No matter how excellent your provider is, things can always go wrong. If an accident, disaster, or cyber event compromises your internet infrastructure, and thus your ability to operate, make sure you have a plan in place.
Part two of Schooley Mitchell’s three part series.
Last week, we explored the internet crash that happened because of cloud company Fastly on June 8th, 2021, impacting many big-name businesses. This week, in the second installment of Schooley Mitchell’s three-part series on internet outages, how they affect your business, and what you can do to minimize the damages, we look at disaster recovery plans.
What is a disaster recovery plan?
Simply put, a disaster recovery plan is a way to be proactive about the things that could go wrong, by describing the process, policies, and procedures for responding to them. This could be anything from a storm that causes a power outage, to a largescale cyber event. These plans lay out the necessary steps to recover or continue your IT infrastructure and should include hardware and software safeguards.
Why should you invest in one?
A disaster recovery plan can be the difference between your business’ ability to resume operations or not. Last week we discussed the disruption of an hour-long global outage, but not all events are so brief. A larger outage could eat into your revenue, reputation, and productivity. It could cost you customers and employees. Doing the work to mitigate these risks is an important part of business leadership.
Likewise, data loss can be devastating for your business operations. If you can coordinate protocols for offsite storage or backup schedules, you can soften the blow of a disastrous event.
So, what steps should you take?
If you don’t have any experience with disaster recovery plans, it can be beneficial to work with professionals who can offer impact analyses and identify potential risks.
However, there are also steps you can internally to help you prepare.
Take a thorough inventory.
Document your telecom operations details. This includes your computers, phone systems, servers, and storage. List the diagnostic tools used to monitor systems. Keep track of the software, cloud services, and web-hosting platforms you rely on to operate.
In other words, know what you need to function, and what alternatives can be employed, in the case of a system failure.
Identify the risks.
It’s important to know what has the potential to affect your organization’s operations. This can include natural disasters, industry-specific risks, or larger external cyber events.
Not everywhere needs to prepare for a flooding event but may have to instead prepare for winter storm damage. Likewise, some industries are going to have different risks than others. Institutions like universities may want to prepare for strain on computer systems during registration and exams periods, for example, while online retailers might experience overwhelming traffic during a sale. Knowing times when you are vulnerable to a potential crash will help you provide better support and backups.
Forbes also suggests mapping the trends impacting your business system. Have you thought more broadly about factors such as your reliance on other companies and hard-to-replicate specialist firms? What happens to your business if a cloud company you work with has an outage? After all, the June 8th Fastly outage shows that a small glitch at a big provider can cause trouble for hundreds, if not thousands, of businesses.
Create a list of circumstances that will invoke your disaster recovery plan and rank their severity.
Spend time on events or conditions that are likely. It can be easy to overwhelm yourself with a list of potential catastrophes, but you want your plan to stick within the realm of probability, not fantasy.
Focus on telecom.
Our telecom systems do so much for our businesses, despite oftentimes being very fragile. One disruption can do a lot of damage. Part of your disaster plan should be focused on assessing your telecom situation.
Some questions you can ask in the case of damage to your telecom system:
- What cables are still intact?
- Can rerouting accomplish anything?
- Can critical segments be remapped?
As previously mentioned, working with a third-party professional to help assess this damage, and the risks to your systems, can go a long way in damage prevention and recovery.
Come up with recovery strategies.
Once you know the risks and what’s at stake, your plan should involve steps towards partial recovery. This could be an alternate site you could operate from during an event, or a scaled-back level of services to be prioritized.
Implement prevention strategies.
You can implement preventative measures to protect your equipment and avoid unnecessary loss. This could include data backups, fire containment doors, generators, or connecting your telephone system to an uninterruptible power supply that would maintain coverage for several hours in the event of an outage. This can also be as simple as strategically planning where tech is placed based on where your building’s sprinklers are located.
Security tech, like higher quality locks and motion sensors, can also be included in this plan.
Build company-wide compliance.
This is not just a senior leadership activity. Part of a disaster recovery plan’s success is in its adoption by each department within your organization. Middle management and employees should be reviewing policies and procedures and making suggestions when appropriate.
Parts of your plan can be delegated to trusted members of your team. Who is responsible for doing a regular inventory? Who is responsible for shutting off computers during a weather event?
Everyone should be on board to keep your operations running in the case of an accident or disaster.
Make preparedness a competitive advantage.
While this investment in preparedness may seem like a lot of extra work, it could potentially give you an advantage over your competitors.
Forbes says you can use disaster recovery to benefit your business, by being more reliable when events swamp other businesses. Maybe aspects of your plan are even the reason a new customer chooses you over a company with less risk mitigation implemented.
In essence, a disaster recovery plan is best business practice.
Disasters happen. They’re not always avoidable, despite our best efforts. Whether it be a weather event, accident, theft, technical error, or large cyber event, there is a lot you can do in terms of damage prevention and risk mitigation to keep your company online and functional.
In Schooley Mitchell’s three-part series on internet outages and your business, we have looked at what happens when the internet crashes, and how to set up a disaster recovery plan. Next week, we will take a look at your role as the employer when a remote or hybrid worker has an outage on their home network.