Why Your Disaster Recovery Plan Won't Hold Up in the Next IT Emergency
Original post at: MSP Blog
Tis the season for unprecedented snow fall! As children, we obsessively watched the weather forecast when there was the slightest mention of snow, hoping that 67% chance crystallized into a sure thing. Then the next morning, we'd get up earlier than our parents would normally have to drag us out of our beds to race to the window, hoping to see nothing but white.
As MSPs you don't often have snow days. The biggest snow storms actually wreak havoc for the IT environments you monitor and manage. Are you prepared when they do? In a recent Channele2e post about business continuity, Joe Panettieri recaps the results of Jonas - the blizzard that rocked the east coast this past weekend - and highlights specific MSPs who proactively updated their disaster recovery (DR) plan in preparation. They, like many other MSPs and IT solutions providers, recognized room for improvement and increased responsiveness in the event of an emergency. Have you revisited and revised your own business continuity processes? Is your backup and disaster recovery (BDR) solution Jonas-tested and safe from any other disaster triggered by natural disaster, malicious attack or user error?
Let's see just how robust your disaster recovery plan really is...
1. Have you properly defined and documented what you consider a disaster scenario to be?
You can't know when and how to act when you don't know what to act upon. It may seem like common sense, but you can never be too thorough when recovery planning.
2. Have you identified all of the risks that necessitate an IT disaster recovery plan?
Thinking back to Jonas, we know that by the time Joe had written his article, almost 72,000 customers had already lost power. In this scenario, the risk is systems going offline as a result of the power outage. A snow storm is just one case that tests how strong your plan is. Don't forget about the other threats to your clients' network uptime, such as a phishing email that's clicked and installs ransomware or hardware failure.
3. Have you conducted a Business Impact Analysis (BIA)?
With each of these risks, you want to know how likely they are to occur and what the impact would be if they actually did. Just as different geographic locations may be subject to different weather calamities, different IT environments may have varying levels of susceptibility to outside threats. If your client doesn't have a BDR solution in place, for instance, the impact of an unexpected power outage is critical - if their server and local backup fails, their data can't be recovered. If they do have a BDR solution in place, while they'll experience downtime with workstations being offline, there's not as big a risk of data loss. Once you've conducted the BIA for each risk, you can prioritize which vulnerabilities to address first.