Next Caller

Disaster Planning: Five Tips To Safeguard Your IT Infrastructure

Contributor:

John Fakhoury is the Founder and CEO of Framework Communications. Framework is a single-source Managed IT and Telecommunication firm that makes technology more user-friendly and approachable for businesses. John is a value-driven technology entrepreneur and he works hard to give back to the community.


What’s the real cost of a long-term power outage, server failure or widespread malware attack? According to a recent EMC survey, the double threat of data loss and downtime sets back businesses more than $1.7 trillion each year. What’s more, 71 percent of IT professionals said they’re “not fully confident in their ability” to get back on track after a disaster-type incident. With IT infrastructure now a critical line-of-business asset, protection and planning are key: Here are five tips to help safeguard your technology platform:

Defining Disaster

First up? Decide what constitutes “disaster.” As noted by Small Business Computing, it’s critical for organizations to understand the threats they face and the impacts of specific loss scenarios on the bottom line. For example, financial-sector companies must be especially wary of mobile malware, while health care agencies face compliance and continuity challenges if servers suddenly fail or cloud providers experience a security breach. Managing disaster risk means developing a plan that describes specific events, ranks their likelihood, and describes their impact. This allows IT staff to design targeted responses and prioritize issues — essential if multiple issues emerge concurrently.

Safety in Three Parts

The next step in disaster planning covers three key aspects of IT safety: Prevention, detection and correction. While many recovery systems focus on the last part of this triad — correction — this forces companies to react in the event of disasters, rather than making allowance for proactive efforts. Start with prevention: This could take the form of surge protectors to eliminate the risk of power spikes or off-site data backups to remove the chance of total data loss. Detection is next. Event monitoring tools can warn IT professionals about possible malware threats and resource consumption issues, while physical tools such as fire alarms reduce the chance of total loss.

Testing, Testing

IT Web offers clarity: “If you don’t test it, then it’s not really a disaster recovery plan.” Too often, companies design complex and redundant DR plans but fail to conduct regular tests. The result? When disaster does occur, the system doesn’t work as intended. Often, failure can be traced to one of two causes: Changes in system configuration that seem incidental or innocuous — such as an update to newer server software — or unexpected interactions that prevent DR processes from executing. Bottom line? Regular, end-to-end testing of disaster recovery plans is critical.

Getting Back Up

It’s not about getting your data backed up. It’s about getting your data back up and running. Many back up services guarantee your data is backed up somehow/somewhere but don’t help you actually get back up and running. Eg a new server may need to be set up for the data to be used/usable.“

How do you get your system back up and restore data access after a disaster? Answering this question means identifying two key components: Recovery time objectives (RTO) and your recovery source. Setting an RTO is critical, since this gives you an acceptable “baseline” — how long could systems be unavailable without compromising your bottom line? Achieving this objective means selecting the right recovery option. For some companies, this is off-site storage that can be mobilized and migrated as needed, while others require the on-demand speed and scalability of a cloud backup provider.

Beyond IT

According to Information Age, it’s also important to think beyond IT and consider other aspects of your DR plan that could impact recovery objectives. These might include emergency contact numbers for water, electricity and gas suppliers to your building, or an up-to-date list of IT staff numbers in the event of a weekend or nighttime emergency.  What if the problem isn’t with IT — if a fire or flood cuts off power to your server stack, what’s the game plan and how will services be restored?

Safeguarding your IT infrastructure means creating the best defense for the worst possible outcome. By defining your risks, addressing prevention, detection and backup issues, and devising a regular test schedule that goes beyond IT silos, it’s possible to improve your DR outcome.