Disaster Recovery: Preparing For Natural And Man-Made Disasters: Don't Forget The Data! By Brian Murphy, Iron Mountain

Due to the recent rash of fires, earthquakes, tsunamis, and hurricanes worldwide, organizations now understand that the ability to recover data quickly and completely following a disaster is vital to business continuity. At the same time, today's businesses depend more than ever on instant data retrieval – and on the suppression of computer viruses, power outages, hackers, and human error – in order to maintain an uninterrupted flow of goods and services. These factors have made it crucial for companies to plan well for business continuity and disaster recovery.

One of the most important items on a company's disaster recovery preparedness checklist is to evaluate data backup and recovery procedures. For most businesses, without the data there is no recovery. The following are five important steps for preventing business critical data from being destroyed by a disaster:

1. Make backup copies of all critical data. Companies need to ensure all of their critical data is backed up – not just primary servers and the data center. Take an inventory of your business information. How much information is sitting on remote servers and employee PCs and laptops? Is that information backed-up as well?

2. Protect your backup data offsite. Data backup is just one facet of data protection. When businesses fail to take their backup data offsite, they leave their data vulnerable to disaster at the office. Send your backup data off-site to a trusted third-party that will ensure you have your data when and where you need it. Many businesses have their backup tapes transported to a secure off-site location, or they employ online backup services that automate the process for them.

3. Have a disaster recovery plan and test it. Companies that regularly test their disaster recovery plan are able to respond more effectively in the event of a real disaster if they have anticipated and rehearsed what they would need to do to recover their systems in another location, practiced the escalation process and determined which tapes are needed, where they should go, and how to have them delivered. With regular testing of their plans, companies have "pre-made" decisions that are more difficult to make during an actual crisis. And don't forget to include the disaster recovery vendors when simulating events – you'll have a much better idea of how well they're prepared to respond, especially if you test without giving prior notification.

4. Test your backup solution. Companies should conduct simple restore tests with their backup solutions either weekly or after critical events, like the closing of the quarterly books. Since there are typically so many steps involved in the backup process, it is easy for a simple mistake or oversight to prevent a successful restore. Testing dramatically increases the likelihood of finding a problem before it's too late.

5. Communicate early and often with your Disaster Recovery vendors. Have you pre-arranged planning with your business partners and suppliers to ensure that you can get what you need? Make sure you understand the protocols for "declaring a disaster" with your off-site data protection provider. Don't wait until after the disaster has occurred: put them on alert and make sure they understand and can meet your expected time window, and know where you want your recovery data delivered when the "bell rings." In preparation of an impending hurricane or storm, you can also ask your off-site data protection vendor to move your data to a location further away to ensure speedier delivery to a hot-site once you've declared a disaster.