After a disaster has struck is not the right time for your customer to be figuring out what to do. As with most things in life, the best solution to possible disaster is a healthy dose of prevention. By proactively managing the most common threats— system failure, facility damage, data theft, cyber attacks, etc.—with comprehensive disaster recovery practices, you can help your customer mitigate much of the risk to business continuity.
Without a solid plan, your customer is rolling the dice on irreversible damage to their business. They may not realize it, but they need a robust disaster recovery plan. A proactive DR plan should be included in any solution you offer—and there are plenty of viable solutions out there—but what are the fundamentals of a good disaster recovery plan?
STEP 1: Assess Risk – Before designing a DR plan for your customer, you should conduct a thorough risk assessment to analyze the systems being utilized and identify any potential threats to your client’s mission-critical operations. In addition, you should evaluate not only the customer’s physical facility for risk indicators (e.g., is it located in a disaster-prone area?) but also the recovery facility for factors such as regional proximity to your customer, levels of security and redundancy, etc.
STEP 2: Define RPO and RTO – This step is critical because it is where you determine what kind of DR plan your customer requires. If their organization can withstand significant downtime while they recover, then there isn’t much of an issue that even the most basic plan can’t address. After all, the name of the game here is how quickly you can get the customer up-and-running again. If time isn’t a factor, then a simple solution will do. If, however, like many organizations, no amount of downtime it tolerable, then a more immediate solution is required.
Carefully assess your customer’s acceptable Recovery Time Objective (RTO) and Recovery Point Objective (RPO) to determine the applications that will satisfy both, and refer often to these two goals to help prioritize what the customer’s plan requires to survive a business disaster.
STEP 3: Communicate with Personnel / Assign Tasks – Developing a good communication plan among your customer’s staff is an important, but often overlooked step. Help your customer determine who needs to do what in the event of a disaster. How they access their data and resume activities during an interruption in business continuity should be determined beforehand and communicated to all employees, to avoid the inevitable confusion that sets in during a disaster. Make sure your customer assigns proper roles and responsibilities to critical staff members because decision paralysis often hampers the internal “first-response” team.
STEP 4: Manage Sensitive Data – Every organization has sensitive data, whether it be proprietary resources, sensitive employee records, or customer account information. A good DR plan should ensure that all confidential data and information is regularly backed up, properly secured, and immediately recoverable when the plan is activated.
STEP 5: Test the Plan Regularly – Once your customer has a DR plan in place, you should assist them in testing it regularly. Failure to test on a consistent basis will likely result in creeping inefficiencies or even failure if a disaster occurs. The more comprehensive the test, the better it will work and the more successful your customer will be in getting back on track if the business is interrupted.
Every customer is unique, every solution is different, and there are too many variables to cover all possibilities. But a good risk plan starts with these fundamentals. By addressing a strong disaster recovery plan as part of your offering, you do more to help your customer’s business recovery efforts than any amount of hardware or software can do on its own. Follow these basic steps, and your customer can be confident that they’re prepared if and when disaster strikes.