What is a disaster recovery plan & why is it important for your data centre?
A disaster recovery plan does exactly what it says on the tin. It outlines agreed contingency plans in the event of a wide range of disasters, natural or otherwise, to allow a business to recover with minimal or no disruption to operations. The disaster recovery plan comprises of documented processes or sets of procedures to help protect IT infrastructure. Although this can be an electronic document, it is advisable to also have a written document or print-out to ensure there are never any issues accessing the plan in times of need.
In the business world, disasters of any kind result in survival of the fittest. What does this mean? It means if you’re prepared for most common disasters and eventualities, you’re likely to fare a lot better than a business without a disaster recovery plan. A disaster recovery plan sets apart troubled businesses that take a hit from businesses that adapt and thrive in the face of disaster. As you protect sensitive data for clients who put faith in you, it’s good business sense for you to plan for the worst, so you don’t lose customer trust, incur fines or damage your reputation. It may also give your client peace of mind to know you’re well prepared.
Types of disaster to account for in your data centre plan
It’s difficult to account for every single possible disaster, but a good starting place to understand natural disasters is to look at insurance policies, where insurers usually do a good job of creating comprehensive lists. Types of disaster include: natural disasters (fire, flood, earthquake), power outages, cyber-attacks, physical attacks and terrorism, epidemics (as we’ve already had to account for due to COVID-19), bomb threats, telephone outages, and loss of access to a facility.
The ideal: avoiding data centre disaster in the first place
At Cross-Guard, we think it’s important to include in your disaster recovery plan a line about the importance of anticipating disasters and responding before they happen. Sometimes, there are warning signs of disaster. Natural disasters – tornadoes, earthquakes etc. – don’t always have warning signs. However, you can certainly help prevent everyday disasters such as theft and terrorism by ensuring your security measures are up to date and fixing any perceived vulnerable spots in your data centre. Remember, physical security is just as important to consider as cyber security.
Elements to include in a good data centre disaster recovery plan
All businesses have individual formats for disaster recovery plans. They need to be relevant to the business and industry – what works for one company, may not work for another. For the data centre industry in particular, having the right disaster recovery plan is crucial.
The bulk of a disaster recovery plan will be dedicated to how you can mitigate the effects of the disaster so your operations will experience as minimal disruption as possible. Within the data centre and IT industry, we understand how critical it is to avoid downtime and operational outages, every minute counts! It’s important that the disaster recovery plan is readily available and easily comprehensible, so all your employees can follow it in times of urgency.
Key to the disaster recovery plan will be your overall goals and this is where you should begin the plan. Outline what you aim to achieve within the plan, aligning your goals with what your customers expect ie. minimal disruption, backup services, and recovery ideally within minutes, if not seconds, of the incident. Alongside your goals, it’s good practice to include a list of responsible personnel for set incidents, and an up-to-date organisation chart. It’s not just the organisation chart you need to keep up to date, make sure you keep the entire disaster recovery plan up to date. Record any changes to schedules and procedures in the plan to keep it current.
You should also list applications that you use/need and how critical these are to the overall running of the business. Can these be backed up or replaced? In addition, create an inventory profile to show whether you own the items, and details such as manufacturer. That way, if you need to order an extra backup, or if you need to contact manufacturers due to any product queries, you have easy access to those details. You could even include contact details of the relevant manufacturer.
For procedures, you should include backups – ie. where they are saved/can be found – and details on a complete restoration to get your systems to the same point they were at prior to the disaster. Don’t forget to also address disaster recovery procedures such as restoration of systems following disasters, and any emergency response protocols for ie. fire and flood. The priority for these emergency response procedures should, of course, always be the safety of your employees. Do not put in place any protocols that could endanger your employees or put them at risk.
It’s important to consider temporary remote working, what a mobile site or backup site would look like, and what access would be granted. In worst case scenarios, you may also need to consider rebuild of a data centre, so make sure you have appropriate insurance cover in place. Once damage has been assessed, there will need to be a reconstruction plan in place, including a floor plan (as it stands currently) with an itinerary of hardware needs and alternatives. You also need to think about power consumption and security. If you are re-building a data centre, or recently invested in a new data centre, Cross-Guard is well equipped to deal with all your security needs – see our security cages page. These cages are also valuable for segmenting your data centre space to achieve maximum profit from clients.
As with anything, constantly test and review your data centre disaster recovery plan, so you can identify and rectify any potential flaws. The plan needs to work as seamlessly as possible in the face of disaster, so you can react quickly to protect your business and customers.