Blog Story

Disaster recovery and business continuity explained

Everything Tech

26.10.22

Say hi!
Disaster Recovery

Despite the best-laid plans, disasters can and do strike businesses of any size, often without warning. 

Some of the ways that disaster may strike a company includes:

  • Cyber-attacks and security breaches
  • Natural disasters (fires, floods, earthquakes, tsunamis, etc.)
  • Manmade disasters (terrorist attacks, arson fires, etc.)
  • Theft
  • Epidemics or pandemics
  • Power outages
  • Failure of third-party systems (internet connection, cloud CRM or accounting system, etc.)
  • Hardware or equipment failure
  • Unexpected loss of staff or internal resource

So, how can businesses plan for any eventuality and ensure they are protected, prepared, and able to function during these difficult situations?

We will explore the ideas of business continuity and disaster recovery and provide some helpful tips to ensure you are prepared for anything IT-related that might happen in the future.

What is disaster recovery vs business continuity?

Disaster recovery refers to an organisation’s ability to regain access to files and data, and to restore functionality to its IT systems following a disastrous event. An event may cause the loss of data or system downtime that results in lost income, delays to customer service, or other factors that result in reputational damage.

A disaster recovery plan is important as it will provide an action plan that allows your business to get its systems back up and running as quickly as possible. In some circumstances, where property or hardware gets destroyed, there may be long periods of downtime, so the plan needs to account for contingency plans to reduce downtime.

Business continuity, on the other hand, refers to an organisation’s ability to maintain services and critical processes in the event and aftermath of a disaster or unplanned incident. It is about continuing operations in the face of adversity and is a part of an overall disaster recovery plan.

What does an IT disaster recovery plan include?

Every business should have a disaster recovery plan: a living, breathing document that outlines how the company or organisation will respond in the event of a disaster. There are several considerations to consider when mapping out a disaster recovery plan.

Here are some essential things you need to think about and record:

Recovery time objective (RTO)- the maximum time your business can tolerate following a disaster before service is restored and resumed. Your RTO will depend on your business and industry; in some cases, it can be minutes, and for others, it might be days or weeks.

Recovery point objective (RPO)- the maximum amount of data your business can afford to lose in the event of a disaster. Again, this will vary depending on the situation, with some businesses unable to operate without an hour’s worth of data, compared to others that can lose days or even weeks’ worth of certain types of information.

Hardware and software inventory

You should have a record of all your business’s IT hardware and software, with each item labelled in the following scale:

  • Critical — items that are essential to the running of the business (i.e., that your business can’t function without.)
  • Important — items that are used regularly (i.e., daily) and that could disrupt operations if access was lost.
  • Unimportant — infrequently used applications, software, and hardware that are not essential for the day-to-day running of the business.

Your inventory should be updated regularly and accurately reflect the assets within your IT infrastructure.

Personnel roles and responsibilities

As part of the plan for prevention, business continuity, and recovery, key responsibilities should be allocated to stakeholders within the business. For example, you should have named personnel responsible for data backup and IT maintenance (i.e., an IT Manager), customer communication (Customer Services), and media management (PR team).

Physical site considerations

Your plan should include any requirements for physical locations if your premises are damaged or otherwise unusable. For example, what is the minimum space needed for a new office or warehouse?

You should also consider where any data is stored, and how you’re able to access this in the event of a disaster.

Communication plan

In the event of a disaster, there must be a framework for communicating with relevant people internally and externally. You’ll need to communicate any news and updates quickly and effectively to:

  • Staff and employees
  • Media
  • Customers and clients
  • Suppliers and vendors

What steps can you take to avoid an IT disaster?

To reduce the chances of a disastrous event being a catastrophe for your business, there are several steps you can take to be more prepared. Not every disaster can be prevented, but by having robust systems in place you can reduce the impact an unforeseen event has on your business.

Here are some ways to avoid an IT disaster or reduce the negative impact one might have: 

  • Regularly backup your data – Data backup should be an ongoing part of your IT operations. If you lose a file, what would that mean to your business? In some cases, you’ll be unable to recover. Make sure you’re regularly backing up your data so there is always a fallback option if the worst does happen.
  • Use the cloud to store important files and information – In certain circumstances, disasters can cause physical damage to property or hardware. If live data is stored on computers on your business premises and backed up to devices that are on those same premises, it can be difficult or impossible to recover in the event of a significant local disaster such as theft, fire, or flood. If you’re not already, consider using the cloud to back up data and files. Using a reputable cloud service for your live data, will also potentially reduce the chances of total loss as well as enable more flexible working. However, ensure that this data is also backed up to a secondary location.
  • Ensure you have a strong cyber security stance – With cyber criminals constantly innovating and coming up with shockingly ingenious ways to steal data or access networks, your cyber security must be up to the task. You should review your current setup and consider running a cyber security audit to understand where there may be any vulnerabilities — and then get those gaps plugged in.
  • Invest in your infrastructure – Technology can and does fail. When it fails, the costs can be crippling, particularly for small businesses. It’s good practice to continually monitor performance, invest in your IT infrastructure, and ensure that everything is running as smoothly as it should. You can’t always prevent a breakdown, but with proper maintenance, you can reduce the chances of an outage. And remember, computers get old, and their parts become vulnerable to failure, even non-moving parts like circuit boards, so replacing old equipment will reduce the risk of failure.
  • Keep your software and programs up to date – Updating your software when new updates are released helps to avoid security vulnerabilities that allow cybercriminals in. In some instances, it’s worth waiting a few days after a roll-out, in case of any bugs, but you should install updates, particularly those relating to tightening security.
  • Use an IT service provider to help manage your infrastructure – It can be difficult to keep on top of IT maintenance and resolve support tickets whilst proactively planning for the worst. An IT support partner can therefore be a great ally, providing the security of a professional and knowledgeable safety net. Your managed service provider can take care of many aspects of your IT, including helping to set up the infrastructure, manage software updates and provide constant monitoring, threat detection, and ongoing advice.

Are you adequately prepared for an IT disaster?

Preparedness is key. In an ideal world, you’ll never need to act on your disaster recovery plan. But if disaster does strike, would you be able to continue operations and recover effectively?

Although it’s not a nice thought, you need to consider the worst-case scenario and then ensure you’re prepared as best as you can be.

Everything Tech has extensive experience providing IT support to small and medium-sized businesses, including disaster preparedness, data backup, and cyber security management. Contact us today or call 0161 826 2220 to see how we can help you.

Latest resources

arrow-downarrow-left-greyarrow-leftarrow-right-greyarrow-right-whitearrow-rightblog-storybullet-arrowcase-study-storycloseet-logo2et-logo3et-logo4 footer_icon1footer_icon2footer_icon3footer_icon4footer_icon5 hand-wavingicon-arrow-blueicon-arrow-white-lefticon-arrow-whiteli-checknavigation-iconpress-storysocial_facebooksocial-facebook2social_googleplussocial_instagramsocial_linkedin_altsocial-linkedin2social_pinterestlogo-twitter-glyph-32social_youtubesocial-youtube2user-focusvideo