We don’t have to talk about all the consequences of failing to plan for a disaster effecting your IT infrastructure. You’ve likely read some of the stories of lost data, fried servers and businesses that never recover and eventually fail.
The fact that you are even reading this means you are already convinced that a disaster recovery (DR) plan is vital. So let’s explain more of the details.
Hot or not
Our first question to all clients is: what’s your tolerance for your servers or network being down? In other words, if you don’t have the network, what happens to your organization?
For organizations like those in manufacturing and healthcare, network downtime is a real emergency. Everything will come to a halt. These organizations by definition have a hot server environment, meaning they need to have hot, "active", running servers all the time. In organizations that use a manual process as a fall back to get work accomplished, then your disaster recovery plan may not need to be as rigid.
Look at everything
If your organization requires a hot server environment, we'll first assess each piece of your network hardware, starting with the servers. We check connections, controllers, routers, firewalls and even generators. It's important to build in redundancy, so if one part of the network fails, there is a backup that will take its place and keep things running.
If you don’t have a Storage Area Network (SAN), it's important to consider adding one to your infrastructure. It will also be important to virtualize servers so no matter what happens, your data will be accessible and retrievable.
Update the plan
Once a plan is implemented, you should determine how often the plan needs to be updated. In turn, the update schedule will be dictated by how frequently the organization changes business processes, software applications and network configurations. More change = more updates.
Annual disaster scenario
Even if your plan doesn’t change too much, I recommend an annual disaster recovery scenario planning session. Gather all the key IT players and talk through all kinds of disasters - fires, floods, lighting, failing transformers, accidents, etc. This annual discussion can save your organization a ton of money and lost productivity if one of these disasters strikes.
There are threats you can’t anticipate but there are others that can be actively managed because they are so common. Many companies forget that data loss, or data theft/destruction by a disgruntled employee, is also a disaster that should be prepared for.
Another threat we've been seeing more recently is a CryptoLocker virus. It gets into a system and encrypts any file it can access, making the data unreadable. Reliable backups can usually restore these system quickly, but there is still some risk of time and data loss for the organization.
Disaster recovery plans can take some time to develop, but when something happens and you are ready for it, your upfront preparation will pay off.