First, consider if your servers went out today, how long would it take your team to get your business up and running again without a BCDR? How much does an hour of lost productivity cost?
For a B2B, not being available for your clients could cost you hard-earned relationships. And B2C, downtime could mean a silent cash register. It’s one thing to lose a day’s worth of unsaved work from an unexpected power outage, but natural disasters can also damage your office.
BCDR is the practice of making sure your company is able to continue to run with little to no interruption during “disasters” of all shapes and sizes.
Continuity vs Recovery
BC refers to a business’s ability to continue operations and functions in a time of distress or disruption. For example, natural disasters, cyberattacks, power outages, or even communication failures. This is a proactive response to potential threats. A BCDR device regularly backs up servers and allows you to create virtual instances from those backups. With this technology in place, a business can be quickly switched over to operating from virtualized backups and continue as normal.
Virtualizing your server with a BCDR device is also a viable solution for more dramatic disaster scenarios that force your organization to transition partially or fully to a remote work situation. Because business continuity is proactive, careful planning is necessary to adequately prepare.
DR is what your business relies on when business continuity cannot be maintained. This deals primarily with the restoration of functional business operations.
For example, a transformer blows, preventing you from accessing your office workstation. In this scenario, your disaster recovery plan would inform all relevant parties on how to reestablish access to your applications. This might involve sending your employees home and switching to using a redundant cloud-based server while you wait for restoration.
Creating Your Business Continuity & Disaster Recovery Plans
Consider the different scenarios that could impact business operations.
First, your organization will have its own unique ways to respond, so your plan should think about on and offsite. Then, consider the plan at a local, regional, and national level. If local, would you still be able to access office resources temporarily? Do you have a backup source for internet and telecom access? What if a regional or national issue such as a pandemic were to displace your employees from their workstations?
Finally, conduct an analysis of your IT infrastructure. This will help determine which resources you need to keep things operational.
Business Continuity Planning
- A Threat Analysis — should include potential disruptions as well as the damage they could cause to affected resources.
- Role Assignments — A well-defined chain of command that takes the absence of critical staff.
- Communication Strategy — how important information will be distributed in response to the incident and after.
- Your Backup Plans — detail where your backups are being stored, how to access them, and any cloud servers that can substitute.
- Infrastructure and Hardware Solutions — what is necessary to maintain business continuity and how would you respond?
Disaster Recovery Planning
If disruption to day-to-day operations becomes unavoidable, your organization needs to know what to do to bring things back to normal. When determining the particulars of your disaster recovery plan, you’ll want to define your recovery time objective (RTO) and your recovery point objective (RPO).
RTO – Recovery Time Objective
Recovery Time Objectives are targets for how quickly your business should be back to normal operations after failure. This is how long your business can tolerate downtime. Conduct an assessment of how your business’s operations work and identify what critical tasks can still be done even in the event of a disaster. Different components may require different RTOs since some systems take longer to restore.
For instance, if your wi-fi goes out, it may only take minutes to restore. But how long would it take to restore the loss of internet access at the office? Your organization’s answers will help narrow down RTOs and generate a sufficient disaster recovery plan.
RPO – Recovery Point Objective
Recovery Point Objectives are targets for what state you should be able to restore your systems to after failure. Your RPO clarifies how current your data restoration needs to be. For example, if a business’s most recent copy of data available after an outage is from 18 hours ago, and the target RPO is 20 hours, then that copy would fall within the parameters of their target RPO. From a disaster recovery perspective, your main focus should be at the systems and infrastructure level.
Who Should Take Care of BCDR?
The person in charge of creating your BCDR plan ought to be the CTO or CIO since they’re probably the people who know most about your company’s technology capabilities and needs. However, if your business doesn’t have those roles filled, you can still get an augmented version of a CIO with our Managed IT services.