Disaster Recovery Testing: Four Steps to Stay Safe and Sane

By: Doug Bonderud - Leave a comment

When disaster strikes, IT teams must be ready with a responsive and agile disaster recovery (DR) plan. But simply having the protocol in place isn’t enough. What if the DR solutions aren’t up to the task, experience failures of their own or were designed by staff members who have since left the organization? Companies need better DR testing to ensure outages don’t result in consumer and corporate outrage. Consider these four steps to ensure your business can face disaster head on.

1. Know Your Risk

Now is not a good time to be British Airways. After tens of thousands of passengers had their travel plans disrupted due to a power outage that rendered flight, baggage and passenger databases useless, according to The Independent, the airline is struggling to address a public relations nightmare and discover exactly what went wrong. BBC News notes that a power outage should not have caused this level of chaos if the company’s DR plan had kicked into action. However, there was no sign of any DR-driven comeback, as frustrated customers slept in airports and railed on social media sites.

Designing an effective disaster recovery plan means knowing your risk — what happens if critical data can’t be accessed for an hour, a day or a week? For British Airlines, any time spent offline was too much time; their DR should have kicked in as soon as any power interruption was detected. By taking a hard look at your risk and recovery time objectives, IT teams can design recovery plans that address company-wide concerns.

2. Think Strategically

According to CIO Dive, it’s not enough just to have a DR plan in place — businesses must ensure recovery efforts align with business objectives. While every department has its own unique tech needs and use cases, the overall mission of the company remains uniform. As a result, companies must design DR solutions that think ahead to what they need after a disaster, rather than what they already have. In other words, while a focus on data recovery might be top-priority for specific departments, applications and services are what drive the company’s ability to conduct daily operations. Strategy, not departmental satisfaction, must drive the creation of DR plans.

3. Check the Boxes

You know the risks. You’ve designed a strategic recovery plan. Now, it’s time to test. But scattershot scoring won’t work here. For DR testing to work, you need a solid foundation with the right support. As noted by Tech Target, this means taking the time to:

  • Secure management approval and funding. IT teams must keep the C-suite in the know and make sure they have the available funding on hand.
  • Detail everything. Write it all down. This includes testing procedures, goals, metrics and intended outcomes. Make sure both IT department members and executives know what’s going to happen and when.
  • Recruit experts. This includes internal staff like database administrators and network engineers in addition to outsourced testing companies.
  • Schedule smart. Plan for your test well in advance. Pick a day, then send reminders. Do a dry run the day before. Ensure staff, executives and partners are informed about the planned outage and its impact.
  • Be ruthless. Didn’t get the results you wanted? Recovery times too slow or data compromised? Go back to the drawing board, and try again. Good enough doesn’t count in DR.

4. Test More

The last step for effective disaster recovery testing? Test more often. According to Cloud Tech, more than 58 percent of companies conduct DR testing once per year or less. Simply put, that’s not enough — software updates, network configuration alterations and staffing changes could have serious impacts on your test outcomes. While there’s no hard-and-fast number here for the ideal testing plan, more is always better.

Responsive DR is critical in a data-driven world. In-depth, regularly conducted testing creates the foundation for disaster recovery.

Topics: , ,

About The Author

Doug Bonderud

Freelance Writer

Doug Bonderud is an award-winning writer with expertise in technology and innovation. In addition to writing for Pivot Point, Security Intelligence, The Content Standard and Kaspersky, Doug also writes for companies such as McMurray/TMG and Straight North.