A disaster recover plan checklist helps companies stay in business following a disaster. Contact NIC to start your disaster recovery planning process.
Disaster recovery is the discipline of putting measures in place that help an organization recover from a catastrophe as quickly as possible. Common examples of disasters for which a disaster recovery plan checklist is developed include natural disasters, terrorist attacks, and catastrophic events in the workplace, such as electrical fires and floods from burst pipes.
In the business world, the disaster recovery planning process largely focuses on getting IT networks up and running again, especially to regain access to proprietary data. Insurance protects an organization’s physical assets, but there’s no way to use an insurance payout to purchase lost business data. Once it’s gone, it’s lost forever. For most organizations, maintaining access to proprietary data is essential for business continuity.
Does Size Matter?
Developing a disaster recovery plan checklist is partly determined by the size of a business. Companies with a single location are at greatest risk for bankruptcy due to data loss and, therefore, need to account for a short timeframe for recovery.
Small businesses with a single location commonly lack offsite data storage, while big outfits with several locations commonly have a service cloud that provides central access to data. However, if the IT network that supports the service cloud is destroyed, the business is essentially in the same position as a small business whose network is destroyed, without a way to recover data.
Pulled from a 2016 article republished on LinkedIn, the following statistics for data loss and business continuity in the wake disasters are highly applicable to both single location businesses storing data onsite and multi-location businesses storing data in a single cloud.
- 93% of companies that lost their data center for 10 days or more during a disaster, filed for bankruptcy within one year of the disaster (National Archives & Records Administration in Washington).
- Of companies that suffer catastrophic data loss: 43% never reopen and 51% close within two years (University of Texas).
- 30% of all businesses that have a major fire go out of business within a year and 70% fail within five years (Boston Computing Network, Data Loss Statistics).
- Companies with 100 – 2,000 employees are likely to experience costs over $20,000 in the event of a disaster (The 2015 Disaster Recovery & Business Continuity Survey)
- The number one IT priority for mid-market organizations over the next 12 months is to improve data backup and recovery. (ESG Lab Review: Data Protection, Recovery and Business Continuity with SIRIS 2 from Datto).
The first statistic is especially important; it reveals how long organizations have to regain access to crucial data in order to maintain business continuity. After 10 days of no data access, most businesses are down likely to close their doors within two years.
This is why most disaster recovery plans and checklists have an implementation time of between two days and seven days. The sooner the IT network is up and running following a disaster, the better chance a business has of putting the catastrophe in the past and being as successful as before.
Cost of Recovery
Not implementing a disaster recovery plan can cost a business its very existence, but carrying out the planning process can be costly, too. When you use a third-party provider, it’s common to pay four figures a month for your plan to be maintained and ready for action. But the actual cost of recovery depends on how indisposed a business is following a disaster and what must be done to restore normalcy.
To ensure all your bases are covered, it’s ideal to use a disaster recovery planning process that includes four basic provisions: offsite data storage, temporary business location, emergency hardware and software deployment, and emergency staff deployment. Regardless of the arrangements your plan entails, you can minimize cost by taking the following six measures.
1. Use Third-Party Disaster Recovery Services
Disaster recovery is similar to other IT services in that outsourcing is often the most economical model of implementation. Paying for in-house resources to develop and execute your disaster recovery plan checklist involves three potential costs that outsourcing eliminates: hiring additional full-timers, buying hardware and software to create multiple service clouds for data redundancy, and purchasing essential IT network resources to store at a remote location.
As reported in TechTarget, “According to an IDC (International Data Corporation) study, enterprises that didn’t outsource lost [an average of] $4 million per disaster incident across a variety of business functions (e.g., sales and marketing, financing, e-commerce). In contrast, enterprises that outsourced to a third-party lost an average of $1.1 million per incident. The study adds that companies that leverage in-house models spend 32% more than those opting to outsource.”
Saving money through outsourcing is great, but only if you get a great return on investment (ROI). If you outsource your recovery plan, it’s best to limit your options to providers that have specialized in disaster recovery for at least three years. In addition to handling the disaster recovery planning process, longtime providers have experience actually executing recovery plans, giving them real-world insight into the true cost of recovery, from planning to execution.
2. Create a Disaster Recovery Plan or Checklist
The four basic provisions of your plan — offsite data storage, temporary business location, emergency hardware deployment, and emergency staff deployment — can entail several sub-provisions, such as number of desktops required, cyber security measures, and number of uninterruptible power supplies (UPSs) needed during a power outage, to name a few.
You can always be sure you’re completely protected by implementing the highest level of disaster recovery capability, but the simplicity of this option literally comes at a price: You’re likely to pay quite a bit for disaster recovery services you simply don’t need.
If you were implementing a hosted issue tracking system to streamline the management of client needs, you would naturally develop a checklist of features you need instead of paying for access to all features. The same applies to disaster recovery. Making a checklist or plan ensures that you pay for services you require and not ones you don’t.
If you’re not a disaster recovery specialist, developing a checklist with the assistance of a consultant that specializes in IT or disaster recovery is your best option. In addition to ensuring you implement only necessary provisions, working with a third-party expert helps you arrive at an accurate cost estimate, which helps your company’s decision makers approve the plan based on an accurate cost analysis of needs.
3. Get Your Services From a Single Provider
After developing a disaster recovery plan and checklist, it’s time to choose a provider to deploy services in the list. While weighing your options, look for two things in a provider: specialization in the services on your disaster recovery plan and services offered at a competitive rate. To get the best of both worlds, receiving all services from a single provider is usually the best choice.
As with other types of IT services, disaster recovery services are frequently offered in packages that cost less than purchasing the services individually. In addition to helping you implement your checklist affordably, coordinating your disaster recovery process through a single provider offers another benefit just as important as cost savings: great assurance that the plan will be deployed without a hitch.
In addition, using a single source for your disaster recovery planning process simplifies account management, which helps reduce administrative costs. A lower level of resources can be put toward evaluating and maintaining third-party business relationships.
4. Use Resources for Continuity, not Growth
Although emergency hardware deployment is in your disaster recovery plan or checklist, the wake of a disaster that destroys the IT system isn’t an optimal time for major IT upgrades. Implementing meaningful upgrades is a process within itself, one that requires considering the layout of the work environment and measuring current IT capabilities — two things that major disasters easily throw into a state of flux for days or weeks.
Whether you plan to upgrade your network in a limited capacity or do a complete overhaul, performing the upgrade in the immediate aftermath of a catastrophe that killed the IT system can put too much on your plate.
You’ll be forced to adapt quickly to provisions when you plan your disaster recovery checklist. Trying to adapt to new IT capabilities at the same time could hinder the recovery process, as you work through streamlining new IT resources.
5. Establish a Timeframe for Full Recovery
Establishing a timeframe for full recovery is an often overlooked but crucial aspect of managing disaster recovery costs. Realistically, you need to plan for business continuity in both the short-term and long-term — a strategy for both becoming stabilized immediately following the disaster and getting back to where you were before the event. This is another situation in which an experienced disaster recovery specialist can be a key asset.
A provider helps you develop and deploy a disaster recovery plan and checklist, but they can also implement average timeframes for recovery based on different types of disasters and different recovery approaches. Offsite data storage is needed at all times, but knowing how long you would need to use the other three recovery provisions — business location, hardware and software, and personnel — is helpful for developing an IT budget that supports a full recovery.
6. Compare Predicted Cost to Actual Cost
Statistics reveal that the majority of organizations will never experience an event that destroys the IT system and triggers the disaster recovery process into motion. However, when an organization does experience such a disaster, the catastrophe can have a silver lining of sorts: It offers the opportunity to perform a refined cost analysis of the recovery process by comparing predicted versus actual costs.
For example, you might find you may have over-invested in some resources, giving you the opportunity to trim fat from the recovery plan going forward. This is especially the case for organizations that might experience the same type of disaster more than once, such as businesses located in tropical storm zones, areas with frequent seismic activity, and places where wildfires occur annually.
By letting you perform a real world cost analysis of your disaster recovery planning checklist to identify cost cutting opportunities, comparing predicted cost to actual cost can tell you whether your service provider offers the best deal. Did the plan end up costing more than comparable plans from other providers? If so, the information is invaluable for selecting a provider that offers what you need for a price your IT budget can afford, without approaching the red.
Ready to Start Planning?
If your organization doesn’t have a checklist for your disaster recovery plan, or if you haven’t started on a disaster recovery planning process, NIC would like to help you prepare for anything that can destroy or compromise your IT system, so your business can stay active in the immediate aftermath of the catastrophe — if and when it occurs — helping you transition back to business as usual.
Some disaster recovery plans have a one-size-fits-all approach that addresses general needs to the exclusion of client-specific needs. At NIC, we take the opposite approach, customizing disaster recovery plans for the requirements of each client to ensure all contingencies are accounted for, including the IT budget. Developing a plan that addresses your specific wants and needs is the only way to get an accurate idea of how much your plan will truly cost.
To get started on the disaster recovery planning process, give us a call today at (877) 721-3330, or send us an email through our contact form. We look forward to helping you plan smartly and affordably for business continuity in the wake of a disaster that compromises the IT network.