Data backup and disaster recovery: Not just an IT issue
Summary
Understanding data breaches impact the entire company
Read time: 4 minutes
Most businesses today would grind to a halt without the key documents, data and records they rely on to conduct day-to-day business. The cloud and managed IT services have made technology a highly reliable proposition for smaller organizations. However, just because outages have become less likely doesn't mean they can't wreak havoc on a business that isn't adequately prepared. It's also important to remember technological infrastructure isn't the only point of failure to consider.
The dangers of technology failure
There are good reasons why data backup and disaster recovery are usually considered to fall under IT. Think about how difficult it is to do your own job when there's a problem with your smartphone, your computer, or your shared databases. Suddenly, you have to create or remember workarounds — while simultaneously trying to get your devices and data restored.
Now imagine how some or all of your company would—or wouldn't—continue to function if hit by a larger IT outage that made your data, and possibly also the applications that create and use this data unavailable. There goes your email. Possibly also your phone system. Documents, databases, sales orders, billing, customer support, scheduling.
How much productivity would you lose for every day and hour without essential data? How many existing customers and repeat business might be put at risk due to an extended outage? How many new sales and new customers would you fail to get during the downtime? What impact could this have on your company's reputation? This is where data backup, disaster recovery plans, data protection come into play.
How to make a disaster recover plan
One key part of establishing data backup and disaster recovery plans is identifying your data priorities:
Recovery Point Objective (RPO) — what parts of your data does your company need to regain access to as quickly as possible in order to continue/resume operating? While ideally you don't want to lose any data, the odds are that much of your data is older, even archived, and not immediately needed.
Recovery Time Objective (RTO) — how soon do you need to regain access to your RPO? Within a day? Two hours? Ten minutes? Even less?
In implementing data backup, disaster recovery and data protection, don't neglect the applications that use the data, and the computers these run on. Standard notebook computers can provide office/web software, but you may also want a solution provider that can host and run your business critical applications or provide virtualized solutions.
Protecting your physical information
Many businesses still rely on paper documents for critical business processes. The most advanced IT system in the world isn't going to be helpful if your business loses physical files that it needs to operate effectively.
Many of the paperwork-heavy functions within a business are also the ones that would be most disrupted by a loss of key documents. Consider, for example, if your accounting team were to lose all of its financial records or accounts payable/receivable documents.
The problem with paper-based records is that they are inherently difficult to back up, and impossible to recover if they haven't been. There are a lot of things that can go wrong when a business relies on critical records that are being kept in a filing cabinet or off-site storage. Fire, theft, misfiling, water damage; any number of events can render your paper records unsalvageable.
In order to take advantage of an effective disaster recovery plan, everything you need to keep your business running needs to be backed up. Fortunately it has become simple to convert physical documents to a digital format. You can even have the conversion done for you if you don't have the time or internal resources. Digitizing your records provides added benefits beyond security and business continuity as well. Moving to digital workflows can help you avoid productivity-sapping processes that are slowing your business down and frustrating your employees.
The non-technical side of business continuity
Responding to data loss and computer outages require more than just a technical plan.
Do you have lists of key phone numbers, addresses, email addresses and more, for employees, outside suppliers, and important customers?
Do you have policies and procedures for notifying customers and partners when an incident has the possibility of impacting them directly?
Do you have a clear data protection and disaster recovery plan in place for how to proceed in during an outage? Have your employees been trained on their roles?
Have you developed a crisis communications plan that can be executed in the event of a serious or prolonged problem? What about a social media plan and customer response protocols?
Recommended for you
Data Risk Assessment Checklist
Learn how to conduct a content risk assessment, identify critical data that is exposed and put a plan in place to avoid security breaches.
Contain ransomware outbreaks
In this webinar, 'Contain Ransomware Outbreaks,' our team of experts shares the future of cybersecurity defense strategies and why reactive security measures aren't enough.
Preventing Data Breaches: Is it possible?
What causes a data breach, and what strategies should you have in place to minimize becoming a victim? The security experts at Ricoh share their advice.