1
Disaster Recovery Plan: How to
Ensure Business Continuity
Serhiy Kozlov — February 6, 2019
0
7 SHARES
In 1990, the unthinkable happened. AT&T, the most lauded and dependable phone system, went
“dead.” It began with a piece of bad code that caused one switch at one if its 114 switching centers
to malfunction. When the switch came back up, it sent out signals to switches at all other centers to
shut down. All centers crashed. The consequences were devastating for numerous AT&T business
clients, including American Airlines (loss of 200,00 reservation calls) and CBS could not reach any of
its bureaus. As the company investigated the issue, it realized that its own in-house redundancy
failed because it was not insulated from the new main system. In other words, the backup crashed
too.
We’ve come a long way since then of course, but disasters come in many forms (malfunctions,
cybercrime,data center equipment failures, power outages, etc.), and no business is immune. In
2018, Microsoft, Google Cloud, Slack, Visa and a number of other companies experienced downtime
due to failures. The reasons behind those failures were human errors, equipment failure, bugs in
code and improper load balancing for cloud infrastructure.
Fortunately, neither of those outrages lasted for longer than a few hours. As all of the companies
had comprehensive a disaster recovery plan that includes processes and procedures for how to
ensure business continuity during the disaster. In fact, 47% of enterprises and 38% of smaller
companies now use disaster recovery for at least half of their production infrastructure. But disaster
recovery mechanisms alone cannot guarantee you business continuity.
Business Continuity and Disaster Recovery Plans are Not the
Same
These terms are often used interchangeably but, in fact are very different.
Business continuity (BC) is a proactive approach to dealing with the risk of a disaster, ensuring
that normal business operations can go on. Typical components of such a plan include solutions for
the challenges of all IT needs – network connections, phones, network drives, servers and other
business applications. The goal of business continuity management is no downtime.
Disaster recovery plans (DRP) are reactive. Once a disaster hits, it is this plan that provides for
restoration of the IT infrastructure, accessing copies of data that is stored offsite, and picking up all
the pieces in a structured, organized way. Its focus is on recovery time.
A simple example of the difference would be this: a business continuity plan would include
temporary facilities for essential department personnel and getting the proper equipment to that
2
facility. A disaster recovery plan includes the pre-planned activities of the staff once it is established
in its temporary facility.
Exactly What is a Disaster Recovery Plan?
First and foremost, a disaster recovery plan is a structured and fully documented roadmap with
instructions for recovering all potentially vulnerable systems and networks. It includes every step to
be taken who is responsible for each of those steps.
Large enterprises often have an on-premises recovery plan – one that is expensive to implement
and maintain. And, as well, it is certainly not foolproof against power failures, fires, and other natural
disasters. When the big ones hit, continuous backup doesn’t occur. The other option, of course, is
for the backups to be physically housed somewhere else.
By far, the best solution for businesses of any size are cloud-based managed service providers
(MSP) such as those offered by Amazon Web Services (AWS). In 2018, 58% of companies said that
use cloud for DR/BC. That’s 22% more than just three years ago.
For smaller enterprises, cloud DR/BC has clear costs that can keep a company on budget. Within
the best cloud structures, moreover, security measures are solid and up-to-date. This solution
means that 24/7 access to all data and infrastructure that has been moved to the cloud is
guaranteed, so long as your IT teams have Internet access.
Advantages of Having a DRP
These should be obvious:
1.
2.
3.
4.
You will have a detailed plan for protection of your data and your hardware.
You will experience far less yearly downtime
Implementation of the plan will help to maintain your reputation with clients/customers
It will assist with business continuity, including continuous 24/7 IT support as is often
necessary
5. It will provide the methods by which you can test your plan
6. It will give your organization, especially upper level management, with a sense of security
How to Develop a Disaster Recovery Plan: Step by
Step
1. Begin with a Contingency Statement – A formal set of rules, conditions, and guidelines that
determine when a DRP is to be activated
2. Conduct an Analysis of Business Impact – An identification of the critical IT components
and applications that must be “recovered” in order to achieve business continuity.
3. Develop a Description of Control Methods – What types of measures are currently in
place to reduce risk – prevention (e.g., backup generators, external facility), detection (e.g. IT
infrastructure monitoring, uncovering potential threats, viruses), and correction (restoration
measures following an unwanted event/disaster).
4. Create the Plan – specific instructions for recovering the infrastructure and applications that
will allow “business as usual.”
5. Train and Test – Training of all critical staff and testing the plan by simulating disasters.
3
6. Plan for Updating – The DRP must have flexibility and fluidity, as conditions change within
the organization.
When Cloud Disaster Recovery is The Best Option
Creating the plan when cloud services are in place will help to alleviate and simplify the control
measures that must be put in place, as well as enable faster recovery of data and infrastructure.
The key will be to identify those critical elements and applications that must be placed in the cloud in
order for seamless continuation of business operations. Once that has been accomplished, the
following steps are key:




Data must be backed up on a regular basis
A cost analysis must be conducted, so that the cloud services meet budget objectives.
Decide on the recovery time objective. This will determine the type of cloud services you
need and will impact cost.
Identify the critical applications that must be moved to the cloud and how quickly you need
the recovery – this will determine the recovery architecture you choose. Options vary from
simple backup and restoration all the way to what is known as a “hot standby,” which usually
involves copying data and applications among more than one active location, splitting up the
traffic and routing that traffic so that there is no downtime whatsoever.
Advantages of Using a Cloud Service Provider for
DRP
1. Consider the cost: It’s expensive to maintain an in-house disaster recovery. Without
exception, it will involve backup in a separate facility, either one owned or leased.
2. Rapid retrieval of data and files
3. Service that is both reliable and scalable as the need arises
What If Disaster Hits a Cloud Infrastructure?
It could happen. And any disaster recovery plan should provide for this possibility. When a company
looks for a cloud-based recovery solution, it must explore what the service offers in terms of cloud
disaster recovery. The good ones will have technology partners with backup solutions of their own.
Round the clock access thus continues without a hitch.
Conclusions
Businesses have several options for disaster recovery. Choosing one that fits their needs and
budget, both current and in the future, can be a challenge. For this reason, many companies choose
to outsource disaster recovery planning.
The Institutes gives attribution for the material to Business 2 Community. Original article can be found here