In a technology-driven world, IT disasters happen. In reality, IT disasters don’t ruin your business; poor preparation does. How do you know if you need a disaster recovery plan? Basically, unless you’re running your business out of a cave, you need one. To be more specific, you should have a disaster recovery plan if:
1. Your company has a growing dependence on computerized sales, operations, and employee tracking systems,
2. A technology disaster would significantly impact your firm’s financial standing,
3. Employees and/or vendors utilize your corporate technology infrastructure, and/or
4. Your company’s user and equipment growth is increasing the potential for system security failures.
Below, you’ll find three key steps to developing a comprehensive IT disaster recovery plan for your small business.
Awareness of Potential Disasters
The drivers of IT disasters can basically be broken down into two categories: internal forces and external forces. External forces affect the community at large, and internal forces are specific to your organization or industry.
Natural disasters are examples of external forces. Building systems failures are an example of internal forces. In larger metropolitan areas like Portland or Seattle, old buildings are notorious for upending work environments. Malfunctioning sprinklers, air conditioning, plumbing could create a potentially hazardous place to conduct your day-to-day operations. Also, consider information security disasters posed by hackers and phishing scam artists an internal force.
Awareness of Potential Consequences
Once you’ve identified all the potential disasters your small business may encounter, it’s imperative to prepare for the worst-case scenarios. Given the disasters mentioned above, it’s likely you can expect to experience any one or combination of the following complications: compromising of sensitive information, loss of service, data loss, loss of power, property damage or loss, water damage, and employee injury or death. This is, by no means, an exhaustive list, and organizations should devote time to discerning the consequences they may face as a result of their unique operations, location, and industry.
Develop Disaster Recovery Plan
Finally, now that you know what to plan for, here are some elements to consider when creating a small business disaster plan.
— Establish a budget. Before developing a plan, assess how much time and resources your company can afford to invest in this crucial endeavor.
— Get good insurance. Read your policy and completely understand what you’re covered for.
— Formally draft your plan. Store physical copies of your plan it in safe, accessible location.
— Include step-by-step instructions. Detail the steps to be taken after the occurrence of a disaster.
— Include important and pertinent information. Provide detailed contact information for employees, clients, and vendors; alternative methods and locations for conducting business; and any critical resources to be recovered.
— Allocate an emergency fund. This is a designated fund specifically used to implement and/or supplement your disaster recovery plan.
— Test, test, test! Once you’ve developed an initial plan, continue to refine it by regular testing and practice to ensure that your plan is functional and effective.
Each organization’s plan will be tailored to its unique needs and assessments. Consequently, I recommend working closely with a professional IT management service. This not only ensures your company takes appropriate precautions to prevent the occurrence of an IT disaster, but also greatly aids the recovery process if such a disaster should occur.
~Richard McNeal, 2009