What is it with businesses and Disaster Recovery anyway? So what if a business-altering disaster strikes and brings day-to-day operations to a halt? So what if you incur high financial costs, staggering reputation loss and put your clients and customers at risk? Planning ahead for Disaster Recovery is for the weak right?
The Information Governance Benchmarking Survey for 2013-2014 found that only 30 percent of businesses believe they have mature crisis management, Disaster Recovery and Business Continuity plans. Another study (2013) by the National Small Business Association found that a whopping 83 percent of small businesses lacked a recovery and continuity plan even a year after Hurricane Sandy.
So it’s evident that most businesses do not see Disaster Recovery for the true value it brings to organizations. If you happen to concur with them, here’s some help in ensuring you get no real value out of your own Disaster Recovery plan.
Top five mistakes with respect to enterprise Disaster Recovery
Failing at Disaster Recovery is simple. Just commit the following blunders:
1 – Apportion the entire responsibility to one team
Instead of considering Disaster Recovery an enterprise-wide approach, which is how it should rightly be, make it the responsibility of one team or department. Most businesses that apportion the whole responsibility to their IT departments, without incorporating the perspective of financial managers, line-of-business (LOB) leaders and frontline managers fail.
2 – Ignore digital resources
System threats like virus attacks and server crashes are common disasters waiting to happen more frequently than natural disasters. Since businesses rely heavily on their IT resources and digital assets now more than ever, ignoring the Security and recovery of customer files, client information, product information, email communication and more is a great way to fail.
3 – Ignore human resources
Another great way to fail is to focus on equipment, data, facilities and everything else but people. Don’t create any communication plan that outlines the key aspects, major considerations and definitive roles related to the plan.
This way people will not know under which circumstances they should invoke your Disaster Recovery plan, or whom they should contact in case of an emergency. They will also not know their own roles or the protocols to follow to minimize the impact of the disaster. This will also prevent them from notifying customers in time, which is going to make things worse for sure.
4 – Ignore Murphy’s Law
So Murphy’s Law states that anything that can go wrong, will in fact, go wrong. Acting in consideration of this law would mean creating backup plans and alternate strategies for your original Disaster Recovery plan. Businesses that want an airtight Disaster Recovery plan identify and document what should be done at each step if the primary resource/tool or person in charge for the step is unavailable or absent. If failure is your goal, don’t have a backup plan to your backup plan. Simply create a primary plan and leave it at that.
5 – Don’t run the plan until an actual disaster strikes
Your Disaster Recovery plan has been created and implemented, which means you’re theoretically ready to handle and recover from any disaster. Testing the plan using fire-drills or “what-if” trial runs is a waste of time, right? It will only help you identify weak spots and you’re going to have to work on eliminating or mitigating those weaknesses. So don’t run the plan as tests.
But what if you do not concur with the majority?
In that case, do the exact opposite of the five points listed above and success in Disaster Recovery will come easily. For information on how KeeFORCE can assist you in creating your Disaster Recovery plan, feel free to contact us by phone at (270) 851-0354.