Pop Quiz: Disaster strikes. Access to your network and your data is gone. What do you do?

Let’s say the disaster is a Ransomware attack – just because this scenario is much more common than fires, earthquakes floods or other types of data breaches.

An employee opens an email from what appears to be a trusted source, like FedEx. Cyber criminals ‘spoof’ or copy the email setups and logos of big companies and even Federal Institutions like the IRS, so the ‘phishing’ FedEx email looks legit, and it provides a link to track a package someone sent to your company. But it is not legitimate, and as soon as your employee clicks on the link, their computer freezes and a screen comes up that looks something like this:

This is only the beginning. The Ransomware is already finding its pathway to the rest of your network. The employee should be trained to immediately turn off the computer - not by going to the Start Menu for a standard shutdown, but by holding in the power button until the device shuts down - or even by unplugging it.

That is the very first step. Now what? The employee alerts the manager to call IT support, whether an in-house department or a 3rd party IT consulting service. One of the benefits of using a top-notch Managed IT Services firm like IT Support LA, is that with their proactive monitoring, their IT HelpDesk should already be getting alarms that your system has been breached.

IT Support LA configures our clients’ Cybersecurity to isolate and trap the malware in the initially infected device to prevent spread. Any reputable and experienced member of the IT Support Los Angeles Community should have these policies and procedures in place.

This is only what needs to happen within a minute or two after the attack, but it is only a small part of a comprehensive Backup and Disaster Recovery Plan. This is the point where the plan is implemented. The IT services team, in conjunction with your company’s management, will now do the heavy lifting to restore normalcy to your network operations.

How do you write a good disaster recovery plan?

Just as with any enterprise, the old saying “If you fail to plan, you plan to fail” is of paramount importance when it comes to a Backup and Disaster Recovery Plan. Putting an effective plan together requires a thorough process with pinpoint attention to detail. For more information on the greater scope of such a plan, please review our page HERE.

The basic steps required to put together an all-inclusive and reliable plan:

1) Top Management Commitment
Your IT support does not exist in a vacuum and does not presume to act without prior management approval. Everyone must be on board with the Plan. The IT services crew will do the behind-the-scenes work, but it is company management that must coordinate the plan with the employees, so their involvement and commitment to the plan is the first absolute necessity.

2) Organize the Planning Committee
All department heads, IT support and all areas of the company that would be affected by the disaster must be represented. The committee will define and delegate duties and define the scope pf the plan and will set the standards for those activities listed below.

3) Risk Assessment
Analyze and assess the dangers to all areas of the organization for the possible impacts and consequences of each possible disaster scenario. For example, a fire will present some different consequences than a Ransomware attack. Risks and the costs involved in responding to and minimizing the exposure as a result of the various possible disasters need also be analyzed.

4) Establish Priorities
The ’pecking order’ and importance of all areas of Processing and Operations. This is about putting ‘first-things-first’. Typically, data and communications should come first because they allow other areas of the organization to continue. In manufacturing, the shipping department goes last because they have nothing to ship if nothing is being manufactured.

5) Set Recovery Strategies and Tactics
Determine for each department the steps to be taken and who will take command of ensuring those steps are performed. The objective, much as for those in ‘Establish Priorities’ above, is to enable the continuity of business as the disaster is being addressed. It is crucial to establish what is to be done and by which key personnel.

6) Write the Plan
Starting with an outline, the final plan in a standardized format must adhere to every minute detail in understandable, non-ambiguous wording. The idea that any part of the plan could be open to ‘interpretation’ must be avoided. All functions of all departments must be clearly assigned.

7) Establish Criteria for Testing
Testing and ‘tweaking’ of the plan is an ongoing process. Develop reliable testing procedures that allow you to foresee any weak spots and make adjustments. Surprises on the day of the actual disaster are a disaster of their own.

8) Testing
Based only on the plan and the testing criteria, perform the first test, and update the plan as needed. A plan is rarely proven ‘bulletproof’ the first time.

10) Final Plan Approval
Once all adjustments have been made following several tests, set the plan in stone – for now. Testing should be scheduled at regular, agreed-upon intervals. The world changes, as does technology, so follow-up tests may show inadequacies that were not present when the final plan was approved.

Cloudian offers a comprehensive guide to writing a reliable Backup & Disaster Recovery Plan HERE.

Frequently Asked Questions

Q: What is the difference between having good backups and having a good disaster recovery plan?

A:  Without reliable and tested data backups in place, there really is no recovery from a disaster, at least from an IT services point of view. Once the data is gone, and exists nowhere else, a typical business will not survive. You need both. If you have some sort of IT support, but do not have either backups or a disaster recovery plan in place, perhaps it’s time to re-evaluate the quality of your IT support.

Q: What are the different types of data backup locations?

Q: What is the best method for data recovery?

A:  Depending on the nature of the disaster, it will always be fastest to restore data from your local backups, which may not be available in the event of a fire, flood or earthquake – at that point, rely on cloud backups, which are slower, but offsite.

Q: What is incident response plan?

A: The incident response plan (IRP) should be a part of the overall Backup & Disaster Recovery Plan, but it only deals with the IT support factors and procedures following an attack or data breach. With minor incidents, the IRP may be the only section of the larger plan that needs to be put into effect.

See Where you stand!

IT Support LA offers a FREE, no-risk network and security assessment. No strings, no obligation.
Just fill out the form on this page or call us at: