It is difficult to watch the news. Lately, Mother Nature seems to be testing our resolve with devastating hurricanes, earthquakes, fires and much more. Across the world, we have faced extreme droughts and flooding. We have seen record heat and record-breaking cold. The impact has been widespread and frightening. Who knows when and where the next trouble spot might occur?
While the nature and timing of the next natural disaster is unpredictable, our response need not be. With some advanced planning, we can minimize the impact on our personal and professional lives.
Many businesses have taken basic precautionary steps for their most important data. They have offsite backups that are made on at least a daily basis. But as recent events have shown us, this is often not good enough.
What happens when an entire geographic area is impacted, with no power or cell coverage for days?
While you may be able to access your data files, how will you restore critical software and business applications? Connect to your employees? Notify customers of delays in shipments? Communicate with suppliers?
As an affiliate of a high-tech company, Oztera has worked with large corporate clients who require us to conform with their disaster recovery plans. We have had the benefit of learning from their requirements for vendors to have contingency planning and preparations and have had to meet their standards.
What we have learned are valuable lessons for companies of all sizes. If you haven’t had at least an annual meeting to discuss your plans in the event of a disaster, we suggest you schedule such a meeting before the end of the year. Here are some items you may want to cover in your meeting with management and your Information Technology professionals (see below for a checklist):
Item to Discuss
1. Do you have a well-documented Disaster Recovery Plan?
It should be in writing, not in one or two key people’s heads.
2. Do you have a Disaster Recovery Team who will perform all the related tasks?
If not, consider key resources who should be included and form one.
3. Does your plan clearly identify all the recovery steps and responsible personnel for those steps in a simple checklist format?
Make it easy to follow in times of crisis.
4. Have you documented how often your data is being backed up for all your databases, drives, and applications?
Weigh the cost of reworking data entry and inputs against the extra time spent in backing up more frequently.
5. Do you routinely test your back up plan to make sure data is being packed up as frequently as expected, and if the data is being backed up properly? (not corrupt or missing)
Trust but verify.
6. Have you identified the sequence of applications and data that must be recovered?
The order in which applications are restored is often critical.
7. Have you identified at least 3 possible backup office locations in case of an emergency? (Someone’s home, or public office like Regus Business Center Offices)
Entire geographies can be wiped out in a single incident.
8. Have you identified what pre-printed forms/checks/documents, printers, and other equipment is needed to quickly set up a backup office?
Or created electronic or online alternatives?
9. Is access to your servers possible if local power goes out? (Do you have access to power generators?)
Can you access their location in an emergency? Do you have alternate sources of power? Are there others with keys who can access your office if needed?
10. Is access to your servers possible if internet access goes out? (Secondary internet provider?)
Consider backup Internet access via Fiber and DSL.
11. Do you have backed up electronic copies of your important documents?
12. Can your key employees work remotely? (Laptop access?)
And do they have proper security installed on their remote computers?
13. Do you have an internal communication plan during an emergency?
Is there a master list of mobile phone numbers? Place/plan for sharing messages?
14. Do you have an external communication (clients and vendors) plan during an emergency? (who should communicate what, and how often/at what phases?)
Who should communicate what, and how often/at what phases? What about Social Media? Who owns the message?
15. Is the data on your employees’ local machines being backed up on your servers daily?
Data stored outside of your central server could be permanently lost.
16. Can your business be turned back on within 4 hours, or within your required minimum period?
17. Do you have at least 3 experts who can execute the recovery plan?
Share the responsibility across members of your team.
18. Was the plan fully tested by your Disaster Recovery Team within the last 6 months?
19. Do you formally evaluate your Disaster Recovery Plan at least once a year?
Needs and responsibilities could change over time.
20. Have you shared your most up-to-date organization’s Disaster Recovery Plan with the Disaster Recovery Team, your key employees, and the executives/owners?
Do you have a Disaster Recovery Team?
21. Do you audit your mission critical vendors or partners annually to make sure they have an adequate Disaster Recovery plan?
And share your plan with your customers?