Why time matters for a disaster recovery plan
Learn why having a well-tested disaster recovery plan is the best investment for the future.
The impact of unplanned downtime on business
Disaster recovery, a topic many of us have heard of, yet few think about. Management, executives and business owners would agree this is an investment in time and resources which may never actually be used.
So why plan for the improbable? With businesses relying more heavily on IT than ever before, the impact of downtime is crucial to understanding the time implications of a Disaster Recovery plan.
Natural disasters, cyber-attacks, human error or disrupted site access, may impact your ability to conduct business. There is little doubt that disaster recovery, or business continuity, is a requirement for almost all businesses. Our reliance on IT systems has made a solid, repeatable and tested disaster recovery plan even more critical. A recent survey performed by Gartner found approximately 80% of respondents had an incident in the past two years that required the use of an IT disaster recovery plan.
No one doubts the importance of a disaster recovery plan. In fact, many enterprises, and government organisations will not transact with partners that do not have a business continuity service. The goal of a disaster recovery plan is to minimise the costs resulting from losses of, or damage to, the resources or capabilities of your IT facilities.
Business continuity is not a single product, but more a cyclical process.
And for this process to be effective, your business continuity plan needs to be reviewed, evaluated and updated annually for the best result. Additionally, it needs to be reviewed if there are new changes introduced, significant personnel adjustments, IT upgrades or if the business priorities alter.
One critical element of a business continuity plan is time. There are many questions about the time when it comes to your business continuity plan. How long will it take for your business to be functioning? How long can you afford to be down? How long until your customers lose trust in your ability to deliver? The list is endless and we are just trying to limit the impact of unplanned downtime.
Business impact analysis
Disasters do happen. The idea that ‘it won’t happen to me’ is arcane and businesses need to prepare for disruptions to their operations by establishing processes and plans to limit the effect. The impact of downtime is crucial to understanding the time implications. Across an organisation, these might be lost sales, increased expenses (such as outsourcing, contracting costs or overtime), regulatory fines, reduced customer satisfaction or brand damage.
The goal of the Business Impact Analysis is to determine:
- The most crucial business functions and systems
- The staff and technology resources needed for operations to run optimally
- The time frame within which the functions need to be recovered for the organisation to restore operations to normal
Once these are known, the next stage is to design a business continuity plan that meets these objectives. We’ve developed a free business continuity plan template to help you take this next step.
Recovery time objectives and recovery point objectives
There are two important acronyms that business continuity providers will talk about – recovery time objectives (RTO) and recovery point objectives (RPO).
During a disaster, it is likely that most organisations will lose some data. The success of any disaster recovery plan depends a great deal on being able to determine the risks associated with data loss. The Recovery Point Objective aims to address this by asking how much data you can afford to lose, or what your organisation’s tolerance to lost data is.
Usually, the data will need to be re-entered, and it can be compared with writing a long report on an old computer that is likely to crash. How often should you backup your data? Or better yet – what is the maximum time between backups you would be comfortable with? Your answer here might be every two days which would translate to an RPO of 48 hours.
The major difference between RPO and RTO is their purpose. The RTO is usually performed at scale and looks at your whole business and the systems involved. RPO focuses just on data and your company’s overall resilience to the loss of it.
While they may be different, you should consider both metrics when looking to develop an effective business continuity plan. Premium service may have an RPO of four hours but an RTO of two hours. This means IT recovery specialists have a two-hour window to restore data that are no more than four hours old.
Businesses hit by disaster are stunned into reality as seconds turn to minutes and minutes to hours as they find themselves unprepared to deal with a calamitous event in the workplace.
But in the end, it comes down to time. And time is money. Companies without a plan have slower recovery times that are more costly resulting in lost customers, revenue, shareholder confidence, and a diminished brand.
The critical role of a disaster recovery plan
Having a Disaster Recovery Plan in place will assist your business to:
- Minimise risk
- Quickly resume mission-critical functions
- Minimise business and financial impact
- Restore service
Analysing the impact and planning accordingly will improve the resilience of your organisation, instil trust in your business and overall take better care of your customers. Now is the time to plan for disaster. Having a viable Disaster Recovery plan is an absolute must in the world of business today. Do you know how much downtime would cost your business?
For over 20 years, Interactive has been helping Australian organisations with their business continuity requirements. Don’t wait for a disaster to happen to you, make sure you have a full Disaster Recovery Plan in place with a trusted provider. Speak to our experts to discuss your plans for when the unexpected occurs.
