The world has seen an awful lot of global disasters over the last few years. From earthquakes and tsunamis to electricity black outs and Internet sea cable ruptures; our globally connected news channel streams have been able to show us some pretty horrific and cataclysmic events up close.
Disasters of these sorts can render a business functionless, but of course it can take much less than an earthquake.
- If your business relies heavily on a particular mobile network for its daily operations, then you have an identifiable pressure point should that service go down.
- If your business runs on a heavily cloud computing driven set of software supplied as a service, then these systems have been known to go down — so once again a sensitivity point is identified here.
- If your firm has invested heavily into utilizing third party web-based services such as social networks, a black out in these channels could mute your corporate voice. So there are risks around every corner basically.
Notwithstanding the inherent risk of malware that comes from the adoption of any of the above technology-driven channels, there is a constant need to secure, back up and plan for disaster recovery as a defined business procedure.
Disaster Recovery (or DR for short) is often labeled as a subset of Business Continuity. Effective DR demands that a firm looks to bring in server-level back ups and so-called “replication” of data, so that additional copies of mission-critical data can be made.
Contingency planning must be a part of any prudent business operation of whatever size, from SMB to multinational and cloud related business is no different. It’s therefore important to have a clean set of procedures depending on circumstances.
Disasters can be categorized into four levels:
#1 – 4 hours or less downtime e.g. single PC failure
#2 – 24 hours or less downtime e.g. server failure or network failure
#3 – 72 hours or less downtime e.g. power outages, contained water leaks
#4 – 72 hours or more downtime e.g. terrorist attack, widespread flooding
Of course, not every firm thinks about planning for terrorist attacks and floods as part of a normal working week, but the above list does at least clarify that every business needs a back up strategy — and we do not use the word “strategy” lightly; this means that a formalized process for daily back ups (or weekly if you must) is put in place and adhered to on an ongoing basis.
As you extend your disaster recovery strategy you can think about storing copies of data offsite and/or in other cloud services. All firms should also create inventories of assets, this way you can map out your business from scratch in the event of electronic meltdown should the worst occur. Inventories will include equipment of course, but perhaps even more importantly you should also document critical customers, vendors, suppliers and partners.
So as you now map out your businesses and the processes it is composed of, you will also look to appoint a disaster recovery officer and/or individuals with specific responsibilities for overseeing different elements of your total operation.
This entire process will become more deeply engrained in all businesses over time as we move to an increasingly automated computer controlled future, but many smaller firms are not taking these steps as of yet, so now is the time to act.