1. Create Thorough Disaster Recovery Plans
This may seem simple, but too many companies take shortcuts when creating disaster recovery plans. This is in fact the area to spend the most effort and, in many cases, funds. The disaster recovery plan document is the foundation for everything else.This is also a good place to consider adding an external consultant with relevant experience to the mix. Creating an effective plan is a difficult and specialized process.
2. Assign Responsibilities
A clear chain of command and designated responsibilities is an important element of disaster recovery plans. This includes:
• A disaster recovery team responsible for helping to design the plan and maintain it as the company changes. The team will also coordinate the plan during a disaster situation.
• Disaster ‘captains’ charged with making sure specific elements of the plan are executed and that each section of the company is in compliance with plan standards.
• Responsibilities must also be assigned to individual employees regarding their part in the disaster recovery plans.
3. Arrange for Alternate Sites and Equipment
Depending on the severity of the disaster, moving the operation to an alternate site may be required, as well as arranging for backup computers, phone systems, and other elements. Replacement equipment for damaged units must also be acquired, especially in areas prone to flooding or wind damage. Even power failures will cause some degree of permanent equipment failure, as some units that lose power are never able to power back up.
4. Maintain, Execute and Evaluate Testing Procedures
An untested disaster recovery plan is one that is bound to fail, yet this step is the most neglected of the list. It is difficult to convince management that halting business for testing purposes is, in the long run, good for business.
5. IT Specific Disaster Procedures
In the case of the IT department, response to a disaster takes on a more critical aspect. If the job is done properly, customers may never even suspect that there is a problem in the home office. However, this does require some planning:
• Redundant Systems: Spreading the work over many different systems can not only help balance heavy workloads but can provide automatic backup when one system goes down.
• Uninterruptable Power Supplies and Generators: Since power is the basic element that every IT department depends on, a reliable, clean power supply is a must. Smaller UPS systems can help prevent damage from brown outs and short burst outages, and some can even maintain operations for an hour or so. But if no alternate sites are available, the ability to generate power must be provided for.
• Internet Access: For any business that relies on a web presence to do business, alternate web servers and Internet access must be provided for. It is recommended to contract with more than one Internet Provider to deal with failures outside your building.