11 Common Disaster Planning Mistakes



Similar documents
The 9 Ugliest Mistakes Made with Data Backup and How to Avoid Them

Read this guide and you ll discover:

MOVING INTO THE DATA CENTRE: BEST PRACTICES FOR SUCCESSFUL COLOCATION

Backup & Disaster Recovery

The 7 Disaster Planning Essentials

12 Little-Known Facts and Insider Secrets Every Business Owner Should Know About Backing Up Their Data and Choosing a Remote Backup Service

Top 10 Reasons for Using Disk-based Online Server Backup and Recovery

Disaster Recovery. July Specialists in IT Outsourcing and Consultancy

Ensuring your DR plan does not Lead to a Disaster

Disaster Recovery Plan

Backup Your Data and Keep it in Canada

White Paper FASTFILE / Page 1

Best Practices in Disaster Recovery Planning and Testing

The 10 Disaster Planning Essentials For A Small Business Network

What You Should Know About Cloud- Based Data Backup

BACKUP ESSENTIALS FOR PROTECTING YOUR DATA AND YOUR BUSINESS. Disasters happen. Don t wait until it s too late.

FORMULATING YOUR BUSINESS CONTINUITY PLAN

Technology Solutions That Make Business Sense. The 10 Disaster Planning Essentials For A Small Business Network

Business Disaster Recovery: Lessons Learned & Best Practices

Frequently Asked Questions about Cloud and Online Backup

How NAS Can Increase Reliability, Uptime & Data Loss Protection: An IT Executive s Story

Why cloud backup? Top 10 reasons

IF DISASTER STRIKES IS YOUR BUSINESS READY?

Disaster Recovery in the Contact Center

Expecting the Unexpected. Disaster Preparedness Strategies for Small Business

Little-Known Facts and Insider Secrets Every Business Owner Should Know About Backing Up Their Data and Choosing a Remote Backup Service

Cloud Computing Safe Harbor or Wild West?

5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS

TO AN EFFECTIVE BUSINESS CONTINUITY PLAN

Mastering Disaster A DATA CENTER CHECKLIST

Disaster Recovery Planning. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

Building a strong business continuity plan

Disaster Recovery and Business Continuity What Every Executive Needs to Know

How to Prepare for an Emergency: A Disaster and Business Recovery Plan

Powered by DATTO. Backup vs. Business Continuity: Using a Recovery Time Objective (RTO) to Better Plan for Your Business

What if your Disaster Recovery Plan were put to the test?

ROI of IT DISASTER RECOVERY

Is Your Port Prepared to Recover from a Disaster? Can you keep the cash register ringing when bad things happen?

Business Continuity & Disaster Recovery Hot Topics: Your Questions Answered. Paul Sullivan Mark Norton Scott Teel Ryan Donohue

One major business challenge is maintaining and improving the efficiency and effectiveness of a company s information technology. Wouldn t it be nice

Disaster Recovery Plan (DRP) / Business Continuity Plan (BCP)

Availability and Disaster Recovery: Basic Principles

It s the Business! Business continuity considerations for all organisations

12 Little-Known Facts and Insider Secrets Every Business Owner Should Know About Backing Up Their Data and Choosing a Remote Backup Service

7 Critical Facts Every Business Owner Must Know About Protecting Their Computer Network From Downtime, Data Loss, Viruses, Hackers and Disasters

Five Reasons Your Business Needs Network Monitoring

WHY CLOUD BACKUP: TOP 10 REASONS

How to Design and Implement a Successful Disaster Recovery Plan

How To Back Up Your Computer With A Hard Drive On A Usb Or Usb 2 (For Small Businesses)

QUICK GUIDE. How to Select an Effective Mobile Workforce Management Solution. How to Select an Effective Mobile Workforce Management Solution

The question is what kind of VoIP do you want? What are the tradeoffs today?

Disaster Recovery Planning Save Your Business

Business Continuity Planning

<Client Name> IT Disaster Recovery Plan Template. By Paul Kirvan, CISA, CISSP, FBCI, CBCP

a guide to the cloud Understanding the cloud and recreation management understanding the cloud and recreation management a guide to the cloud 683_14

Building Economic Resilience to Disasters: Developing a Business Continuity Plan

Disaster Recovery. 1.1 Introduction. 1.2 Reasons for Disaster Recovery. EKAM Solutions Ltd Disaster Recovery

Moving to the Cloud? DIY VS. MANAGED HOSTING

Frequently Asked Questions (Including Definitions)

Business Continuity and Disaster Recovery Planning

Satellites Benefit the Cloud

Offsite Disaster Recovery Plan

Transcription:

11 Common Disaster Planning Mistakes The world is full of risk. Floods, fires, hurricanes, thefts, IT system failures and blackouts are just a few of the incredibly damaging disasters that can and do strike businesses with little to no warning. Unfortunately, most organizations are not adequately prepared to face them. Even companies that think they have a solid disaster recovery plan often find out the hard way they were wrong. Reliance on a Single Point of Failure Many disaster recovery plans rely on a single solution for things such as communication, recovery sites, key personnel and fuel sources to get up and running after a disaster. But, as with other aspects of your business, diversifying your resources is a much safer bet. After a disaster strikes, companies should not rely on a single means of communication with staff, customers and vendors, such as one e-mail server or a single phone system with no backup. Additionally, key leadership personnel shouldn t use the same cell phone carrier. If a devastating storm strikes the area and everyone in the office uses a single or common cell phone carrier, communication efforts will be significantly disrupted and the company won t have a way to bring other employees into the recovery. In a crisis, texting often becomes one of the most reliable means of communicating with staff and vendors.if your recovery plan calls for leaders to communicate through texting during and after an emergency, make sure their phones enable texts and that each person is comfortable writing and reading texts. If cell phone service goes down, your leadership team should be able to reach each other through landline phones. However, for this to happen, you must make sure each person actually has a landline at home. Be mindful of how you use your recovery site and its proximity to your building. For example, Superstorm Sandy in 2012 affected a huge geographical area. Many companies in New York City whose offices were affected by the storm had recovery sites in New Jersey that were also damaged. Consider how you plan to use your recovery site. Will it be for data, employees or critical equipment? Many companies are going to the cloud for data storage, which enables them to keep their data out of the immediate geographic area. Because power is often the main source of disruption in a disaster, many businesses have invested in backup strategies for power outages, usually a generator. Unfortunately, simply buying a generator will not protect a business from power outages. Generators must be regularly serviced and maintained, so companies need to choose appropriate service and fuel vendors before a crisis strikes. Test the generator regularly to make sure it works and you are familiar with operating it. And keep in mind that everything is vulnerable if your generator is outside, it s just as much at risk for damage as everything else. Try to protect it from the elements, and consider how you would relocate it in an emergency. Companies often plan their recovery efforts around one key individual. Are important contacts or passwords held by a single person? Have you only authorized one person to spend necessary funds at the time of a disaster? The bottom line is: If any one person were unable to report for duty, would your recovery strategy suffer as a result? 2013 ACA International. Reprinted with permission. Page 1

Disaster recovery strategies ultimately hinge on people people who have lives outside the company. When employees personal lives are disrupted, it can be very difficult for them to come into work and play a role in the recovery. Your plan should account for how the business will temporarily carry on without all people. After the Alabama tornadoes in 2011, while many businesses were not affected by the storm at all, a large part of the community was crippled. Because many people couldn t get groceries or cash, and schools and daycares were closed, they also couldn t get to work. If those are the people who are responsible for saving your organization, you will have a problem unless you have backup to those people. Others should be empowered others to make recovery decisions should decision-makers be out of pocket. Failure to Properly Inform and Prepare Employees Businesses often neglect to share details of their recovery plan with employees. All employees should be familiar with the company s disaster recovery plan and their role in it. Make the plan a part of your training for new hires, and review it with all employees annually. Many businesses plan to have employees work from home after a disaster but fail to test the process ahead of time. Not everyone will have the resources they need to be successful working from home. They may not have power or Internet access at their homes, or may have other distractions that keep them from being productive. If your plan is to distribute laptops to certain employees after a disaster, it is prudent to have employees take them home beforehand to make sure they can log in, send and receive communications and access files on the remote server. Employees who are able to make it to work after a disaster may not be the employees you would normally count on, so make sure everyone is cross-trained to continue critical functions. Natural disasters often cripple mass transit opportunities and fuel supplies at gas stations. Consider storing fuel for critical vehicles at the office, and encourage key staff to keep some fuel at their house. After the West Liberty, Kentucky tornado in 2012, many people in the community were unable to access their offices due to law enforcement and security issues. He advised getting to know your local emergency management and law enforcement leaders beforehand. Focusing on IT Recovery Only Most disaster recovery plans are almost exclusively focused on IT components. Of course, your company needs access to data and systems, but if you don t have people, your data and systems will be worthless. Companies that don t look beyond their IT needs often don t realize they will also have to recover office space, furniture, hardware and power for their business after a disaster. If a company s key IT people are unable to help get the business up and running, outsourced IT companies can step in to fill the gap. However, there are limits to what outsourced IT teams can do, especially after a community-wide disaster. Where are you going to land on the priority list for an outsourced IT company when they have many other clients they have to service at exactly the same time? Have that conversation now so you can establish proper expectations and incorporate the details into your plan. 2013 ACA International. Reprinted with permission. Page 2

Failure to Properly and Sufficiently Insure Your Business Insurance is one of the most important parts of disaster recovery because it can help protect companies from financial ruin. While most company owners make it a habit to review coverage options with their agents and brokers each year, don t forget to discuss exclusions and limits when reviewing the policy. For example, does your plan cover power loss and business interruptions? Many people affected by Sandy didn t know they didn t have flood insurance or policies for off-premise power, for instance. Probably 90 percent of those businesses thought they had appropriate coverage in place. After a disaster, you will need to submit a list of your inventory, receipts for purchases and photos of destroyed items. Cataloging these things can be overwhelming to do during an event or even a few days after an event, so take the time to organize your information now. Companies can mitigate physical losses significantly by turning off utilities, postponing deliveries, moving equipment to a secure location and safeguarding assets prior to a storm. Try to make any necessary repairs ahead of the storm as well, especially anything involving the roof, support structures and storm shutters. Check out the sewer and storm water pump systems to ensure they are operable. Do the math and calculate your operation s potential downtime costs. Include lost revenue and added expenses in your calculations, such as recovery costs, temporary accommodations and travel expenses. Add these totals into your budget and recovery plan financials. Over-Reliance on Third-Party Information When a disaster interrupts your business, you will have many questions. When will the power and utilities return? What is the curfew time for your area? Who has permission to access facilities in your neighborhood? When will the government be there to support you, what will it provide and how soon will you receive it? Because third-party information is often unreliable at best, you shouldn t depend on it to keep your business afloat. You can t predict when the power will come back on, but you can establish in advance when your business will go into recovery mode, such as if you re losing $10,000 a day or if the disaster has affected your business for more than five days. Establish a culture of preparedness so your company can be prepared for short-term outages of at least a few days. You should have the ability to sustain yourself for at least 72 hours, not just data, but for your office, staff and your supply chain. Failure to Anticipate the Cost of Recovery People are often surprised at the various costs during recovery. Travel, hotels, office rental, remote network access and extra per diems are among the many often-unanticipated costs of recovery. IT costs top the list of expenses in many cases. Recovering documents and data can be expensive, with costs often running into the tens of thousands of dollars. Don t make spur of the moment decisions when it comes to data recovery before disaster strikes, pinpoint what documents you will be required to recover because costs can get out of hand quickly. 2013 ACA International. Reprinted with permission. Page 3

If a disaster wipes out your hardware, software and data, it will take some time to recover everything and restore your systems. Factor that downtime into your recovery costs, and consider storing certain documents securely off-site or digitally scanning them when possible. Determine the amount of money employees will need to be successful in their environment after a disaster. Scott recommended setting aside money in petty cash for your recovery efforts, and making it accessible to people in charge of your recovery. Conduct a full recovery exercise to determine the direction to take your plan and the potential recovery costs. Failure to Properly Analyze the Supply Chain Companies should anticipate the ripple effect a disaster will have on the organization throughout its supply chain. In many situations there will be a bottleneck to all vendors, including IT, payroll and power companies. Everyone will be trying to reach out to these providers. For instance, when Sandy struck, most companies were right in the middle of running payroll, so employees didn t get a paycheck at the end of the month when the storm hit. Talk to your vendors before disaster strikes and evaluate their resilience. Ask about their disaster recovery plans and integrate them into your recovery plan. What is your payroll vendor s process following an interruption during the pay cycle? What is the best way to reach your CPA firm after a business interruption? Will all your vendors have the appropriate staff on hand to field calls from their clients after a crisis? Ask each vendor about your service level agreement for both isolated events and regional events. Failure to Properly Assess the Impact to Your Customer Base No matter how prepared you are, there will likely be some lag time between the disaster and the recovery. Will your customers wait? How will you let them know you are still in business? Draw up a plan to communicate with your customers in every likely disaster scenario. Community disasters often bring limited and restricted access to certain areas. Determine what you will do if law enforcement restricts access to your location or enforces a curfew. How will that affect clients and consumers? Failure to Properly Manage Operation Restoration Once the lights come back on, many businesses experience a large wave of communications from customers and vendors that had built-up during the disaster. Companies that are still working with limited staff and services need to anticipate this wave and work around it. Discuss scenarios about how communication with customers and vendors would be affected by various disasters and discuss how you would reach them in the aftermath of the disaster. Would you use your website to communicate with customers? If so, determine how you would access your site to update your status if you couldn t get into your office. Some companies incorporate social media into their recovery plans, using Facebook and Twitter to broadcast their status. Following a disaster, you want to do everything you can to communicate with customers. It can be the difference between going out of business and growing your business. 2013 ACA International. Reprinted with permission. Page 4

Failure to Test Your Plan It s really difficult to anticipate all the consequences of a disaster until you walk through the disaster. Companies that develop a continuity plan but fail to test it run the risk of having the entire plan crumble in their hands during a crisis. Data restoration is one of the most importance pieces to test beforehand. Find out how you can restore your information and how long it will take. Can you recover data to new or different hardware? Do you have access to the necessary software? Many businesses know their data is being backed up, but they ve never tried to bring it back online in a different location, on different hardware, using a brand new server with software that may not be compatible with what they have. There are a lot of variables during a crisis situation. Update all phone trees and test whether you can text employees or reach out to them via social media. Make sure you can activate your network remotely. Again, you ll want to give several people access to your remote network so the responsibility does not fall on just one person. Test employees knowledge of the recovery plan. If you aren t available, you need to know you can rely on them to get the business back on its feet. If the office burns down today, what would they do? Employees should know who to report to after a disaster and how to reach that person. Companies can t afford the downtime while employees figure out how to go back to work. Power is the most common outage, so familiarize yourself with your company s power requirements ahead of time by talking to your electrician about your building s electrical demands and the type and size of backup generator you would need. Covering Your Bases Storms often hit at night or on weekends. If that happens leaders won t be able to walk down the hall to explain to employees how to prepare the office and get it operational again after the storm passes. By establishing a comprehensive disaster recovery plan and testing it thoroughly, company leaders can identify any holes and brainstorm solutions now when there is enough time and money to make careful, logical decisions to help ensure the future of your business. Considerations This article was original written by Anne Rosso for Collector magazine, the official publication of ACA International, The Association of Credit and Collection Professionals. The Article features Agility's own Mark Notron and Scott Teel and their outstanding webinar hosted with the Small Business Administration. You can access the original ACA article by clicking here: "Common disaster recovery mistakes can escalate an already troubling experience." 2013 ACA International. Reprinted with permission. Page 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information