We Tested Our Disaster Recovery Plan And This Is What Happened
Disasters Surprise Us All – Even itro
Disasters don’t announce themselves, and don’t discriminate as to who/what gets affected. What’s particularly awful about disasters is that they happen suddenly.
And it’s the suddenness of a disaster that causes the most damage to businesses and Firms affected by an event. That’s why the most practical way to deal with a disaster is to have a Business Continuity Plan in place before a disaster strikes.
However, this article isn’t about you having a Business Continuity, or Disaster Recovery Plan! I’m turning the tables in this article. I’d like you to think about your external business partners – especially your IT Provider. Do they have a Disaster Recovery (DR) Plan?
If your Provider is affected by a disaster, you face the risk of being cut off from your IT services. With a good Plan, any ‘disconnect’ would be minimal. However, if your Provider doesn’t have a plan, or hasn’t tested their disaster recovery processes, your disconnect from vital services could extend into days, even weeks.
Which is why it’s so important that you and your external providers have established and tested Disaster Recovery procedures.
Could itro Recover From a Disaster?
- We have our own Disaster Recovery Plan; and
- we regularly test our procedures.
This year we took testing of our procedures and systems to the next level, moving away from ‘soft’ testing to pit ourselves against one of the biggest restrictions of a real disaster – inability to access our office. We went offsite, leaving behind our phone system, physical servers, and familiar security of our office setup.
Who Needs an Office? itro can Function Without One if Needs be!
New Insights From Real World Testing
Did we learn anything new? Would we admit to finding out if our processes had flaws or gaps?
Yes, and yes. A major component of our job, as an IT Provider, is to deliver and keep systems, solutions and devices running for our clients. The focus on cloud-based applications and services, combined with the changed landscape in cyber security, requires IT Providers to be more diligent than ever in assessing their systems and solutions to address rapid changes happening across technology and virtual solutions. Our DR day testing is the best way to interrogate what we have and use, to discover what works well and what needs adjustment.
So, what did we learn? Overall (and not surprisingly) our procedures and environments performed very well. All our critical backups were recovered well within our SLAs. It gave confirmation that any potential flow-on affect to our clients’ operations from itro being hit by disaster would be addressed within 24-hours.
We’ve identified a couple of issues we want our external providers to tweak to deliver better outcomes to itro. We have elaborated on our internal device policies to ensure our engineers always have the means to access our systems and environments from any location, 24/7. It also gave us a clearer picture of how to manage routing of our phones should we lose access to our physical office space.
Not surprisingly, our multi-layered security protocols took extra time to manage remotely. Post DR day, our engineers are investigating how we can streamline remote access to our gateways, team and client environments without compromising security.
Our remote Disaster Recovery Day was a complete success. Our documented Disaster Procedures have been fully tested offsite and our team know exactly how they will work together to bring back our systems online, from any location, thereby keeping our client environments protected and operational through disaster.