In the latest episode of the HOSTING Cloud 360 Podcast Series, we caught up with Brian Frank, our intrepid Cloud Services Manager, to discuss ways in which organizations can protect themselves against disaster. Brian is no stranger to disaster recovery (DR) planning, having personally overseen more than 100 disaster recovery solutions – including some during Hurricane Sandy in 2012. You can listen to our entire podcast on-demand. In the meantime, we’ve listed a few highlights below.
Realize that disasters encompass more than what Mother Nature dishes out
While the word “disaster” often brings up images of natural disasters such as earthquakes, floods or hurricanes, it encompasses much more. As Brian explains, disasters can include basic power outages, human errors, or even a squirrel chewing up outside wires – causing your building to go dark. It’s important to take into account what Mother Nature typically dishes out in your area – whether your organization is based in a high flood zone or on a fault line. However, don’t discount other potential activities that can lead to an outage, causing you to declare a disaster.
Implement baseline activities to lessen your risk of a disaster
While DR planning can seem overwhelming at first, Brian emphasized that there are some key steps that organizations can take immediately to reduce their risk of a disaster. First and foremost, he recommends conducting a business continuity (BC) assessment. This assessment includes the following:
Step 1 – Define your high-value assets
Assess what data, applications and other IT assets you need to have in a recovery environment. Prioritize them and list their locations.
Step 2 – Define your Recovery Time Objective (RTO)
Your RTO is a target for when you want your systems to be up and running again. Determine how long you can actually go without your high-value assets – whether it’s 12 hours, 24 hours or longer – without experiencing serious consequences to your business.
Step 3 – Define your Recovery Point Objective (RPO)
Your RPO tells you how old the data is in your recovery environment. You need to define your RPO according to your specific business needs. For example, if you’re running an e-commerce site with customer data such as credit card information, you will want a faster RPO than that for your older, legacy data.
Make sure your DR plan is complete and testable
In the podcast, Brian ticks off a few elements in a DR plan that many organizations often neglect to factor in, including:
- Run books – these outline the steps organizations need to take in order to declare a disaster and bring their environments back online
- Information on what applications need to be brought online and in what order – for example, your databases may need to be brought online before your applications.
Finally, Brian emphasizes the importance of testing recovery environments. “All the planning in the world won’t take the place of testing,” Brian emphasizes.