Posts

5 Steps to a Stronger Backup Disaster Recovery Plan

Between catastrophic natural events and human error, data loss is a very real threat that no company is immune to. Businesses that experience data disaster, whether it’s due to a mistake or inclement weather, seldom recover from the event that caused the loss.

The saddest thing about the situation is that it’s possible to sidestep disaster completely, specifically when it comes to data loss. You just have to take the time to build out a solid backup disaster recovery (BDR) plan.

Things to consider when developing your BDR plan include: structural frameworks, conducting risk assessments and impact analysis, and creating policies that combine data retention requirements with regulatory and compliance needs.

If you already have a BDR plan in place (as you should), use this checklist to make sure you’ve looked at all the possible angles of a data disaster and are prepared to bounce back without missing a beat. Otherwise, these steps chart out the perfect place to start building a data recovery strategy.

 

1. Customize the Plan

Unfortunately, there’s no universal data recovery plan. As needs will vary per department, it’ll be up to you, and the decision makers on your team, to identify potential weaknesses in your current strategy, and decide on the best game plan for covering all of your bases moving forward.

2. Assign Ownership

Especially in the case of a real emergency, it’s important that everyone on your team know and understand their role within your BDR plan. Discuss the plan with your team, and keep communication open. Don’t wait until the sky turns gray to have this conversation.

3. Conduct Fire Drills

The difference between proactive and reactive plans comes down to consistent checkups. Schedule regular endpoint reviews, alert configuration and backup jobs. Test your plan’s effectiveness with simulated emergency. Find out what works, and what needs improvement, and act accordingly.

4. Centralize Documentation

You’ll appreciate having your offsite storage instructions, vendor contracts, training plans, and other important information in a centralized location. Don’t forget to keep track of frequency and maintenance of endpoint BDR! Which brings us to point 5.

5. Justify ROI

Explore your options. There are many BDR solutions available on the market. Once you’ve identified your business’ unique needs, and assembled a plan of action, do your research to find out what these solutions could do to add even more peace of mind to this effort.

Or, if you’re an employee hoping to get the green light from management to implement BDR at your company, providing documentation with metrics that justify ROI will dramatically increase your likelihood of getting decision-makers on board.

Outside of these 5 components, you should also think about your geographical location and common natural occurrences that happen there. Does it make more sense for you to store your data offsite, or would moving to the cloud yield bigger benefits?

One thing is certain: disaster could strike at any time. Come ready with a plan of action, and powerful tools that will help you avoid missing a beat when your business experiences data loss. At LabTech® by ConnectWise®, we believe in choice, and offer several different BDR solutions that natively integrate to help you mitigate threats and avoid costly mistakes.

This article was provided by our partner Labtech

 

The 10-step guide to a Disaster Recovery plan

Problem: You need a plan for responding to major and minor disasters to let your company restore IT and business operations as quickly as possible.

1. Review Your Backup Strategy

  • Full daily backups of all essential servers and data is recommended.
  • Incremental and differential backups may not be efficient during major disasters, due to search times and hassle
  • If running Microsoft Exchange or SQL servers, consider making hourly backups of transaction logs for more recent restores
  • Store at least one tape off site weekly, and store on-site tapes in a data-approved fireproof safe
  • Have a compatible backup tape drive

2. Make Lots of Lists

  • Document Business Locations
  • Addresses, phone numbers, fax numbers, building management contact information
  • Include a map to the location and surrounding geographic area.
  • Equipment Lists
  • Compile an inventory listing of all network components at each business location. Include: model, manufacturer, description, serial number, and cost
  • Application List
  • Make a list of business critical applications running at each location
  • Include account numbers and any contract agreements
  • Include technical support contact information for major programs
  • Essential Vendor List
  • List of essential vendors, those who are necessary for business operations
  • Establish lines of credit with vendors incase bank funds are no longer readily available after disasters
  • Critical Customer List
  • Compile a list of customers for whom your company provides business critical services
  • Designate someone in the company to handle notifying these customers
  • Draw detailed diagrams for all networks in your organization, including LANs and WANs

3. Diagram Your Network

  • LAN Diagram: Make a diagram that corresponds to the physical layout of the office, as opposed to a logical one
  • Wireless access using Wi-Fi Protected Access security (WPA2) in order to operate in a new location

4. Go Wireless
5. Assign a Disaster Recovery Administrator

  • Assign Primary and Secondary disaster recovery administrators.· Ideally, each admin should live close to the office, and have each other’s contact information. Administrators are responsible for declaring the disaster, defining the disaster level, assessing and documenting damages, and coordinating recovery efforts. When a major disaster strikes, expect confusion, panic, and miscommunication. These uncontrollable forces interrupt efforts to keep the company up and running. By minimizing these challenges through planning with employees, efficiency increases. Assign employees into teams that carry out tasks the Disaster Recovery Administrator needs performed.

6. Assemble Teams

Damage Assessment/Notification Team

  • Collects information about initial status of damaged area, and communicates this to the appropriate members of staff and management
  • Compiles information from all areas of business including: business operations, IT, vendors, and customers

Office Space/Logistics Team

  • Assists in locating temporary office space in the event of a Level Four disaster
  • Responsible for transporting co-workers and equipment to the temporary site and are authorized to contract with moving companies and laborers as necessary

Employee Team

  • Oversees employee issues: staff scheduling, payroll functions, and staff relocation

 

 

Technology Team

  • Orders replacement equipment and restores computer systems.
  • Re-establishes connection to telephone service and internet/VPN connections

Public Relations TeamSafety and Security Team

  • Ensures safety of all employees during the recovery process.
  • Decides who will and who will not have access to any areas in the affected location.

Office Supply Team

7. Create a Disaster Recovery Website

  • A website where employees, vendors, and customers can obtain up-to-date information about the company after a disaster could be vital.· The website should be mirrored and co-hosted at two geographically separate business locations.
  • On the website, the disaster recovery team should post damage assessments for business locations, each location’s operational status, and when and where employees should report for work.
  • The site should allow for timestamped-messages to be posted by disaster recovery administrators. SSL certificates should be assigned to the website’s non-public pages.

8. Test Your Recovery Plan

  • Most IT professionals face level one or level two disasters regularly, and can quickly respond to such events. Level three and four disasters require a bit more effort. To respond to these more serious disasters, your disaster plan should be carefully organized.· Plan to assign whatever resources you do have control over in such situations. Test the plan after revisions, and discuss what worked and what didn’t.

9. Develop a Hacking Recovery Plan

  • Hacks attacks fall under the scope of disaster recovery plans.
  • Disconnect external lines. If you suspect that a hacker has compromised your network, disconnect any external WAN lines coming into the network. If the attack came from the Internet, taking down external lines will make it harder for the hacker to further compromise any machines and with luck prevent the hacker from compromising remote systems.
  • Perform a wireless sweep. Wireless networking makes it relatively simple for a hacker to set up a rogue Access Point (AP) and perform hacks from the parking lot. You can use a wireless sniffer perform a wireless sweep and locate APs in your immediate area.

10. Make the DRP a Living Document

  • · Review your disaster recovery plans at least once a year. If your company network changes frequently, you should probably create a semi-annual review. It’s best to know that an out-of-date disaster plan is almost as useless as having none.
  • WAN Diagram: Include all WAN locations and include IP addresses, model, serial numbers, and firmware revision of firewalls