Indepth: How to Help your Business Survive Disasters

Welcome to the P&L Advice & Guidance articles. You can return to the main site by either selecting the link below to read more articles or the P&L Logo for the home page.

Return to: Advice & Guidance / Indepth: How to Help your Business Survive Disasters

Remember to test your back-up filesHaving identified how far along the spectrum of Disaster Planning you want to go (as highlighted in What is Disaster Planning & Business Continuity?), the next step is to do something about it.

There are several broad alternatives you can consider;

Back-ups. This is the first and foremost activity you need to do. If you lose your data, you run a very serious risk of going out of business. How often you do the back-up depends on the company, but ask yourself this question; how much would you be prepared to lose? If your system crashes you'll only recover it to the time of your last working back-up.

Make sure you also follow these four important additional rules;

  • Test your back-up. Post-crash is not the time to find out that your routine didn't work. Try to recover your data from it. If you can't, something in the routine doesn't work and needs to be enhanced.
  • Keep it off-site. If there was a fire, flood or break-in and your back-up disks were damaged or stolen, you wouldn't be able to get your data back so keep a copy elsewhere.
  • Back-up both data and software. Backing-up data may be obvious, but you also need to make sure you can access the original disks for your software so they can be reloaded again without having to purchase new copies.
  • Back-up all your equipment. Pay particular attention to laptops or information saved on desktop computers. You may need a separate back-up for each laptop and computer unless you can be sure that everything done on them has been saved to your server and the server successfully backed-up.

Ensure your Firewall Protection is up to datePhysical Security. As prevention is better than cure, you want to stop as many dangerous elements as possible from getting at your IT. This includes making sure everything is locked and physically protected, but also the online aspects. Hackers can access your system whenever you sign onto an internet connection so make sure all your firewalls, anti-virus and spam protection are up-to-date. Effective security systems will probably be updated every day by the provider. Don't forget about password protection.

Mirrored Servers. This is where you have, in effect, a duplicate server. The principle is that if you lose one server then you can call on another. There are several approaches to this, each increasing in cost and complexity.

  • Bare Metal Recovery. This is like having a replica on stand-by. It will not have your data or be updated normally, but will reflect what you need and be able to quickly accept your data and software, getting you up and running again quickly.
  • Failover. You operate with two servers rather than one but only use one at a time. If something happens to the operational one, it automatically switches to the other one. There may need to be a delay in recovery whilst the non-operational server is loaded with the most up-to-date information, but because both servers are used frequently, the information will be a lot more recent reducing the time to become fully operational.
  • Real-time mirroring. This provides a significant degree of Business Continuity. Duplicate servers would be updated in real-time so that if something happened to one, the other automatically kicks-in with no loss of service but you need to consider physical location carefully.
  • Virtualisation. This is like real-time mirroring but without an actual server. It uses a variety of different hardware and software systems to give the effect of real-time mirroring but without the need for actual multiple servers. This is a relatively new concept which, although proven, is not without its difficulties and uncertainties. It is most likely to be used for companies who have an extreme need for seamless Business Continuity but who also want to position themselves as at the leading edge of new technological developments, as opposed to those who prefer the certainty of tried and trusted technologies.

The other main aspect to take into account is the location of the mirrored server. Clearly the mirrored server should be somewhere other than the main server otherwise it's a bit pointless having it. If there was a fire or some other disaster it could affect both servers.

Some mirroring services will use the internet as their connection which is fine providing the internet connection does not go down. Imagine if a digger cut through the cables outside your office causing the server to crash and triggering the need to use the mirrored server. The internet cables are also likely to have been cut so you would not be able to use it.

Other mirroring services will use a third party company. The downside of this is that you are relying on the third party to maintain and back-up the server but what if you haven't chosen wisely so they don't deliver on expectations or the relationship turns sour? You may only find out that they are unreliable when you need them most, i.e. after a disaster. Imagine if they hadn't been carrying out a proper back-up of your mirrored server.

In conclusion, once you know how far you need continuity or recovery you can start to formulate a plan based on your budget. You'll also need to seek expert advice before you implement any solution.