Backup and Disaster Recovery Plans

Secure Packet
Backup and Disaster Recovery Plans

Backup and Disaster Recovery Plans

Being online and having access to your company’s servers, data, and being to communicate with your customers has never been more important than it is today.  Are you prepared if your company gets hit by a disaster?  Do you have a backup and disaster recovery plan in place that will cover your company’s and customers’ needs?  We will be covering why you will need a proper backup and disaster recovery plan while using a business that is classified as a small and medium business out of Orlando, FL as an example.  If you are looking for just a backup plan overview, we have a great article here.  In this article, we will discuss going to the next level and having a failover location in place to ensure that your company can be resilient against different risk factors.

Getting Up To Speed

First, Secure Packet has a few key blogs that could help bring you up to speed if you are just now starting your journey into implementing a backup and disaster recovery plan.  The first two are critical reads so you have a base understanding of terminology and the outline of backups.  The rest are a great read if you have been tasked with making DR plans and this is your first time making these decisions. 

3-2-1 Backup Rule – A must-readhttps://securepacket.co/what-is-the-3-2-1-backup-rule/

RTO vs RPO – What is the difference?https://securepacket.co/rto-and-rpo/

An Overview of Server Backups Best Practiceshttps://securepacket.co/best-practices-for-server-backups-in-orlando-fl/

Why do I need Offsite Backups?https://securepacket.co/why-do-i-need-offsite-backups-key-reasons-explained/

Is SaaS Backup Solutions right for you?https://securepacket.co/is-software-as-a-service-like-backup-solutions-the-right-service-for-you/

What is the difference between Mbps and MBps?https://securepacket.co/megabit-vs-megabyte/

What is a Disaster Recovery Plan?

With the baseline information out of the way, what is a disaster recovery (DR) plan?  For this article’s purpose, we will be focusing on just the IT portion of the disaster recovery plan.  Your DR plan should cover all operational aspects of your company and what you, your team, and your customers will have to do.  Each DR plan will be custom-made to your unique business services and needs.  No two DR plans are exactly the same, but you can share different key pieces between businesses.  Ensuring communication with your customers is usually one of the top needs for a company regardless of what your company provides.  Another one is ensuring your employees have access to the tools, systems, or services they need to complete their daily job functions.  There are also hard decisions that have to be made in your DR plan around budgets, assets, and who will be responsible during the tough and trying times that take place once a disaster has been declared.

Why do I need a Disaster Recovery plan?

If you have ever been in a scenario where a disaster has been declared, you will know that humans in general need direction in times of crisis.  Too many people making decisions all at once can cause unforeseen consequences that can have a ripple effect on others during that time.  With a DR plan, it is clearly stated who will be making the decisions, where people will be working, who will be in charge of what departments and needs, who will be doing specific tasks, and what resources will be called upon.  An example could be the CEO will be leading the managers of each department while the department managers will be providing specific instructions for each task that needs to be accomplished.  During this time, your Front Office manager could be in charge to be reaching out to specific vendors to come in and help resolve the issue causing the disaster while your Director of Customer Success is formulating proper responses to customers so everyone is aligned and proper communication is occurring.  It is a great practice to review your DR plan at least once a year because it also provides insights on who is responsible for these scenarios day-to-day and do you have any holes, gaps, or single points of failure.  One example is a new client of Secure Packet who has a medium size network, but only one network engineer with no plan B in place if he gets seriously ill or in a car accident.  This is a single point of failure that is avoidable and would be discovered during the DR planning phase.  You will always ask during the planning phase, “if employee X is unavailable, who will take their spot?”  If there is no one to respond, the amount of money that is lost can add up quickly.  It was found by Veeam in a 2022 study that the average cost of downtime is $1,410 a minute! With the average ransomware attack causing 16.2 days of downtime, the cost to your business can be astronomical. Depending on the size of the company and current resources, some businesses will never recover. Needless to say, this client has started the process of hiring a junior-level network engineer who can be the backup when the senior-level network engineer is unavailable.

SMB DR Stats

Where Do I Start With Planning An IT Disaster Recovery Plan?

Secure Packet has a great article about establishing which data you need to ensure is backed up, which needs to be replicated and available, and where.  Click here to read more. If you are still unsure what is required after reading the article, reach out to Secure Packet as we provide IT consulting that will help provide clarity.  After following the article, your mind should be thinking about what data you need to be able to recover fast and what data you can wait a few days or a week for.  Categorizing your data is critical when trying to keep your IT DR budget in check.   Now that your data has been categorized as critical, important, and needed, you will need to establish what restore point objective (RPO) you would like for the different data sets.  This RPO states how long can you go between backups.  Is daily backups a good enough fit?  Most business leaders will say yes until you ask, so you are ok with possibly losing 23.5 hours of work?  Then the business leader’s tune will change.  Costs are closely associated with lower RPOs like hourly or even every 5 minutes since there are server compute, storage, and network resources required.  This is where knowing your business’s needs come into play.  If you are creating content and each day would cost you tens of thousands of dollars if you lose the data then you have a business case for at least hourly.  If you are in an office setting that physically prints t-shirts, then maybe daily could be a better fit for your company as you can easily remake any designs you lost from the previous day. 

How Long Can Your Business Be Offline?

The next question when creating your disaster recovery plan is what is your restore time objective (RTO)?  RTO is the time it should take to recover your backups and have them available to your business again. This includes both your data and your servers being online and functioning.  You can have different categories of RTO.  If you have mission-critical data that needs to be restored in under an hour while you also have archival data that you would be fine without for a week then you have already created two separate RTO categories.  Most established small and medium businesses will find themselves in these types of categories.  A factor that some clients do not realize is that if you are trying to recover data over network connections, both local and over the internet, then you are at the mercy of the size of the connection and the hardware throughout the environment.  A great read on MBps vs Mbps is here, and having an understanding of these two can make the difference between meeting your RTO and missing it by a factor of 8x.  Most non-technical employees are not even aware that there is a difference between megabytes and megabits and that one megabyte is equal to 8 megabits.  If you are using the wrong measurement in a bandwidth calculator then this could be a factor of 8 type of mistake.  The server hardware also plays a part in this recovery.  If your bandwidth links are plenty fast, but your server’s hard drives can’t keep up with the flow of data, then you are only going to transfer data at your slowest piece of the environment. 

Selecting Offsite Locations and Hardware

Backing up your data to the cloud is a great choice, but shouldn’t be your only backup.  93% of small businesses are embracing the cloud and backup up their data to the cloud.   The report doesn’t state what percentage follows the 3-2-1 backup rule, but it is safe to assume the amount is smaller than the 93% since that will include Google Drive, Dropbox, iCloud type backups that are not built for business purposes.  If you push ransomware files to your Dropbox and replace your existing files, then you will be out of luck and lose all your data unless you are able to unencrypt them or pay the ransom. This is why it is absolutely important to have both onsite backups, and offsite backups, and if required for your business offsite replication.  Picking the offsite location was covered here, but can be drilled down to picking a location that doesn’t share the same risk factors your primary site has.  If you are in an east coast hurricane zone like Orlando, FL then you do not want to pick another site in New York that has been previously hit by hurricanes as well.  A more centralized US location would be preferred. 

As for offsite hardware, you have many options to choose from.  The most common is to use a service provider like Secure Packet to provide offsite storage in a location that works for your risk assessment.  Secure Packet can provide failover hardware as well that can fit your needs.  Another option is for your internal IT team to deploy your own backup server and if necessary failover environment in a secondary location.  If you have a second office location with the proper internet connections, Power UPS systems, generator, cooling, etc, or a data center in the area that meets all of your risk, compliance, and security requirements.  The hardware should be faster enough and with enough storage to backup all of your data regardless of the category while also being able to be used as a temporary server solution to ensure your business can be back online as fast as possible. 

Backup Disaster Recovery Plan – Implementation, Deployment, Configuration, Maintenance

Now that your DR plan is starting to take shape, you will have to make decisions if you have enough resources in your internal IT team to handle all matters involved with this DR plan.  If your IT team is already stretched thin or if you have confidence issues with your team, your backups and disaster recovery infrastructure is not the piece to pile on them.  82% of breaches involve human error, so if your team is already stretched thin, there is no reason to risk it.  If an email account is locked out, or a desktop has problems due to your internal IT team then it only affects a small portion of your business.  If you lose your data or even a portion of it then it will have ripple effects across your entire business.  Ensuring the active maintenance of your backup and DR infrastructure and services is a key portion of your DR plan.  Secure Packet has gained new clients that have come to us with these incidents happening to them due to failures of their internal team.  Once that data is lost, no one will be able to retrieve it for you so it is always better to err on the side of caution. 

Next Steps in DR planning

The next steps are to formalize your DR plan by putting it down onto paper or realistically a Word doc or some type of excel form you have created that fits your business’s needs.  It can be placed on your intranet once completed and should also be printed out since you never know when you might not be able to use the internet or intranet.  During the formalization process, you will have questions and you might establish that your team can’t handle this whole process on their own.  This is where you write down the questions, comments, and concerns you might have so when you start to approach service providers, like Secure Packet, you be ready to get the answers you need to complete your DR plan. 

Have questions? Secure Packet provides no-cost IT strategy calls. Click here to schedule today!

Looking for some help and guidance on what the next step is for your onsite backups, offsite backups, and disaster recovery plan? Secure Packet engineers are standing by to help. Schedule a free call today to ensure you are covered.  We provide Backup and DR solutions while also providing consulting-only offerings as well to ensure you have someone reviewing your vendors to ensure they will be able to meet your business’s needs.

Recommended Reading:

Contact us to schedule a complimentary IT consultation today!

Schedule a Free Strategy Call Today!

Locations

3505 Lake Lynda Drive
Orlando, FL 32817

7901 4th ST N.
St. Petersburg, FL 33702

Services

- IT Consulting

- Advanced IT Services

- Web Development

Contact

[email protected] [email protected]

Navigation

Privacy Policy Terms of Service Support

© 2024 Secure Packet, Inc.