Surviving Disasters Large or Small

April 11th, 2011

Developing a disaster recovery plan require more than just planning for a worst-case scenario.  Disasters come in all sizes, so plans must be flexible. When developing a DR plan, think about the small problems as well as the large ones.

For example, a "disaster" might be the deletion of a critical file or folder. Do you know what to do if such a file is accidentally deleted or corrupted? Sometime just restoring it from the Windows Recycle Bin isn't enough. If you do not have a backup copy of that file that can be accessed quickly and easily, your disaster recovery plan is incomplete.

Another part of developing a disaster recovery plan is ensuring that everyone, from the janitor to the CEO, knows what to do in case of an emergency.  If your office has uninterruptable power supplies (UPS) protecting critical servers, staff needs to know this. It does no good for a company to protect a specific server for say, an extra 30 minutes with a UPS, if no one knows that the server needs special care, such as a controlled shut-down, before power goes off.

Knowing where your data is backed up and how you can access it after a disaster strikes also is critical. Is your data being backed up locally, to the cloud, or both? Do the employees know how to access their data if they need to work remotely? Today's cloud computing services and managed service providers make it possible for employees to work anywhere, any time. Having continuous backups to these offsite backup facilities makes  business continuity a reality for companies of all sizes.

Finally, remember to test your plan on a regular basis. Perhaps you will run a full-scale test by turning off all network access in a department or office to see how your employees react. Perhaps it will be pulling the plug on a single network device to see how employees cope. Ensuring that a company's staff knows how to survive a disaster in advance will make surviving a real disaster that much easier.

  • Not all disasters include the total annihilation of your primary data center. When preparing a disaster recovery plan, consider situations of partial data loss. For example, if your Internet connection is down for a short term but all other services are functional, what is your plan?
  • Discover and map current network devices. What is the criticality of these devices? How will downtime on those devices impact the business?
  • Do you have adequate network documentation for the DR network? When a disaster occurs, everyone will be in a panic. Having proper documentation can be the difference between the success and failure of a disaster recovery.
  • How often is your DR plan tested? It’s almost certainly not frequent enough.
  • Has proper network resiliency been taken into account for the production network? Think about dual power supplies, redundant network paths and redundant circuits. These network resiliencies may prevent you from having to declare a disaster in the first place.
  • Implement policies whereby the DR plan is updated when any new network equipment is installed or network software changes are made. This will keep your DR plan up to date. Change management has a DR impact.
  • Make sure you patch and upgrade DR equipment, just as you do any other network system or subsystem.

Don’t forget about network security issues when you have a disaster. No end user will put down “anti-virus software” as a critical need. You don’t want to get your DR network up after 24 hours of work only to have it brought down by a virus. You must think about security because users won’t.