What communication elements are important to the success of a disaster recovery plan (drp)?
Show
What is a disaster recovery plan?Organizations of all sizes generate and manage massive amounts of data, much of it mission critical. The impact of corruption or data loss from human error, hardware failure, malware, or hacking can be substantial. Therefore, it is essential to create a disaster recovery plan for the restoration of business data from a data backup image. It is most effective to develop an information technology (IT) disaster recovery plan in conjunction with the business continuity plan (BCP). A business continuity plan is a complete organizational plan that consists of five components: 1. Business resumption plan Generally, components one through three do not touch upon IT infrastructure at all. The incident management plan typically establishes procedures and a structure to address cyber attacks against IT systems during normal times, so it does not deal with the IT infrastructure during disaster recovery. For this reason, the disaster recovery plan is the only component of the BCP of interest to IT. Among the first steps in developing such a strategy is business impact analysis, during which the team should develop IT priorities and recovery time objectives. The team should time technology recovery strategies for restoring applications, hardware, and data to meet business recovery needs. Every situation is unique and there is no single correct way to develop a disaster recovery plan. However, there are three principal goals of disaster recovery that form the core of most DRPs:
What should a disaster recovery plan include?Although specific disaster recovery plan formats may vary, the structure of a disaster recovery plan should include several features: Goals Recovery time objective or RTO refers to the acceptable downtime after an outage before business processes and systems must be restored to operation. For example, the business must be able to return to operations within 4 hours in order to avoid unacceptable impacts to business continuity. Personnel IT inventory Backup procedures Disaster recovery procedures Disaster recovery sites Restoration procedures Include not just objectives such as the results of risk analysis and RPOs, RTOs, and SLAs, but also a structured approach for meeting these goals. The DRP must address each type of downtime and disaster with a step-by-step plan, including data loss, flooding, natural disasters, power outages, ransomware, server failure, site-wide outages, and other issues. Be sure to enrich any IT disaster recovery plan template with these critical details. Create a list of IT staff including contact information, roles, and responsibilities. Ensure each team member is familiar with the company disaster recovery plan before it is needed so that individual team members have the necessary access levels and passwords to meet their responsibilities. Always designate alternates for any emergency, even if you think your team can’t be affected. Address business continuity planning and disaster recovery by providing details about mission-critical applications in your DRP. Include accountable parties for both troubleshooting any issues and ensuring operations are running smoothly. If your organization will use cloud backup services or disaster recovery services, vendor name and contact information, and a list of authorized employees who can request support during a disaster should be in the plan; ideally the vendor and organizational contacts should know of each other. Media communication best practices are also part of a robust disaster recovery and business continuity plan. A designated public relations contact and media plan are particularly useful to high profile organizations, enterprises, and users who need 24/7 availability, such as government agencies or healthcare providers. Look for disaster recovery plan examples in your industry or vertical for specific best practices and language. Benefits of a disaster recovery planObviously, a disaster recovery plan details scenarios for reducing interruptions and resuming operations rapidly in the aftermath of a disaster. It is a central piece of the business continuity plan and should be designed to prevent data loss and enable sufficient IT recovery. Beyond the clear benefit of improved business continuity under any circumstances, having a company disaster recovery plan can help an organization in several other important ways. Cost-efficiency Achieving cost-efficiency goals demands regular maintenance of IT systems in their optimal condition, high-level analysis of potential threats, and implementation of innovative cybersecurity solutions. Keeping software updated and systems optimally maintained saves time and is more cost-effective. Adopting cloud-based data management as a part of disaster recovery planning can further reduce the costs of backups and maintenance. Increased productivity Improved customer retention Compliance Scalability The disaster recovery planning process can reduce the risk of human error, eliminate superfluous hardware, and streamline the entire IT process. In this way, the planning process itself becomes one of the advantages of disaster recovery planning, streamlining the business, and rendering it more profitable and resilient before anything ever goes wrong. Ways to develop a disaster recovery planThere are several steps in the development of a disaster recovery plan. Although these may vary somewhat based on the organization, here are the basic disaster recovery plan steps: Risk assessment Consider infrastructure and geographical risk factors in your risk analysis. For example, the ability of employees to access the data center in case of a natural disaster, whether or not you use cloud backup, and whether you have a single site or multiple sites are all relevant here. Be sure to include this information, even if you’re working from a sample disaster recovery plan. Evaluate critical needs Set disaster recovery plan
objectives Determine the recovery point objective (RPO), or the point in time back to which you must recover the application. This is essentially the amount of data the organization can afford to lose. Assess any service level agreements (SLAs) that your organization has promised to users, executives, or other stakeholders. Collect data and create the written document
Organize and use the collected data in your written, documented plan. Test and revise Finally, test the plan based on the criteria and procedures. Conduct an initial dry run or structured walk-through test and correct any problems, ideally outside normal operational hours. Types of business disaster recovery plan tests include: disaster recovery plan checklist tests, full interruption tests, parallel tests, and simulation tests. RPO vs RTOThe recovery point objective, or RPO, refers to how much data (in terms of the most recent changes) the company is willing to lose after a disaster occurs. For example, an RPO might be to lose no more than one hour of data, which means data backups must occur at least every hour to meet this objective. The RPO answers this question: “How much data could be lost without significantly impacting the business?” Example: If the RPO for a business is 20 hours and the last available good copy of data after an outage is 18 hours old, we are still within the RPO’s parameters. Recovery time objective or RTO refers to the acceptable downtime after an outage before business processes and systems must be restored to operation. For example, the business must be able to return to operations within 4 hours in order to avoid unacceptable impacts to business continuity. In other words, the RTO answers the question: “How much time after notification of business process disruption should it take to recover?” To compare RPO and RTO, consider that RPO means a variable amount of data that would need to be re-entered after a loss or would be lost altogether during network downtime. In contrast, RTO refers to how much real time can elapse before the disruption unacceptably impedes normal business operations. It is important to expose the gap between actuals and objectives set forth in the disaster recovery plan. Only business disruption and disaster rehearsals can expose actuals—specifically Recovery Point Actual (RPA) and Recovery Time Actual (RTA). Refining these differences brings the plan up to speed. Strategies and tools for a disaster recovery planThe right strategies and tools help implement a disaster recovery plan. Traditional on-premises recovery strategies Information technology systems require connectivity, data, hardware, and software. The entire system may fail due to a single component, so recovery strategies should anticipate the loss of one or more of these system components:
Data and restoration Internal recovery strategies Cloud-based disaster recovery strategies Vendors can host and manage applications, data security services, and data streams, enabling access to information via web browser at the primary business site or other sites. These vendors can typically enhance cybersecurity because their ongoing monitoring for outages offers data filtering and detection of malware threats. If the vendor detects an outage at the client site, they hold all client data automatically until the system is restored. In this sense, the cloud is essential to security planning and disaster recovery. Does Druva offer a cloud disaster recovery plan?With Druva’s cloud-native disaster recovery plan, workloads on-premises or in the cloud back up directly to the Druva Cloud Platform, built on AWS. This eliminates recovery complexities by enabling automated runbook execution and one-click disaster recovery. Druva’s cloud-native disaster recovery includes failover and failback, either back to on-premises systems or to any AWS region or account without hardware, a managed DR site, or excessive administration. Watch the video below for a demo, and discover Druva’s innovative one-click solutions for on-premises and cloud workloads on the disaster recovery page of the website. What are important elements of a disaster recovery plan?5 Elements of a Disaster Recovery Plan – Is Your Business.... Create a disaster recovery team. ... . Identify and assess disaster risks. ... . Determine critical applications, documents, and resources. ... . Specify backup and off-site storage procedures. ... . Test and maintain the DRP.. Why is communication important in disaster recovery?Effective communication empowers both disaster- affected and non-affected communities alike, helping to increase social cohesion, and acting as a valuable form of community development.
What is the most important aspects of disaster recovery?The steps include: defining key roles/responsibilities of your entire staff (including third-party vendors and supplies), creating a reliable communications plan, securing your business with a backup worksite, addressing how sensitive information will be maintained, and last but not least, testing your disaster ...
Which of the following is the most important consideration when developing a disaster recovery plan DRP )?Effective disaster recovery (DR) planning must address five key considerations – downtime, data integrity, cost, simplicity and security – according to experts at Nasuni, the leading cloud storage gateway.
|