outside of your company.

 

What about you?

Have you experienced a business disaster?

How did you deal with it?