Steps to Reliable Disaster Recovery

Being unprepared for a disaster is the real disaster. It could be man-made, like Ransomware or a data breach, or it could be fire, earthquake, flood or pandemic. The most important factor is to keep your business running. That is why a solid BackUp/Disaster Recovery (BUDR) plan MUST be in place.

Are you prepared before disaster happens?

Do you have a written Disaster Recovery Plan in place?
If so, have you tested it to ensure you can trust it?
How often do you test it? When was the most recent test?
With your current data Backup system, how long does it take to recover?
How long can your business afford to be down?
Have you measured the financial cost of downtime for your business? What is it?
In the event of a physical disaster, is there an offsite copy of your Recovery Plan?

For a comprehensive description of the three levels of backups, please look here:
Local Backup
Cloud Backup
Cloud to Cloud Backup

Once a disaster has occurred: What do you do?

  1. Stop and Think.
    A Fire is different from a Cyber-attack. Take a minute to fully grasp the nature of the emergency and how it will affect your business.
    a) Is your entire system down, or is the issue localized?
    b) Have your files been compromised? Deleted? Inaccessible? Or is the system just down?
  2. Set your Goals for Recovery.
    A BUDR plan (BackUp/Disaster Recovery) is more encompassing than a simple backup routine. Know and think through your steps to recovery.
    a) What happens first? Restoration of the system, or the data? Which is the faster method for you?
    b) Prioritize the crucial elements to your system and tasks needed for recovery.
    c) What point do you restore from? Date and time.
    d) Estimate how long the recovery should take.
  3. Establish the most efficient steps.
    The order in which you address the following will have an impact on your recovery time. Know the best path forward. Which do you do first?
    a) Restore files.
    b) Local virtualization.
    c) Off-site virtualization
  4. After recovery to a virtualized system, take nothing for granted.
    Once recovery is verified, take a roll-call with your users to ensure everyone has gotten back what they need.
    a) Test your network for full connectivity.
    b) Have all users verify that they can access all applications and resources.
  5. Restore the original system.
    If you do restore the original, which process is best?
    a) A bare metal restore?
    b) Or a virtual machine restore?
  6. Final Assessment
    Once the issue is solved, take a good look at everything that happened.
    a) How well did your team perform?
    b) What could you have done differently?
    c) What caused the disaster and system failure?
    d) What issues were revealed that need to be addressed for the future?
    e) What improvements could be made to your overall response to the failure?

Backup & Disaster Recovery: Q & A

Q: What is backup and disaster recovery?

A: Backup is the process of frequently copying and saving your data in several secure locations (locally, but not connected to your working network, and in the cloud): your Managed IT Services company should have at least these two backup locations in place and tested regularly for reliable data retrieval.
Disaster recovery is what happens after an emergency – man-made, like a Ransomware or data theft attack, or natural, like a fire or earthquake. Once the network is stabilized, possibly with all affected workstations and servers wiped clean (as in a Ransomware attack response), the IT support team will retrieve and replace all the backed-up data to the network system.

While cloud backups are available through platforms such as G Suite, Google Workspace and Microsoft Office 365, the backup and ensuing disaster recovery plans will not set themselves up. An IT support service should be consulted to oversee the plan setup. If you prefer to go it alone, Wired Magazine offers some noteworthy tips, but be forewarned – this has far more at stake than say, trying to replace your vehicle’s brake pads yourself. Let an expert do it.

If you are a small or startup business and have no real IT support, reputable firms can be found simply by Googling ‘IT Support Los Angeles’. Be careful to choose an accomplished firm with the resources to setup and execute an iron-clad backup & disaster recovery plan – too many free-lance ‘IT guys’ do not have the resources or knowledge to perform this task adequately.

Q: How does cloud computing effect backups and disaster recovery?

A: Any experienced IT service provider will tell you that while you need cloud backups, they are not the best ‘go-to’ after a disaster. The quickest way to effect recovery is through local backups that are NOT connected to the main working network. Cloud backups are essential in case the local backups have been compromised, but data retrieval is slower. Your IT support company or Managed Services Provider should have set up both backup systems, so they can easily manage the recovery in a timely fashion. There are plenty of options for ‘IT Support Los Angeles’ using Google.

Q: How do you create a backup and disaster recovery plan?

A: Unless you are a solo operator, it is best to have a qualified IT Support company or a firm that provides comprehensive IT Managed Services set these up for you. As a one-person operation who wants to do this on your own, download the Cyber Essentials Starter Kit provided free by the Federal Cybersecurity & Infrastructure Security Agency (CISO), but most likely the simplest way to back up your data is with an external hard drive that is ONLY connected to the computer when the backups are performed. If a virus or ransomware infects your computer, it will find its way to your external hard drive if it is connected.

Q: What is a backup and disaster recovery plan?

A: Basically, it is a set of procedures performed to recover data from secure backups after a disaster has caused a disruption to the network. It implements pre-set tools to accomplish. Your Managed IT Services  team will know what to do once disaster strikes. The plan will usually consist of the following:

1) RPO - Recovery Point Objectives: Part of the backup plan – determines how much data may be lost between backups. A good IT provider will suggest frequent backups – depending on the data flow and nature of the business.

2) RTO – Recovery Time Objective: This is the estimated time frame for returning to normal operations.

3) Local Backups: Local backups must be unconnected to the main network, so malware or hacking will not affect them – these are the fastest way to restore data, but in the event of a fire, will probably be lost as well.

4) Remote (Cloud) Backups: Offsite secure backups are essential to recovery. Cloud backups are the best and most secure. Malware or a fire will not affect them. Whether using those provided by G Suite, Google Workspace, Office 365, or a separate system set up by your IT support and services company, these are a MUST if you want your business to survive following a catastrophic event.

Accountability Roster: When disaster occurs, the person at the top of this list enacts the recovery plan. Roles and responsibilities must be pre-assigned to keep chaos from being a player in the emergency.

Testing: This is your disaster plan ‘fire drill’. Dry runs of the disaster and recovery procedures should be done frequently, perhaps monthly. Don’t expect it to run flawlessly if you’ve never practiced.

Q: What is the difference between backups and disaster recovery?

A: It is the difference between the horse and the cart. The horse is your data backup, and without it, the cart – disaster recovery – cannot be pulled. There is no disaster recovery if the data has not been securely backed up

Q: Why do I need backups and disaster recovery?

A: To be blunt, you need a reliable backup and disaster recovery system in place if you want your business to survive a cyber-attack. 60% of small businesses go out of business within 5 months following a cyber-attack or data breach. Ask your IT service company about this, and make sure you have these in place. If you are unsure, it’s a good idea to seek out a qualified IT Managed Services consultant to perform a 3rd party audit of your system. An ounce of prevention is worth more than a pound of cure – for that 60%, there is no cure.

Your New and Redefined IT Experience Begins with a FREE Consultation.
Give us a call or schedule online today!