Preparing for the worst: Cloud Disaster Recovery 

Over the years, disaster recovery (DR) has certainly changed. What once involved multiple tapes is now essentially a cloud recovery model, making the technology and the approach required entirely different than what it used to be. The process can be overwhelming, but it doesn’t need to be.

Start at the beginning

While the technology elements involved in the creation of a modern-day disaster recovery plan are obviously important, the business considerations are a vital place to start when it comes to planning. While this is true of any IT project, it’s important to reiterate: A company’s IT strategy must align with the business’s objectives. All parties need to be on the same page and have open communication. If they’re not proactively sharing the information with you, seek out time with executives and managers to make sure the business’s priorities and mission are clearly shared with you. Armed with that information, you can find complementary solutions to help meet those goals, but also ensure you are keeping that in mind when developing a DR strategy.

Building your plan

Unfortunately, a one-size-fits-all DR plan simply doesn’t exist. Each plan must be tailored to the individual organization, given all their unique requirements and priorities. And while technology has changed over time and the cloud has provided a new layer of considerations, the approach to developing a DR plan generally remains the same. Here are a few important things to take into account when building out a DR plan:

• What’s your organization’s goal? As cited above, this is important to identify so you can ensure you’re maintaining this mission through your DR plans.
  
• What is your organization’s definition of a disaster? Is missing payroll a disaster? What about your website going down? For some, these qualify as a disaster, while for others they don’t.
  
• What do stakeholders think? Ensure you’re polling all the relevant people in your organization, from executives to security teams, to get all of their feedback so it can be considered and applied as required.
  
• Prioritize your resources…as well as the risks: Assign tiers to your organization’s resources based on their priority to the business so they can be addressed accordingly. While you’re doing so, consider the risks for each one so you are covering as much ground as you can.
  
• Schedule DR tests (many, many times): Test, test, and test some more! This is key, and should not be skipped. Make sure you also create and follow a regular schedule of tests throughout the year.
  
• Review your plan: Involve executive management and get their sign off. Ensure you continue to share updates with them, and are being transparent with processes.

There continue to be many bad actors out there. Here in Canada, we’ve seen organizations hit with severe ransomware issues. Of course, we now find ourselves dealing with a global pandemic — which none of us could have foreseen. These times and unique challenges mean we need to stay focused on what could happen and plan as best we can to keep the business running smoothly and efficiently. While developing your plan is important, testing it, revisiting it, and updating it are critical to its success in the event of a disaster.

Darren Yablonski is Senior Director, Systems and Sales Engineering, Canada & LATAM at Commvault.