Introduction
I’m sure you’ll agree that life would be boring if everything could be predicted.
The reality is just like in life, not all things can be predicted in business.
With that being said, it’s critical that you have a disaster recovery plan for your business and IT. That way, should the unexpected occur, you’ll have a plan in place to bring services back online.
In this article, we will outline some of the basic things a disaster recovery plan should have included for your business technology.
Service Provider list:
First, you should list of all your service providers. When it comes to technology, there are a few, not just your IT partner.
This can be simple as a spreadsheet that should be printed out – including the service, company name, contact number and contact person.
Here are the types of providers you should be listing:
- Your offsite storage & backup
- Internet provider
- Website domain and hosting provider
- Telephone provider
- Mobile/Cell provider
- Printer provider
- Domain Registrar
Having all of these listed in one place is excellent practice if you should ever fall victim to a cyber attack or systems outage. While most IT providers will keep a note of these providers on your file – not all will, so it’s worth checking.
Critical systems access:
Next, you should store your credentials and login details for critical systems somewhere offline. This should be kept somewhere secure like a safe – this list is used for the main credentials and passwords into your IT and technology systems.
A good example of this is if your current IT provider themselves fell victim to a cyber attack or fire – these details should be kept by both parties in case of disaster.
- Internet service username & password
- Domain admin username & password
- Cloud services username(s) & password(s)
- Network switch(s) /firewall login details
- Local of offsite backups and onsite backups.
The 3rd and final item you should have in the event of a disaster is a process of how IT systems should be recovered. You can take this step further by testing the process out. While it takes time (and usually money), it’s an excellent stress test to see what risks there may be in your IT system.
Example:
Here’s an example of a disaster recovery process:
1) Notify the senior management team of the disaster. (include who should do this).
2) Contact and initiate disaster recovery IT process. – This could be as simple as stating contact details of the engineer responsible for carrying out the disaster recovery process.
3) Prepare backups and potential disaster recovery services (this could be cloud-based applications and services as an example)
4) Start bootup of virtual cloud-based recovery instances. In this example, we’ve gone to town, and our backup system replicates the whole physical IT infrastructure inside a cloud service. Just a case of flicking a switch to turn it all on (we make this easier than it sounds)
These are just examples, as every business is different in their approach to disaster recovery.
If you would like a disaster recovery plan and process put in place for your business, please get in touch with us by visiting our contact page.
Get in touch with us
Secutor Cybersecurity is a trusted partner comprised of industry leading experts in the fields of Cybersecurity and Governance, Risk and Compliance. We partner with our clients to deliver on-demand solutions tailored to expertly navigate the regulatory demands of their specific industries.
Our proven track record of successfully exceeding client expectations is achieved through the combination of our methodical approach, advanced technologies, subject matter experts, and synergy with client team members.
Secutor is your team of world-class problem solvers with vast expertise and experience delivering complete solutions keeping your organization protected, audit-ready, and running smoothly.
