March 2021
by Richard Lee
In this blog I talk about Disaster Recovery.
So just what is Disaster Recovery?
It is the capability to be able to recover a company's technology operations from Disaster.
Types of Disasters
There are many and varied types of disasters. Essentially any event that has the effect of
destroying or losing data or even preventing normal IT operations at an installation is called a disaster. Some examples are:
user error causing data loss, fire, earthquake, flood, theft, equipment/network failure, malware, ransomware and sabotage.
Difference between Backup and Disaster Recovery
Back ups can be an essential part of Disaster Recovery however on their own do not
guarantee the capability to recover from disaster. A DR Back up (if it is physical media ) should be stored offsite to protect against possible loss due to disaster occuring onsite.
It should only be brought onsite to do back ups and/or restores. What if you're using Cloud as your DR destination? Then you already have offsite protection but are however vulnerable in another way: dependency on the internet for your data
I've already covered managing this vulnerability in an earlier blog called Internet Back up Solution.
A Disaster Recovery Plan (DRP) is actually a written plan which states the steps a business needs to take in order to recover from a disaster.
Why Disaster Recovery?
In short this is to ensure the business survives after encountering a disaster. In the past, there have been a string of businesses that have had to close shop after encountering disaster. With no DR plan created before disaster struck, these businesses had no way of re-constructing lost data.
This is why its essential if your business uses computers to have at least a basic DR plan created. This may be as simple as having a back up of a back up or as complex as having a redundant data centre equipped with spare hardware, software, procedures and even personnel.
It is easy to forget the need to draw up an effective DRP. Or even be complacent about it with the attitude that "this can't happen to me or my business". The reality is that
disaster can strike any installation at any time with little to no warning. And based on the high likelihood of a business closing shop due to having no prior DRP in place, that is why a DRP is arguably every bit as crucial as a business strategic plan.
Ingredients of a Disaster Recovery Plan (DRP)
This is a plan that should be drawn up ahead of time and invoked during time of disaster. The plan would cover aspects of the make up of a business' IT assets including:
Hardware - what makes up the IT hardware. This can be computers, printers, cables, telephones and more!
Network - the network hardware and diagram showing how the network is made and
connected. It should show network interlinks and IP addresses in use.
Software - software in use including operating system and any application software
configuration - includes settings and user ids/passwords for the hardware, software and network.
Personnel - key personnel and contact details who are involved in the business' IT operations
Procedures - required set of procedures to follow in the event of a disaster to return back to normal IT operations
Back up plan - full details about the back up ( type of back up, frequency, where stored etc ) and how to restore data from the back up
Supplier - contacts for suppliers of all required IT assets and services
The DRP would also need to be periodically reviewed and updated even as the IT operations evolve over time.
In previous blogs I discussed the need to do back ups on a regular basis. DR on the other hand is like a back up of a back up. It is like an insurance policy that ensures you can recover IT operations in the event of disaster.