What is disaster recovery?
Disaster recovery describes the process an organization must follow in order to resume normal operations after experiencing a disruptive event or disaster. It primarily focuses on the IT systems supporting business critical functions in the hopes of ensuring that the vital technology needed for the organization to operate is back online as soon as possible.
Disasters can appear in a number of forms: cyber attacks, equipment failure, ransomware, power outage, natural disasters, and even human error. To prepare an adequate emergency response, IT disaster recovery teams must consider all possible threats to their business operations and put in place plans of actions for each of them.
This can be achieved by first splitting potential disasters into two buckets: forecasted and unforecasted.
Forecasted events are disruptions that can reasonably be expected. Some examples would be a bank employing anti-theft measures or infrastructure constructed on fault lines being built to withstand earthquakes. A predictable threat to an organization can be considered a forecasted disruption, and their impact can be greatly lessened through proactive planning.
Unforecasted events are their unexpected counterparts. Examples of these may include a meteor strike or a global pandemic. While these aren’t entirely foreign concepts, an organization could be forgiven for not having a detailed response plan in place for them. Although it is neither possible or practical to consider a robust plan of action for every unique event that could ever disrupt an organization, by planning responses to core issues like structural damage or data loss, you are already well on your way to being back online.
Business continuity is simply a business resuming regular service after a disruptive event. In the wake of a disaster, being able to swiftly achieve business continuity is the return on investment of a well considered disaster recovery plan.
Business continuity plans aim to reduce or avoid downtime and resume normal services in as short a time as possible.
If disaster strikes at the physical location of a business, it may need to relocate to a backup site. By planning for this in advance, the business can avoid spending time looking for a new workspace and resume services quickly. Backup sites come in three forms: cold, warm, and hot.
Cold sites are empty backup workspaces. Relocating to one would mean the organization would carry over none of its existing hardware or data. This disaster recovery solution would mean the slowest return to regular business operations but is also has a relatively lower cost than more comprehensive options.
Warm sites are workspaces with their own equipment and network infrastructure. They may have some limited backups available but they will not be completely up to date and would take some time to be fully restored.
Hot sites are exact replicas of an organization’s original site, making them the go-to option for a business that wants to achieve business continuity fast. Hot sites synchronize the data and IT infrastructure from the primary site in real time and will allow businesses to pick up where they left off with relative ease.
RTO and RPO
When planning for recovery in the event of a disaster, IT teams typically outline two key objectives to gauge crisis management.
Recovery time objective (RTO) is the maximum amount of time a business will allow for its files to be recovered and for normal operations to be resumed. Failing to recover within this allotted time may lead to irreversible consequences for both the business and its customers or clients.
Recovery point objective (RPO) indicates the age of file backups which must be recovered after a disaster. If an organization has a short RPO of a few hours or minutes then frequent backups must be run to reflect this.
Disaster recovery plans
After becoming familiar with the idea of recovery objectives, backup sites, and giving a thought to the various different forecasted and unforecasted disasters that may strike, an organization can start compiling a recovery plan. This is a document which teams can turn to for guidance in moments of crisis—especially in the case of an unforecasted event.
A disaster recovery template could contain:
- The responsibilities of each member of the team and their contact info
- Instructions to raise awareness, starting with the person who identified the incident and branching out until all relevant team members were informed
- Multiple forms of contact information for all relevant team members, stakeholders, or clients
- An outline of which key business processes need to be restored, in which order, and how
- A risk assessment outline highlighting potential disasters, their likelihood, the impact they would have on the business, and a description of the actions to take in each circumstance
If a business has been wary of threats, swift action can usually greatly limit the overall damage done. With this in mind it’s important to consider the tools and cloud services that can help you stay on track when disaster strikes.
How can Dropbox help
Dropbox securely stores information using an array of data centers across the globe, providing off-site data backups for your business. Utilizing the power of cloud storage to backup data, you can prevent data loss in the event of hardware failure or any disaster targeting your physical location.
Dropbox allows users to automatically sync their files and documents, essentially turning any device with an internet connection into a recovery site at a much lower cost. Cloud security measures provide peace of mind against cyber attacks and with extended version history available for Dropbox Enterprise accounts, users are able to recover old files for up to 10 years.
The saying “failing to plan, is planning to fail” rings particularly true in the context of disaster recovery. While it may be impossible to predict exactly what life has in store, Dropbox can help reduce the shock of any bumps in the road.