One of the first casualties during tough economic times is capital expenditures relating to support and infrastructure in a business. Companies will rightly seek to extend the life of and maximize the value of every asset.
The consequence is that sometimes assets are stretched beyond their normal usable life. When this happens with information technology assets, there is risk which extends to almost every part of the organization. Assessing that risk and responding with good DR planning can reap great benefits for those with the foresight to recognize the challenge.
The best approach is to view your business from multiple perspectives. First, list every asset or service which is employed in delivering IT to your company. For example, list every server, router, firewall, connectivity provider, storage device, PC, printer, mobile device, etc. Assume a total failure of each of these assets or services. In each case, ask these questions: What is your plan to recover? How long will it take from failure to recovery? What will recovery provide (for example, yesterday’s data, or data from 1 hour before the failure)? And finally, what risk is there that the recovery plan will fail?
Then, list every important system. For example accounting, email, CRM, production, website, etc. List every asset or service required to keep these systems operating normally. Make sure that every asset or service is covered in the list you made in the previous step. This perspective is important because it is easy to forget a component of a critical system.
This Blog is a good example. The text you are reading is stored in a different database server than text on our primary website. It would be easy to forget to back up the new server since its only job is holding blog text!
Reviewing your preparedness from multiple perspectives can help you identify every area in which your planning can be essential. The next step in preparedness is testing. I’ll offer ideas about testing next week.