It doesn’t matter whether you choose only the best server components and design all systems to be as redundant as possible, one thing that you can always count on for any long-running system is a hardware failure. There are multiple components in an IT system and each component is as important as the next when it comes to system function. For that reason, every business needs to anticipate the possibility of disruption caused by a disaster that affects business operations. One way of mitigating the damages of a catastrophic outage is through a Disaster Recovery Plan.
What is a Disaster Recovery Plan?
In today’s information-dependent society, every business requires an IT Disaster Recovery Plan. Downtime for any business, regardless of size, is costly and eats into the bottom line. A Disaster Recovery Plan or DRP is a written plan which outlines how a business will respond to a variety of disasters which lead to technology downtime.
The DRP develops strategies for timely restoration of hardware, data and applications to meet the needs of the particular business, prioritizing restorative actions and assigning personnel to specific roles or tasks.
When developing a Disaster Recovery Plan, you will conduct a Business Impact Analysis in order to understand what impact a particular disaster will have on the business. The Business Impact Analysis determines likelihood of the risk occurrence, then evaluates steps that can be taken to avoid or mitigate the perils, prioritizes responses, and estimates the financial impact to the business.
What Situations Should Be Considered in a DRP?
A Disaster Recovery Plan does not need to be limited to catastrophic data failures such as an entire data center going offline due to a natural disaster. It can also encompass prolonged DDoS attacks which cause critical customer systems to go offline, server hard drive failure, and any other situations which can cause an emergency for the business. The more detailed the DRP and the more scenarios that are explored, the better prepared a business will be.
The central study underpinning any DRP must be the Business Impact Analysis that takes into account all potential perils to the data or hardware such as:
- Accidental loss of applications and data
- Hardware failure
- Connectivity issues
- Electrical outages
- Water leaks
- Prolonged DDoS attacks
- Weather and geological events.
Does a Disaster Recovery Plan Only Focus On Responding to Disasters?
An important aspect of Disaster Recovery planning is also an investigation on how to avoid the disasters outlined above, or how to mitigate their damage in the event that they do occur. Mitigation efforts may include a data backup strategy The data backup and recovery strategy starts with identification of the most essential data to be preserved, followed by selection and implementation of backup procedures. The scheduling and effectiveness of routine backups should be verified periodically to ensure data is being accurately and completely retained.
DRP Tip: Are You Hosting Servers On Premises?
Most businesses are not equipped with the proper infrastructure to securely store servers. This includes physical security with 24x7 security monitoring, redundant network / power / cooling, and fire suppression. Servers that are stored in an environment without these protections in place are at a significant risk of failure.
Moving servers to a secure data center that is designed to store servers and monitored 24x7 is one of the best ways a business can mitigate server downtime in DRP planning.
How do I create a Disaster Recovery Plan?
To make the job easier, DRP Templates exist online to help organize the disaster response process. Although several templates are readily available, IBM has developed a particularly useful disaster recovery template, which can be copied or reproduced for your business.
The following steps can help guide you in developing your own Disaster Recovery Plan:
Step 1: Outline the DRP’s Primary Goals
Goals that are generally important to any business include those listed on the IBM DRP template, which are
- To minimize interruptions to normal operations.
- To limit the extent of disruption and damage.
- To minimize the economic impact of the interruption.
- To establish alternative means of operation in advance.
- To train personnel with emergency procedures.
- To provide for smooth and rapid restoration of service.
Step 2: Take an Inventory of All IT System Hardware and Applications
It’s important that in a disaster, the location and pertinent data regarding IT hardware is immediately available, with the necessary specifications available to begin repair, including vendor support contact information as well as the vendor’s emergency and daytime contact numbers. The inventory should include the name of the hardware manufacturer, model and serial numbers, cost, and lease or ownership status.
DRP Tip: Contact your ServerMania Account Manager to receive a detailed inventory of your servers with us.
Step 3: Conduct a Thorough Risk Analysis of Your Company’s Systems
Accompany the inventory of hardware and applications used throughout the business with an assessment of potential hazards that could impact the operation of each IT asset. (Some hazards may be location-specific, such as possible water leaks.) Analyze electrical and other factors. Determine an acceptable recovery point objective (RPO) and recovery time objective (RTO) for hardware failure, and for each set of applications and data.
Step 4: Establish the Budget
This step Involves a practical evaluation of potential and actual costs for mitigation and disaster recovery, with decisions made by upper management in conjunction with the IT and accounting departments.
Step 5: Develop and Prioritize the Disaster Recovery Plan in Three Tiers
The first tier of the DRP should focus on hardware, applications, and data that have been assessed as being absolutely crucial to business operations and most immediately required. The second recovery tier involves hardware and applications that are also essential, but without which the business can exist for a period of 10-24 hours. The third tier, then, are the remaining hardware assets and applications which the company needs to be efficient, but which can be restored within as much as several days without appreciable impact.
Step 6: Focus on Recovery Team Personnel
An organization chart should be included with the DRP. It’s necessary to build a Recovery Team that is highly trained and capable of responding rapidly to any disaster, with assigned roles and responsibilities, plus total familiarity with the recovery script outlined in the DRP.
Backup personnel should also be trained to step in should the disaster take place at a time when team members may be ill or on vacation. The DRP should define key roles, and assign specific responsibilities to each individual on the team. A solid understanding is necessary regarding steps to be taken once a disaster is declared by the Recovery Team Leader, the sequence of those steps, and the manner in which team functions and responsibilities are interrelated. A clear picture of ‘who is responsible for what’ is absolutely critical; it engenders a universal comprehension of the recovery plan and promotes its effective execution.
Step 7: Develop A Communication Plan
As important as having an organized approach to disaster recovery, fostered by a well thought out DRP, a published communication plan is vital for the use of team members. In a disaster, normal methods of communication may be disrupted, and Recovery Team members must know how to communicate with one another by alternative means, from initial notice and periodic updates, to the wrap-up of the recovery process.
This plan should also include information on who and how customers will be contacted and kept up to date during the outage.
Step 8: Incorporate Information Regarding a Backup Worksite Location
Instructions should be included in any well devised DRP to allow employees to gather at an alternative site during the crisis and continue to be productive while the system is down, or plans should be in place for employees to work from home until recovery has reached a point where equipment and communications are once again available.
Maintaining the Disaster Recovery Plan
Regular testing of the DRP is recommended twice per year and following any changes to the plan or the replacement of personnel with vital roles in its execution. Upon completion and testing, the original document should be permanently stored in an off-site location that is both safe and accessible. A working copy should be utilized for periodic testing and personnel drill, to ensure that the plan works effectively, that the process of restoration can be completed within the necessary time frame, and that all personnel are prepared to respond rapidly and appropriately in an actual disaster. Test results should always be recorded, and the DRP should be updated to address weakness in any area. Test frequently, and keep fine-tuning the results.
When developing the DRP, you may discover that the risks associated with keeping servers on-premises would be better suited for either server rental or colocation in a secure data center. If that is the case, you should consider contacting our team for an expert server consultation. We can review your server inventory and DRP in order to develop server solutions that are less prone to disaster in our secure data centers. We can also review your server backup procedures to determine if ServerMania Cloud Backup may be a good fit for you.
Complete Digital Server Solutions For All
A single tenant, physical server allowing you full access to its resources.
Virtualized server platform hosted on enterprise-grade physical servers.
Your privately owned servers and equipment secured in a top-tier data center.