When things go *Boom* in the night…
Heck, how about when things go *boom* during the day? It is every techs worst nightmare:
“Uh, the server won’t boot up.”
“What does this smoke rolling out of the back of the server mean?”
“We lost all power to our building last night, and when the power company turned it on this morning; we heard a ‘pop’ sound.”
As you might have already guessed, this quarter we’re going to talk about the disaster recovery – specifically the financial implications that should drive your disaster recovery plan. Notice how I didn’t say anything about fires/floods/lightening/hurricanes/tornados/earthquakes/etc? Yes, depending on where you live, every one of those is a very real threat. I didn’t talk about them, because statistically speaking, you are more likely to be robbed and have everything stolen than for one of those to happen. And because servers are electronics, any one of the average, ordinary problems is far more likely to happen than theft.
First of all, I thought I would tackle some definitions:
Backup – the process of generating multiple copies of data to prevent data loss. At a minimum your backup should follow the 3-2-1 Rule of Backup.
Disaster Recovery Plan – The complete process for securing and protecting your data. Disaster Recovery (DR) includes backups, the testing of those backups, the security of those backups in a secure offsite storage location, and the plan for using those backups to recover from a disaster. You need a sense of serenity.
Business Continuity Plan – The complete process for resumption of business. Business Continuity is significantly more far reaching in scope, and includes your Disaster Recovery plan, plus considerations for things like insurance policies, where your business will work from if something happens to your building, how you get a hold of your employees, customers, and vendors, how you get your phones working again. It is the “a [insert disaster here] happened and we lost everything – what does it take to get us back up and running” plan.
Now we have some basic definitions to work from, and in November I talked about the 3-2-1 Rule of Backups so I’m not going to go into backups a lot.
Here is the reality of the situation – disaster recovery plans would be better off to be named “data recovery insurance plans” and it would be easier to understand their importance. We all understand that with insurance, the better coverage/protection you require, the more expensive the policy. DR is very much a risk vs. cost analysis that must be done. Before you can really start building your Disaster Recovery Plan, you need to know the answer to 3 questions:
1. If your server(s) were to go down, and you had no access to your data, what is the hourly cost to your business? This seems like it should be easy to find, but it’s normally not. There are several items that normally go into calculating this number.
a. What is your employee cost per hour if they aren’t/can’t work? If you have 10 people who make $35k per year, by the time you figure benefits things like Social Security / Medicare / etc., the cost per hour would be somewhere around $210 per hour. Since we just finished out the year, you can take your 2010 payroll, add benefits and payroll taxes, and divide by 2080 business hours in a year to get a pretty close number.
b. For every hour you are down, how many hours does it take you to catch up? A lot of our customers can function on a limited basis by hand-writing everything, but when their system comes up there is a ton of work to get done to get caught up. Is it a 1 to 1 ratio? Is it 30 minutes per hour down? Or is it 2 hours per hour down? Are you going to have to pay overtime to get caught up?
c. What sales/revenue did you not capture while your systems were down? Hopefully it is as easy as saying “I’m sorry, our system is down- can I call you back when it comes up?” and everything is fine. But what if your time is also revenue? Attorneys can’t work on files, which means no billing. Accountants can’t access client files, which means no billing. A lot of physicians can’t check patients in/out or access their electronic charts, which means no billing. Financial institutions are time sensitive down to seconds! I’ve seen this number range from $10 to $10,000 per hour.
d. Are there other costs to your organization? This is for you to decide – try to put a realistic number on it and add it to your hourly cost total.
2. What is your Recovery Point Objective (RPO)?
a. Recovery Point Objective is an industry term referring to how often we are running backups. Simply put, if I walked into your office and said “We got everything back up and running, but I lost all of the data for the last hour.” -What does that mean for your organization? What if it was everything for the last day? The last 2 days? The last week?
b. How long would it take someone to recreate lost data? Can it even be recreated? If it is gone forever, what happens?
3. What is your Recovery Time Objective?
a. Recovery Time Objective is another industry term, this one referring to how long before the system is up and running again and regular business is resumed.
b. What if I told you we only lost 15 minutes worth of data, but it took 8 hours to get your people back to work?
c. Is that better or worse than losing 1 day worth of data but having everyone back to work in one hour?
Earlier I said that your disaster recovery plan should be driven by your risk vs. cost analysis. Now that we understand your risk tolerance, we can balance it out with an appropriately priced solution to mitigate that risk. High risk tolerance usually means lower priced DR solutions, and of course the opposite it true – low risk tolerance usually means higher priced solution. Understanding the financial implications of your disaster recovery plan is always the first step towards success!
If you own your own business, then “business continuity” and “disaster recovery” are two major things that you should be worried about, especially since your business – like most of the others on the planet – is likely very reliant on technology like computers, networks, and servers. Today’s business world has become reliant on technology to get things going and keep them going, so business owners are becoming more and more aware of the need to keep that technology in good working order. If your technology fails, then your business might also fail, and you definitely don’t want that to happen.
Business continuity refers to a business’s ability to remain up and running, uninterrupted or nearly so, after a disaster. Disaster recovery basically refers to the plan you make that outlines what steps and measures you need to take to ensure your business continuity. A good disaster recovery plan will be able to handle both natural disasters and those caused by people (man made disasters). Earthquake, fire, hurricanes, and flood are examples of natural disasters, and computer viruses, hackers, accidents, user errors, burglary and other similar events are examples of man made disasters.
Without proper backups and security measures in place, if any of those above mentioned disasters happen to you or your business, then you may lose all your data and important systems, not to mention potentially losing the business itself! Fortunately, there are things you can do to create a good disaster recovery plan that will ensure your business stays up and running no matter what. The most important part of it is to have backups of your data created. Make copies of all your data manually or by using software designed to do the job, and then save it to an external hard drive or burn it to a stack of clearly labeled and organized DVDs or CDs. Then go another step further and invest in some offsite backup services – that way, even if your office burns down, your data is still safe and sound somewhere else.
You can also invest in some high quality surge protectors that will help minimize the damage a power surge can do to delicate computer equipment, and make sure that you have fire extinguishers and fire alarms handy in case a fire breaks out. Also make sure that your computer equipment has good, functioning cooling mechanisms like fans, as overheating is a major cause of computer crashes and resultant data loss, and get a good anti virus program that you maintain regularly to keep it up to date and constantly protecting your computers and servers.
If you lose your data for good, then your business could be in jeopardy. Since many of us now use computers for most aspects of running a business, it is incredibly important to have precautions put in place to keep that data safe. Put together the disaster recovery plan that makes sense for you and your business’s needs, and then you can rest a lot easier knowing that even if something where to happen, your business would be able to carry on.
If a major disaster would ever happen, how secure are you in the fact that your business would be able to keep running and providing people with what they need? There are things that you can do to assure that if an event like September 11th would happen again, you would have things in enough order that you’d never have to close your business doors. Let’s say for example that you have a restaurant. Your restaurant just so happens to be close to where the horrific event took place, would you be OK to remain open?
If you said yes, than good for you. From a business perspective Continuity Disaster Recovery is one of the best things that you can do for your business. No I do not mean keep your business open and charge more money because you know people would pay it. This is not only illegal but it is also a way to ensure when things settle back down that you will be out a lot of customers. People need to feel normal again, after a disaster. If you keep your business open, never changing the prices, the hours, or the service, than you will give people back their feeling of safety.
Long after the disaster is over, people are going to remember your business as the little bit of normalcy in the nightmarish events. Your customer base, will grow constantly because people in the community will realize just how dedicated that you are to making them happy, and they will continue to come to you.
If you need money now, like I mean in the next hour, try what I did. I am making more money now than in my old business and you can too, read the amazing, true story, in the link below. When I joined I was skeptical for just ten seconds before I realized what this was. I was smiling from ear to ear and you will too.
Imagine doubling your money every week with no or little risk! To discover a verified list of Million Dollar Corporations offering you their products at 75% commission to you. Click the link below to learn HOW you will begin compounding your capital towards your first Million Dollars at the easy corporate money program.
Crisis can occur in any situation, but facing it bravely and finding a great solution for it is a best strategy for living life. Same is the case with business – to find an immediate solution of disaster i.e. virus etc and to do your business successfully. If you want to save your business from any loss then the business continuity disaster recovery will help you. It is basically all about the advance planning for data, networking, and IT systems etc. information technology is very important for business communication and it is obvious that any time manmade disaster can be faced whether intentionally or unintentionally and they might cause huge loss for any business. So it is good for every business to have business continuity plans for disaster recoveries.
The first thing to keep in mind is that whenever the disaster occurs, the person who is responsible to solve the problem should be capable enough to ensure sustainable operations — Giving trainings to the employees so that they can easily control any business disruption.
Basically for every business or organizations, business continuity plan becomes a requirement. So enough plans are required for every organization to avoid facing any loss. The best thing is to plan some control measures that will help to reduce computer security warnings.
For data protections make some specific strategies because it is considered being the common disaster. To protect data make Backups to tape and save it, saving data to an off-site location as well, or try to purchase high availability computer systems which can keep the data save etc plus for the need to recover systems the organizations/ business should implement preventing measures base on facts of preventing a disaster in the place on the right time.
Keep in your mind that this planning of continuity disaster recovery is a proper process. It is very important and cannot be stopped at once discussing it. It needs consideration and testing regularly to ensure that it is still effective. Because the main aim of the plan is to make such procedure which prepare a business to handle the emergency successfully and to analyze the business emergency risk immediately.