How to Improve Your Disaster Recovery Response
Storm Emma was a wake-up call on just how integral Disaster Recovery has become for many enterprises.
Many Disaster Recovery plans were tested by the impact of the storm; some crumbled under the gale because of power failures, flooding and structural damage, resulting in business critical IT system failures. We know that a loss of data can jeopardise the existence of any enterprise, but an extended systems failure can severely affect the bottom line. So, it’s critical for all enterprises to have robust Disaster Recovery plans that are regularly tested.
What can you put in place, from an IT infrastructure perspective that delivers the required recovery time and recovery point objectives, to ensure minimum disruption to the business in the event of a disaster?
Here are 5 key points on how to improve your Disaster Recovery Response:
1.) Create a Business Impact Analysis
A business impact analysis will identify the business’s most critical systems and processes, their respective RTO and RPO requirements, and what the consequences would be if an outage occurred.
Rather than take account of the expected threats, it is worth widening your focus to include all potential interruptive scenarios. Of course, not all scenarios are equally likely to occur. Yet, better to expect the worst and hope for the best. Scenarios that are worth considering include; complete site outage (power failure, flooding or fire), core infrastructure failure (compute, storage and network) and critical business application failures (email system, databases or phone system).
2.) Construct a Clear Mandate
For your company to fully benefit from a comprehensive DR response, it needs to be circulated to all departments and teams. Do your employees know what to do in the event of an emergency? This includes severe weather, flooding and physical property damage, data breach, or lost connections. What is their role to play?
Clarity and communication are both key to a successful DR response. So, keep it concise and confirm that each team member is aware of their responsibility. And most importantly, this mandate needs to have the ability to be implemented at any time of the day. It is imperative that once a disaster has occurred, staff can respond immediately and accurately.
3.) Test DR Plan
When you’ve reached the point where you’re comfortable with your DR response, it’s time to begin ‘trial and error’ testing. If you are not finding any errors or potential threats, it is possible that you are not testing it thoroughly.
Testing your plan is critically important; in theory, it may work, but based on our extensive experience, issues during recovery regularly occur and can significantly affect the time to recover and these don’t arise until it is tested in real-time. Your DR response should be tested under the following standards:
- Complete site outage (Power failure, Flooding or Fire)
- Core infrastructure failure (Compute, Storage and Network)
- Critical business application failures (Email System, Databases or Phone System)
A DR test does not need to be business impacting and indeed there are many ways to carry out a disaster recovery test. The following types of DR tests can be carried out:
- Full DR test (Shut down production, recovery in DR site, test, Failback to production)
- Full Isolated DR test (Recovery services to isolated networks, test, destroy test environment)
- Partial DR test (Shut down an application group in production, recover in DR site, test, fail application group back to production)
- Partial isolated DR test (Recover application group in DR site, test, destroy test environment)
4.) Regularly review your DR Plan
It is not enough to create a once off comprehensive DR plan, considering that your enterprise technologies will be frequently modified or replaced. This means your DR plan should also be updated, especially as technology is now evolving faster than ever.
By implementing a biannual review of your DR plan, you avoid outdating your response. As mentioned above, it’s critical to include IT management in this review so you’re aware of what’s different in your company infrastructure.
5.) Learn from Your Mistakes
Carrying out DR testing ensures you notice recovery obstacles in a controlled environment. Otherwise, you will not know for sure if you can recover until you face disaster.
I hope that your company does not ever need to go through the experience, but if you do it is important to learn from the event. It is also important to hold postmortems of DR testing. What ran smoothly? What didn’t reach your expectations? Acknowledging the holes in your DR plans ensures you will fill them.
Do you need to protect a single VM, a business-critical application or your entire IT infrastructure? Our fully managed Disaster Recovery as a Service solution will address your requirements, and meet the business RPO and RTO expectations. This can be combined with our Business Continuity service to provide your business with the peace of mind to be able to recover from any disaster situation.