When discussing disaster recovery with clients they often assure us they are okay ‘because they have a backup’. However, they become less confident when we ask them whether they ever fully tested it.
This provides an opportunity to discuss the differences between backup, disaster recovery and business continuity we share here.
In a nutshell, you need a copy of your data backed up elsewhere, so your business can continue operating if you are unable to use the original source.
Why You Need a Documented Recovery Strategy
However, loading it up and getting started again is not the same as copying files from a dongle onto your PC. You need a documented strategy and that’s where a business recovery plan comes in.
Every business should have one of these strategies in place, and tested. Imagine for a moment you lost your email folders, customer database or other mission critical system. You could have lost the information on your accounting and enterprise resource planning databases too.
The US Department of Homeland Security says roughly 40 to 60 percent of small businesses never reopen their doors following a disaster … but you can if you have prepared.
Let’s Explore Backups in More Detail
The basics are simple but the implementation is not. How often should we backup and how long must we retain the information? We get clues from the Payment Card Industry PCI Security Standards Council, and the Health Insurance Portability and Accountability HIPPA ACT regarding rules for safeguarding personal information.
However, these may be unnecessarily onerous for other parts of our business. Whether or not we are not connected to a payments system or involved in the medical industry, we should identify our own mission-critical data too.
Making a Local Backup First
You then need an automated, local backup system to snapshot this data daily – including email history – and store it on a dedicated server under lock and key. Set the software so it first stores the latest version, and then merges it with the previous one.
Next, set the minimum retention period to 2 years. This should keep you legal with state law. Remember, emails are admissible evidence before the courts. You may be mighty grateful someday you kept a record of communication with a tricky customer.
Next, double check your situation in terms of HIPPA and PCI, local law, and any regulations relating to professional status.
Test your backup on a regular basis, at least once a month. Are you able to restore by file name and date? Not all your current data may be damaged. If something is working don’t fix it.
The danger of automated systems like these is we assume they will work when we need them. Companies that fail after a data disaster often fold because their recovery let them down when they needed it most.
Why You Need an Off-Site Backup
Let’s say you have a fire at the office that takes your main system and your backup server out. You lost all your data no matter how fanatically you followed our advice. This is one of the primary reasons why offsite storage is critical.
Perhaps you were a third party to a disaster not of your making. Maybe another tenant in the building was storing flammable chemicals, or a hurricane smashed the windows and caused a disastrous flood.
Possibly you heard about these dangers already, and have arranged off-site backup storage. That way, you hope to avoid the US Department of Homeland Security’s list of roughly 40 to 60 percent of small businesses that never reopen their doors following a disaster.
However you may not be out of the woods because of the human factor. A team of researchers at Sharif University of Technology found that disc failure is often down to human error. People get busy and forget to check discs are still in good working order when they exchange them.
A backup on a cloud goes a long way to resolving this provided you choose a good one. You get the protection of a professional service with provision for multiple fall-overs. You also benefit from automated testing and encrypted transmission. However a slow connection speed can become a bind.
It’s Time to Move on to Business Continuity
Business continuity refers to planning and preparation to make sure a company overcomes serious incidents or disasters, and is moreover able to resume normal operation within a reasonably short period. Any company with critical data should therefore include data continuity in its plan.
Keeping backup servers in a colocation data center is a superior solution to a cloud. That’s because you have control over the quality of the media, and nobody else handles your information.
Furthermore the colocation center – and you can visit it – should have military grade security, and competent personnel on hand to attend to any eventuality including fallout from fires and hurricanes.
You can switch across to your backup data quickly and easily, because you have been updating it online continuously on your own remote servers. There is no substitute for this degree of data continuity completely under your control.
Pulling the Threads Together: Disaster Recovery
Disaster recovery is not an event. It is an ongoing process to ensure you have reliable backup arrangements you can access quickly, and thereby ensure the continuity of your business when you lose your working data to a disaster.
Moreover, you also have an effective countermeasure for viruses, malware, ransomware, and careless employees who panic when they accidentally hit the delete button.
What this Information May Have in Store for You
If we have caused you to reconsider how well you configured your disaster recovery then we have achieved our purpose. This article will have been worth writing if you have taken on board your need to maintain your infotech environment in a way you can recover it seamlessly. If you’d like to find out more, follow this link to our disaster recovery page.