As a business owner, you need to know what to expect for your company at all times. However, while chances are that you’re ready for most situations (lackluster sales, employee problems, etc.), you might not be anticipating a disaster.
Unfortunately, disaster can strike in a variety of ways; first, it could be a natural disaster that ruins your office or storefront (i.e., flooding or an earthquake). Second, it could be a human-caused disaster like getting hacked or losing power to the grid.
In either case, do you have a plan in place? Do you know what to do if and when disaster strikes to ensure that your business survives? If not, now is the perfect time to draft a plan so that you’re not left in the dust. In this article, we’ll outline the value of having a disaster recovery plan, as well as what to include.
By the Numbers: Disaster Recovery Statistics
While it’s easy to assume that your business will be resilient enough to withstand almost anything, the fact is that many companies will shut down permanently after a severe setback. Here are some numbers that should spur you to take action right now.
- Seventy-five percent of small businesses have no disaster recovery plan in place
- Power failure is the leading cause of downtime for a company at 45 percent
- User error, on the other hand, accounts for 20 percent of downtime
- Natural disasters account for 35 percent of business outages
- Ninety-three percent of companies without a disaster recovery plan are out of business within a year after a significant loss of data
- On the flip side, 96 percent of companies with a plan were able to get back on track, even after malware or ransomware attacks
- One in three businesses were hit by a malware attack within the last five years
- The cost of a disaster can be between $912 and over $17,000 per minute of downtime, with an average of $7,900
For the most part, it’s not a matter of whether or not disaster will strike your company. It’s really only a matter of when. You can’t afford to take chances, especially when the life of your business is on the line.
Thankfully, creating a disaster recovery plan is not very difficult once you know what to expect. Let’s break down how to build a plan for your enterprise.
How to Create a Disaster Recovery Plan for Your Business
With such high stakes, you can’t afford to neglect disaster recovery. While it may take a bit of investment to get a comprehensive plan together, it’s far less expensive than an outage, particularly when your whole business is on the line.
So, with that in mind, let’s go over the steps and details necessary to ensure that your company is prepared.
Step One: Determine Which Apps are the Most Valuable
Chances are that you use a variety of programs and tools to run your operation. However, as you already know, not all of them are created equal. Some apps may help your business run more efficiently, but if they disappeared tomorrow, it might not constitute a significant loss.
So, the first step in building a recovery plan is to figure out which programs are most crucial for your day-to-day needs. According to a recent survey, here is what many businesses labeled as their “must-haves” for software.
- E-Commerce Tools (i.e., Shopping Cart, Online Payments, etc.)
- Accounting Software
- Enterprise Resource Planning (ERP)
- Customer Relationship Management (CRM)
Your company may use similar programs or systems, or you may have different priorities altogether. Realistically, you should be able to figure out which software is most essential for your needs.
Step Two: Determine Your Most Valuable Hardware (Points of Access)
One of the great things about cloud technology is that many apps are easily accessible from multiple points. However, those connections can also be targeted in a disaster, either maliciously or as a side effect of something larger (i.e., an earthquake).
In this step, you need to analyze which hardware is necessary to run all of your apps. While you may use a desktop at work, can you operate some of these systems remotely, either through a laptop or smartphone?
One of the most pivotal pieces of your organization is likely your internet router and modem. While you can access documents and apps through the cloud, you need some way of getting to the cloud in the first place. If the internet is down, that can be just as disastrous as a flood or fire, assuming that you don’t have a workaround in place.
Overall, some of the critical hardware your business needs will likely include:
- Telephone (Hard Line)
Again, you can add or subtract from this list as necessary.
Step Three: Focus on Building Redundancies
Most modern businesses are almost entirely digital. However, while upgrading to technology can streamline your operations, there is something to be said for having hard copies of everything. If you keep files and folders, for example, you can always use them for reference, even during an outage.
That being said, having hard copies is only one component of a larger redundancy plan. For example, if you only have one phone line, what happens if it stops working (or it’s busy)? You need to have a way to forward calls to another phone (i.e., a cell phone) so that you don’t lose productivity in the process.
The redundancies you develop for your business will depend on your particular needs, but here are a few examples to help you get started.
- Archive valuable emails for later reference
- Keep passwords written down
- Have a backup email server for outages
- Enable email login on multiple devices
- Use Voice-Over Internet Protocol (VOIP) to enable multiple lines
- Forward office calls to a cell phone
- Save voicemails to the cloud
- Save information to a secure hard drive
- Keep pertinent details (i.e., contact info) easily accessible across devices or hard copies
- Create mobile hotspots using wireless devices (i.e., a jetpack or a smartphone)
There are two other elements to keep in mind when developing redundancies. First is a recovery point objective (RPO), and the second is recovery time objective (RTO). Here is a quick breakdown.
RPO – Recovery Point Objective
This term refers to the amount of data that could be lost between backup and restore points. For example, if you back up your company’s drives every six months, you could potentially lose six months’ worth of data during an outage.
The best method in developing your plan is to determine the ideal window between backups so that you don’t have to take too long in recovery. For example, if six months is too long, start backing up every three months instead.
RTO – Recovery Time Objective
Your RTO is the amount of time it takes to get your business back on track after a disaster or outage. Remember our stat from above? Every minute, you could be losing up to $7,900. Obviously, the sooner you can recover, the better.
The best way to test your RTO is to run simulations or drills every so often. Realistically, once or twice a year should be sufficient. Running an exercise can be as simple as pretending a specific piece of hardware or software is down, or you can simulate a total disaster, such as a power outage.
By running drills and keeping your staff apprised of your recovery plan, it’s much easier to get back on track. In most cases, downtime inflates substantially when employees or managers don’t know what to do next.
Step Four: Customize Your Disaster Recovery Plan
One of the most significant challenges you will face when developing this plan is that you have to anticipate a wide array of disaster scenarios. Let’s break down some of the most common so that you know what to expect.
Because extreme weather is out of your control, it can usually be the most destructive to your business. For example, what will you do if your office floods and ruins all of your electronics? Depending on where your business is located, you should customize your disaster preparations accordingly. If you’re in California, you need to prepare for earthquakes and wildfires. If you’re in the midwest, tornadoes may be an issue.
Also, keep in mind that one disaster can cause another. If an earthquake ruptures a water main, your office can still get flooded.
Unfortunately, malware attacks are only on the rise, particularly because hackers know that most small businesses are unprepared. Ransomware is becoming increasingly popular, which is where a hacker will lock you out of your system and charge you to get back in. In many cases, businesses pay the fee, which only empowers more hackers to attempt it.
Overall, you need to invest in better security measures. Also, don’t assume that your cloud provider will secure your documents. You need to be proactive about protecting your data, particularly when storing customer information.
Additionally, you need to create a plan for human error. Most of the time, hackers can gain access to your system because of a weak password, a stolen device, or a phishing scam. Training your employees on how to be secure can improve your recovery plan immensely.
So much of modern technology needs a constant energy source. However, power outages are relatively frequent. A transformer can blow, a power line can get knocked down, or the utility company could be doing maintenance. You need to know how to recover from an outage, as even a small one could be costly to your business.
Contact Us Today
Developing a disaster recovery plan can seem overwhelming at first. Instead of trying to master everything yourself, let us handle the detail work for you. Call us to set up a consultation, and we’ll craft a personalized plan to suit your particular needs. Don’t wait until disaster strikes; be ready for anything.