Disaster recovery is a topic that I just could keep writing about over and over again. Often times we think that we are indestructible and being part of a disastrous situation won’t happen to us. Disaster recovery is a broad topic and I won’t focus on all aspects of it in this article but I will highlight some of the key points that you need to focus on to make sure you are properly prepared.
The first thing in disaster recovery is backups. Your data has to be backed up and protected off-site. Without this step, all the subsequent steps will be fruitless since you will have no data to work off of.
In the early days of data protection it was sufficient enough to have your data backups sitting right next to your server or in a safe located on-site. This is no longer the case. The data must reside outside of the organization and preferably in the cloud.
The best way to achieve this is to use a business continuity device. With a business continuity device your data is backed up to the device and then it’s automatically pushed to the cloud. This ensures that you have both a local copy and cloud copy of your data.
The next step is to designate at least two point people. The purpose of this role is when disaster strikes the people in your organization need to know who to contact. These designated people will have contact information for all the pertinent vendors and will also be able to instruct others on what the next steps in your protocol will be.
Bringing up protocol brings us to the next step. Make sure that you have a written protocol plan. You need to know where you will tell people to go. Do you have a second location? Do employees stay at home and await further instructions? You should document everything that will need to take place if such an event occurs.
Most disaster situations take place when there is a physical issue at your location where your data is kept and stored. Whether it be a power outage, flooding, hurricane, tornado or some other natural disaster these all fit the bill. This is not to say that other situations can’t fit the bill such as human error, a ransomware attack or a successful hack.
Protect your data, have designated people ready for action, and have a fully documented process in place. Communication is your friend and you need to make sure that you can properly disseminate information with those in your organization during a time of crisis.