2011 New Year’s Resolution: Create and/or Update Your Disaster Recovery Plan

Every company needs to be prepared for emergencies, but few really are. Disaster recovery is not so much recuperating as it is planning for the worst. Do you have a disaster recovery plan? You may not work in a hurricane zone or tornado alley, but disasters aren’t just nature-driven; sometimes disasters are man-made. Here are some tips to think about for your own disaster recovery plan. (Note: This is NOT an exhaustive list and is not meant to replace good solid planning. It’s meant to make you think about what might be lacking for your company.)

  • With today’s mobile workforce a lot of key data may be sitting on employee machines. Make sure that they are periodically backing up to the network.
  • Keep your critical system hardware cool. Servers and telephone switching devices create a great deal of heat. Keep them in a cool, dry environment with their own air control. We’ve seen servers that literally sit in closets. You decrease the hardware’s life span by keeping it too hot.
  • Don’t forget that water doesn’t always seep in through the basement. Sometimes we can have a leaky roof or sprinkler system provide unwanted water.
  • Execute an agreement with a friendly organization or service provider who can host your system if yours is out of commission. If your building burns down, you want have your critical systems backed up and running within 24 hours. Make sure you have access to adequate processing power to get your business functioning.
  • Keep your backups off-site. At least once a week take a backup of each critical system off-site from your business. If you have to go back to that snapshot, you’ve only lost up to one week of data. Keep it for at least two weeks before reusing that disk or tape.
  • Verify that you can restore from your backups. We have had several clients over the years have backup systems in place so they thought. But when they actually had a disaster (the server crashed) and went to restore their data, there was nothing to restore from. Several things can occur: The backups aren’t backing up the proper directory; the backup system doesn’t backup “open” files (like SQL); the backup tape/disk has a bad sector in the header record or along one of the magnetized sections. Don’t wait until you need it before you try it. Test your restored information once every six months.
  • Bond your IT professional. Have someone else know where all the passwords are. Hire an outside group to audit you IT department. One client had a falling out with their IT employee who had set up remote access to the servers and created a hidden account on the domain, with potentially disastrous results. Another had an IT director shipping hardware to his home address for several years. You may not know what is really going on in that department.
  • Get an iron clad agreement with an outside IT professional if you farm out the IT function. They should only have access to anything you give them access to and not violate that trust. Make sure they are bonded. And have someone else – a hired professional or an internal knowledgeable person – check up on them. IT professionals are not gods, but sometimes they act like it. They need oversight, too.