Cyber-attacks like the WannaCry malware incident that compromised the NHS are becoming more prevalent. Predicting natural disasters is almost akin to alchemy. And even the most prepared team is beset by random hardware failures or user error. Which means that every business should have contingencies in place to recover data and regain continuity if the worst should happen.
Whether you’re a well established company or a start up, here are the main points you should consider when putting a plan together.
Business Impact Analysis (BIA) and risk assessment
BIA and a risk assessment are essential. The BIA identifies potential disruptions to your business functions and gathers the necessary information needed to create a disaster recovery plan. A risk assessment will examine internal and external vulnerabilities of both your building and IT infrastructure so you can prepare for any crisis, no matter how significant.
Once you’ve conducted your BIA and risk assessment you can base your plan on the findings. Make sure it caters for the unpredictable and includes appropriate measures for even the most extreme outcomes including scenarios like natural disasters or your office collapsing.
It’s always a good idea to keep admin, email, and general company data backed up so you can resume business critical operations as soon as possible. Data such as this can be backed up to the cloud with services like Google Drive or Dropbox, giving you secure and immediate access to those all-important documents from any location.
Phone lines should be redirected as soon as possible during a crisis. Make sure that you’ve included mobile numbers and a method of redirecting landlines so that your company is still contactable.
Whatever the size of your office you’ll need backup storage to save copies of your work so you can access data immediately should your infrastructure become compromised.
Smaller offices may opt for portable hard drives and it will be up to a designated member of the team to take responsibility for them. Bigger businesses may use servers that will automatically duplicate files to storage either on or off site. You should also think about what data is replaceable. For example, if the IT systems go down in a VFX studio then scene files and custom code is far more important than render caches. These files are replaceable and can be re-rendered once normal operations have resumed.
Backing up your software licences, however, is becoming less important due to vendors such as Autodesk and Adobe making the move from perpetual licensing to subscription-based services. This universal shift makes disaster recovery a little easier and enables you to access the applications you need simply by logging into a portal and downloading them. However, perpetual licences are still common and need to be backed up, so it’s worth checking your applications.
Storing your data offsite
The main difference between disaster recovery and data backup is the location where your data is stored. To ensure that your data is fully protected in your disaster recovery plan, you need to store your backup files off site. Data can either be saved at a remote location or within the cloud, making sure that your data is safe should the unpredictable occur.
Realistic recovery objectives
Your plan should contain targets so that you can get your business back up and running as soon as possible. Your two main considerations are:
Recovery Point Objective (RPO)
This is the maximum age of files that your company must recover from backup storage. For example, if you choose an RPO of eight hours then your backups must save all of your files every eight hours. This is to ensure that you have the most up-to-date work while not filling your storage with unnecessary data.
Recovery Time Objective (RTO)
This is the maximum amount of time your company has to fully recover before normal operations can resume. If you set your RTO for three hours then you should aim to get everything back up and running within that three hour time period.
Keeping your recovery plan current
Once you have a plan in place make sure you keep it up to date. Technology is constantly evolving so review periods should be scheduled on a regular basis. You should also test your recovery plan once per quarter to make sure that it works as efficiently as possible
Lastly, don’t forget to make stakeholders aware of your plan. This includes the CEO, senior managers, directors, human resources and public relations officials. Make sure they’re kept updated with review schedules and any changes to the plan.
Choosing the right solution
Whether you opt for a data centre or the cloud, having an off site disaster recovery solution in place is vital for your business continuity. Escape Technology provides a number of services to make this process that little bit easier, from physical systems to subscription-based services.
Our managed services offering takes the pain out of setting up and running a DR platform – we’ll look after the hardware aspects in one of our carefully chosen data centres, while our engineers and technical specialists will work with you to ensure your networking is up to scratch. We can even consult on your full disaster recovery plan as part of an ongoing support contract, freeing you up to focus on the day-to-day running of your studio.
To book an initial consultation complete the form below and our team will be in touch.