Before we get into the common mistakes that IT professionals make in disaster recovery (DR), let’s talk about the importance of DR itself.
Companies face three different types of disasters:
- Natural Disasters – Hurricanes, flooding, earthquakes, tornadoes, and blizzards that affect a large portion of a geographic area.
- Local Disasters – A fire, pipe bursting, long-term power outage, and water leak that effects just your office.
- Technical Disaster – Because events like a server crash, cyber-attack, and theft affect your company like a disaster, we include them in our DR plans.
The key to your company surviving any of these disasters is for your data to survive. A company can purchase a new office, new desks, new IT equipment, and even hire new employees if need be. However, a company cannot replace their data if it is lost. Our motto is “My company can survive if my data survives.”
Because your data is essential to your company, you must protect it at all costs. Don’t let these preventable mistakes impair your company’s future.
15 Mistakes IT Professionals Commonly Make in Disaster Recovery (DR)
The DR Plan Itself:
- IT is the Only One that Knows the Plan – What happens if something happens to IT or they are inaccessible? How do users access the data once the disaster recovery plan is in effect? All executives and managers should have a copy of the DR plan and understand their role in it. Also, employees need to know where to report in an emergency and how to access essential data.
- Store Backup Plan on the Inaccessible Device – Have a print out of your backup plan in your desk and at home, or store it electronically offsite. A plan on an office server during a hurricane or after a fire does you no good if you can not access it.
- Fail to Test Plan – Test the plan at least annually. Even better, act out the plan with users as a training exercise to ensure nothing is left out and to test that the plan is not too complex to implement. (Some IT pros will cheat a test by stacking the deck or hiding problems that occur during the test. Finding failures during a test is part of the reason you test, so you can learn the failures of the plan when the risks are minimal.)
- Lack of Diversity – You need to test different scenarios — remember those three types of disasters? If you test a flood, fire, and theft, you will easily realize how dependent you are for offsite backups, but also understand how long it takes to download all your data from a cloud backup. [Hint – it can take days!]
- Plan for the Least Likely Failure – Most IT pros focus on natural disasters because that is what the client asks about most since natural disasters regularly make the news. A good IT professional needs to educate the client about the most likely threat, a hard drive failure (which you can mostly prevent with Life Cycle Management).
- Cookie Cutter Plan – Just because a disaster recovery plan worked for one company, doesn’t mean it will work for everyone. Every network is different, and the plan needs to evolve as a company grows.
- Fail to Understand the Business’ (and Employees’) Needs – IT, along with the executives, need to prioritize deliverables based on business needs and remember there are people using the technology, not robots.
Backups & Hardware:
- Don’t Verify Backups Actually Work – Backups may be there, but if they cannot be used, then they are worthless. Many IT firms never test that their clients’ backups actually work because it is a laborious, tedious, and a repetitive task. Companies can lose months of data from a false positive on a backup report or missed email alert.
- Backup Once a Day – Backing up your data once a day may not be frequent enough for your company. You need to discuss the ROI of your RPO (Recovery Point Objective) & RTO (Recovery Time Objective. [For more information, see How Much Does Data Recovery Cost?]
- Cheap, Unreliable hardware and tools – Disaster Recovery is about having redundancy, and that requires using best-in-class [not necessarily the most expensive] hardware and tools to ensure you do not have a single point of failure.
- Don’t Backup All the Data – If you only backup once a day, large files may bottleneck the process, preventing your workstations and servers from being backed up. Also, many IT pros do not have a system in place to back up laptops, and remote employees may never be backed up.
While Executing the DR Plan:
- Once Using Backup Data, They do not Backup that Data [or Protect It] – Once your backup server becomes your day-to-day production server, you need to back it up AND protect it with the rigid protocols used for the primary data server. Some IT pros overlook these steps, and it is costly because it means you lose all your data!
- Don’t Plan How to Restore Things Back to Normal – A DR plan needs to account for transitions in two directions, switching production to the backups and switching back. Consider how that affects the users too.
Life After the Disaster:
- Not Refining the Plan Each Time – This mistake is especially costly for high-growth companies. When the company had 30 users, some things may have worked fine. Now at 70 users and 3 locations, the same plan does not.
- Not Reconsidering Aspects of the Plan with New Technologies – Things change and better tools come out or get cheaper (especially with the higher volume of a high-growth company). Reevaluate your tools regularly.
A good IT firm will work with you to create your DR plan and to weigh the numerous options with your needs and ROI. Don’t settle working with an IT pro with a reactive mindset because too much is riding on your data surviving, instead work with an IT firm with a proactive methodology.