Our team offers cybersecurity in Miami, and when a disaster occurs, we recommend a recovery plan. The right plan will allow you to rapidly restore your system and have backups of your most important data.
What components are included in a recovery plan? There are quite a few, and your needs will change by the type of plan in place. Here are some key features to consider adding to your plan:
A Complete Inventory of Your Assets
Your disaster plan (DR) should include a complete list of your assets. You need to know every item within your organization, and this includes:
- Workstations
- Peripherals
- Hardware
- Software
- Mobile devices
- BYOD devices and tools
- Etc.
If your business’s warehouse caught fire, what items would be lost? You need a complete list of assets to supply to the insurance company, and you can also use this list to replace assets to get back up and running.
Threats vary from one organization to another. You may have threats on multiple levels, such as critical assets like workstations or data centers being lost or down due to natural disasters. You may be able to live without your corporate laptop, but it is still an important asset that needs to be replaced.
Cafeteria soda machines, for example, would fall into the “other” category because they’re not vital to your operation’s success.
A List of Your Known Threats
What are the main threats to your business? For example, you may risk:
- Fires due to the production process
- Natural disasters due to your location
- Viruses or ransomware impacting operations
- Etc.
Know your business’s potential threats so that you can take precautionary measures with your disaster plan. Rapid recovery can mean the difference between business success and failure.
Establish Disaster Recovery Sites
You know your threats and assets, and now it’s time to consider recovery sites. Multiple solutions may or may not work for you:
- On-site storage
- Off-site storage
- Cloud storage
For example, an on-site backup will allow you to get systems back up and running ASAP, but if a natural disaster is what caused your main systems to fail, storing the backup in the same location is a major risk.
It's not uncommon to have on- and off-site recovery sites for redundancy.
A Clearly Defined RTO and RPO
Recovery time objectives (RTO) and recovery point objectives (RPO) must be defined. If you run an e-commerce site that sells $1,000 worth of goods every 10 minutes, imagine just how important your RTO would be.
A site being down for two hours would cost you $12,000.
You need to define realistic RTO goals to ensure your business is back up and running in an acceptable timeframe. RPO is another consideration and outlines the maximum age of your backup files.
Can you lose 8 hours of data?
If not, what level of data can you lose? Do you need redundancy that keeps backups running in real-time to keep data duplicated and easily switched to if your primary store device goes offline?
Not sure what to include in your disaster recovery plan? Contact our cybersecurity company in Miami to discuss your options with a member of our team.