Disasters are funny things. Not funny ha-ha, funny strange. One of the weirdest things about them is how unwilling we are to prepare for them. If we think a disaster is actually likely, we almost actively avoid preparing for it. How many people in flood-prone areas of the USA have flood insurance? About 20%. It’s the same in IT. We all know that disasters are in the offing. Power supply interruptions, firmware failure, hardware breakdown, or actual ill intent in the form of hacking, leaks and cybercrime all threaten the best networks. IT disasters cost US firms $1.2 trillion every year. Yet, few IT teams have working disaster recovery plans.
Here’s why you should have one:
1: Your data’s on the line
…and it’s not just your data. Failing to keep your customers’ data safe can open you up to legal proceedings and you can find yourself on the wrong side of a decline in your reputation too. Preparing for what you’ll do if you lose power or you get hacked means you’ll be ready to respond if and when it does happen.
Defend it: Keep sensitive data behind multiple firewalls to protect against hacking and malware.
2: Your productivity’s on the line
Every second that mission-critical applications aren’t accessible, you’re losing money. Whether the fault is in your servers, your power lines or in the applications themselves, you’ll be bleeding money and losing value in your customers’ eyes.
Defend it: Run mission-critical apps from servers with room to spare, redundancies built in and backup power.
3: Your reputation’s on the line
An IT disaster can seriously impact your reputation. You spent a long time developing your good reputation and you know you deserve it, but a flood, fire or even something as ‘non-event’ as a brown-out can destroy all that, making you look incapable in front of your customers.
Defend it: Communicate immediately. Email customers and put out a speech, press releases and Tweets/Facebook posts explaining your position, taking responsibility, apologizing and saying what you’re doing to make it right. Don’t make excuses!
So what can an IT disaster recovery plan do for your business?
1: Reduce the need for decision making in a crisis
If your IT guys on the ground have to ring the CIO up at 4am to figure out what’s up, and then she has to go down to the racks and scope about to figure out what’s going on, not only is valuable time draining away. You’re bottlenecking the problem at the C-level. A better way is to have clear plans in place so the decisions have already been made, and staff merely need to carry them out.
How to get it: Model your most likely disasters, figure out the best thing to do and write clear ‘if this then that’ plans for ground-level staff. They might be able to handle it, but even if they need to call in C-level employees you’re not dead in the water for hours while everyone gets to work.
2: Guarantee the availability of standby systems
When main systems go down you need to have something in place. Some MSPs will provide this kind of depth as standard but if you’re running your own racks, you need backup power and servers in space.
How to get it: Get backup servers, or virtualize your servers. Figure out which standby systems you’re going to need, get them – and test them!
3: Reduce the risk of human disaster
Throughout this post, we’ve talked about the risks of fires, power failures, floods and other TV-worthy disasters. But it doesn’t take that kind of disaster to cause an IT department serious trouble, and often the thing that brings IT crashing down is an accident that takes place within the company itself!
How to get it: Train staff to understand how to avoid causing themselves trouble and how to cope with it when it arises at the same time by building human accident into your disaster recovery plan and then practicing and testing it.
