An IT disaster recovery plan consists of: Prevent, Detect, and Correct, along with testing and documentation. It is much more than simply “backing up data” and includes planning for communications in the event of a disaster, and recovering business operations that use IT resources as quickly as possible.
Prevention means identifying potential threats to your IT infrastructure, such as viruses, human error, or inadequate server resources and addressing each.
This could include:
- Training people to use equipment/applications correctly
- Installing equipment monitoring and protection devices
- Corporate policies against downloads
- Installing firewalls
- Antiviral software
Backing up business-critical data is an important part of preventing data loss.
Backup can occur at scheduled intervals, or be continuous. Incremental data replication (only save changes) reduces the amount of data for storage. While most platforms today include built-in backup tools, it’s best to supplement them with software that facilitates full system recovery, such as snapshot software or recovery manager software for granular file recovery.
If your business must run continuously, with zero downtime, then solutions that allow continuous backup should be selected.
Backed up data is sent offsite to storage, and the storage site often must comply with security regulations for duplicate records (such as HIPAA for healthcare or Gramm-Leach-Bliley for financial data).
If business continuity is critical, then redundant servers may be required to achieve rapid recovery of the entire system. For instance, IT consultancies experienced disaster recovery can set up virtual images of a company server on a storage area network. This allows a business to resume operations with full data recovery in very little time for maximal business continuity.