Disaster Recovery Plan

A disaster recovery plan has two major points. First, when disaster strikes how do I keep my business running? Some reports indicate that a business who primarily attracts and manages customers can only afford roughly a 4 day break in internet access without significantly hampering its ability to continue. Second, after the disaster how do you get things back to normal?

Business can be lost due to a damaged reputation as customers seek to secure their own personal information or an inability to restore critical business operations. Creating, maintaining and implementing a disaster recovery plan will mitigate your losses and allow for a quick recovery.

A disaster recovery plan should include several elements, beginning with disaster preparedness. Make sure your users, network administrators, systems administrators, and/or database administrators are familiar with the disaster recovery plan your business has developed. The next logical step is to assess the damages. Without efficient means to determine what assets have been compromised, mitigating these damages will be nearly impossible. Since loss of critical business data can lead to costly injury, archiving your critical operational data and creating physical onsite backup copies need to be essential components of your disaster recovery plan. However, savvy attackers will attempt to cover evidence of their attack, which could include corruption or loss of onsite backups. Thus the most effective plans will supplement onsite backup with similar data stored at an offsite location. Finally, your disaster recovery plan is a mere hope and dream unless properly tested. Your business likely runs tests for physical emergencies such as fire drills or health emergencies. If you truly understand the cyber threats facing your business you will also invest in the time it takes to test for disasters.