How to Build a Disaster Recovery Plan

Make sure your organization always has a plan to get back online in the event of data failure.

Company owners and managers must always be on the defense. Even in the midst of celebrating a company’s achievements and outlook for growth, leaders should also be invested in assessing vulnerabilities. That’s because ignoring shortcomings in your company’s infrastructure and operations can lead to major problems in the face of unforeseen disasters.

As we’ve seen in the past few years, these disasters can take many forms.  Hacking and ransomware attacks are on the rise—especially with heightened attention to cloud computing. On the other end of the spectrum, civil disturbances and natural disasters can damage your location and interrupt business continuity. Since so few of these can be predicted, preparation should be done sooner rather than later.

After a disaster occurs, your company needs to get back online rapidly; people must return to work, and data must be restored. This ensures you’ll be ready when your clients come back while also assuring them that you’re up and running. All this information should be included in a disaster recovery plan.

What is a Disaster Recovery Plan?

A disaster recovery plan is a vital document that helps your organization prepare for anything—from mechanical accidents to natural disasters. The plan should include specific actions that must be taken and when, immediately before and immediately after a disaster takes place.

It should also designate who will be responsible for what, along with useful information such as passwords and contact information. This plan should be accessible to key employees and should also exist in hard-copy format in case everything goes offline.

In addition to an organized and well documented plan, the integration of cloud software can provide added peace of mind. Cloud storage options such as Lyve Cloud from Seagate can ensure your data is accessible when you need it without interruptions. 

Seagate solutions prioritize reliability and security, so backup data stored in Lyve Cloud is always durable and available.. Our partnership with various backup software vendors, such as CommVault, enables end-to-end storage solutions for backup and recovery. 

Why Is a Disaster Recovery Plan Important?

Creating a disaster recovery plan demonstrates your commitment to protecting customer data and minimizing customer risks.

Having a plan in place inspires confidence and increases loyalty to customers and staff. Any company that fails to prepare for various disaster scenarios will likely spend too much time figuring out what happened and what to do after the fact. By then, it could already be too late to find a new location and recover data. In a ransomware situation, an entire network could be disrupted.

The longer your company remains offline, the more money could be lost, projects unfinished, and customers inconvenienced. If these disruptions go on too long, customers may seek one of your fully operational competitors. 

Certainly, large-scale disasters such as tornadoes or flooding can impact a community equally. But once you get the basics back online, such as power and safety, then you can get back to business quickly especially if your primary operations (or at least your backups) have been moved to cloud storage.

How Does a Disaster Recovery Plan Work?

This varies from company to company depending on factors such as how data is stored or whether employees are working from a central location or remotely. An organization already using cloud services to store or transfer data has an advantage over companies that still rely on traditional hardware and server racks at a central source.

The plan should be considered a living document that's updated regularly rather than created once and never looked at again. Company officials should revisit it often—at least annually—and note any procedural or personnel changes. It’s also a good idea for all employees to learn about any changes to the plan since everyone will be impacted.

A disaster recovery plan should be a proactive and collaborative endeavor. Company officials, leads, and departments should come together to answer all possible questions of how the company would keep things operational in the wake of primary data failure.

What Measures Are Included in a Disaster Recovery Plan?

Common elements of a disaster recovery plan include:

  • General procedures or ways to initiate recovery, from a general power outage to specific disasters (for example, a fire might require different recovery options than a flood)
  • A realistic goal of when things should be up and running, from when the plan is activated, starting with critical tasks first
  • An inventory of affected machines, including networked hardware (printers, servers, etc.) and any software licenses or subscriptions
  • A designated point of contact to assist with storage recovery (such as an account representative from Seagate)
  • A designated point of contact for various vendors, including insurance agents
  • A list of personnel who have been assigned different duties for different recovery components
  • The location of any temporary/remote operations, especially if the physical headquarters are unavailable

A list of critical documents that require higher security than standard documentation

How to Build a Disaster Recovery Plan

Start by assigning the different subjects to various managers, department heads, and potentially impacted vendors—everything from inventory to points of contact. Then compile the information into the central plan and send it out for review.

Set Company Goals for a Disaster Recovery Plan

Emphasize how important this document is for the future of the company and its overall reputation. If you’re creating a document from scratch, require everyone’s portion to be done by a certain time and then add time to synthesize and review. If you’re updating or expanding an existing document, goals can also be implemented on a regular basis, such as annually. This task can even be automated, so everyone will know to focus on this at least once a year.

Keep Track of Inventory

Knowing how many machines are affected can make a difference in activation time and priority tasks. Companies with remote operations may also require different instructions for learning the status of machines than onsite machines. Communication is key in these situations to make sure employees provide honest and detailed feedback.

Identify Sensitive Documents and Data

Although all info is useful, some items are critical, such as intellectual property, sensitive financial information, and confidential customer data. Even higher-level administrative passwords should be recovered first. These can all be identified as in need of extra security.

During the plan creation process, these items can be focused on. Some may already be identified, such as items kept offline or in a server separate from the one the staff/public can access. Lean on a troubleshooting guide for common data loss solutions, like servers or digital devices, for a starting point.

Working with Seagate Lyve Cloud can allow companies to create separate clouds for some data or prioritize lists of items that should be brought online first.

Set a Communication Response Plan

Letting your staff and your customers know what’s happening is useful. It will reassure them that you’re trying to serve them once again. A communication plan can even run parallel to the disaster recovery plan in terms of when and how to get the word out. This can include press releases, media briefings, and even social media pushes. It can launch when the disaster plan launches.

Train, Test, and Reiterate

A plan created in secret by managers won’t do the employees a lot of good. But a company that shares its plan goes a long way in helping them feel secure.

Creating a plan is just the start. The plan should be tested on a regular basis, an exercise that lets an organization see that everything works or identify key areas where failures can occur. Maybe you have an all-employee note ready to send, but the email server is down. Or a key supervisor happens to be on vacation or unavailable due to the disaster, so no one knows whom to report to next.

Learn more about cloud backup and recovery solutions from Seagate.