With the rising number of cyber attacks being reported almost daily, it is wise to have a data recovery plan, in case your website gets targeted by malicious hackers.
Design an effective data recovery plan or DRP, requires proper knowledge and planning. With the guide that I’m about to share, you can have a grasp of what is needed in order to successfully create your contingency plan.
1. Determine your backup plan
Your DRP should first consider what would be required to get your company back on line with a minimum amount of downtime. A good back up plan is essential regardless of your network configuration.
Follow the 3-2-1 rule: Have 3 copies of your data, with copies stored on 2 different types of media, and keep 1 of these copies offsite.
Of course, we’re simply assuming you make regular backups of your systems, apps and all related data. While a vast majority companies are still using on-site system backups, forward-thinking organizations are taking advantage of both cloud-based computing and backups. This allows for web applications to run independently of a physical server and for backups to be scheduled automatically, ensuring access to your data in case of any type of disaster. Even if you lose your entire office and all the equipment in it, your systems will stay online and data will still be intact and ready to deploy as soon as you have your physical site back up and running.
2. Map Out Your DRP
Generally speaking, there are two distinct and separate phases of a DRP:
- Replace: First determine what type of a loss you are facing. Establish what hardware or personnel, if any, might be needed for business continuity. If hardware needs to be replaced or repaired, suppliers will need to be contacted and new equipment put into place.
- Recover: The recovery phase involves getting all the necessary equipment back online and up to speed. This phase might also include data recovery, locating new or additional staff or perhaps finding a new location to house the business.
A good DRP will provide a clear and detailed roadmap that can be followed in any type of event. We recommend addressing the following issues in advance:
- Backup facilities: Are they ready and accessible or are they administrated by a third party?
- Physical office space: Do you have access to other facilities or can your team work from home?
- Personnel: Do you require additional staff? Are there temp or part-time workers you can call in?
- Safety: What must be done to ensure the safety of your workforce?
- IT continuity: Is there a need to replace hardware? Do you have a list of suppliers to call?
- Telecom continuity: Can phone calls, email and other communications be rerouted to continue normal delivery?
The answers to the questions above should be documented and distributed to key personnel with the intention of being put into action in the event of a disaster. With the answers in hand, you will be ready to devise an easy path.
3. Determine how long it is going to take
Each individual step in your plan should be attached to a timeline. In a world where every minute of downtime could cost you a potential customer, it is to your advantage to know approximately how long it’s going to take to get up and running again.
For instance, in the case of a cyber-attack, you may initiate the action to restore your systems to a backup right away, but the time to bring all your systems being back online again may be several hours. Speak to your hosting team to determine what it will take to prepare your systems for restoration and then to restore from the last uncorrupted backup.
By assigning a timeframe to any and all possible occurrences, you’ll be better prepared for even the even the most unexpected of events.
4. Work Together as a Team
The best chance for success with any system or sequence of events is to plan meticulously for it. Staff members must work together to ensure a smooth process. Proper delegation is essential. For example, one team member should be tasked with determining the type of disaster at hand, and with contacting the appropriate individuals with information they will need for next steps. The second team member may deal specifically with site-related issues such as office space and insurance coverage for damages. A third team member puts a damage control process into motion, contacting clients who may have deadlines that will be affected by your disaster and a fourth team member could take care of deferring any financial issues, such as delaying accounts payable or payroll until systems are restored. Your DRP should outline key duties in detail and assign them to specific people so that not a moment is wasted in the process. Each team member should also be aware of who is responsible for other key duties, in case they have to be re-delegated.
5. Be prepared!
Most of us don’t spend a lot of time thinking about the worst-case scenario. Why focus on that (or hire a full IT department) when you have a business to run? If this sounds suspiciously like you, doing business in the cloud should be a consideration, if you’re not already there. Find a scalable plan that can handle your projected growth, and if needed, opting for managed security or server monitoring to see if it’s right for you.