Your Disaster Recovery Plan/Policy for Hurricane Prep

Here’s a fun fact: According to the National Hurricane Center, “The Atlantic hurricane season runs from June 1st to November 30th, and the Eastern Pacific hurricane season runs from May 15th to November 30th.” In other words, hurricane season is here, and it’s here to stay. Every year, businesses located along the coastal U.S. have to deal with high winds and heavy rainfall from storms that can range in strength from “tropical depressions” that have wind gusts of less than 38 mph to category five storms that have consistent wind speeds exceeding 157 mph.

Even a “weak” hurricane can cause widespread devastation throughout a state by creating storm surges that overflow river banks and sewage systems to create floods, knocking down power lines, and littering roadways with debris that make travel difficult. These impacts can ruin the delicate infrastructure that businesses rely on to keep the lights on and their data available to users (both internal and external).

How can businesses in hurricane zones curtail the risk of permanent data loss and ensure business continuity in the face of a disaster that can take down their primary data center?

This is what disaster recovery plans (DRPs, DR plans) are designed to address.

What is a Disaster Recovery Plan?

A disaster recovery plan can be described as a set of tools and procedures designed to allow your business to recover from an unplanned service outage and restore normal function—the specific measures used might vary from one company to the next. However, with the advent of cloud-based data storage and processing services, disaster recovery has become increasingly synonymous with remote data backup and production environment services.

This is because having the ability to store mission-critical data in a remote server that is in a different geographic location from your primary data center makes it easier to ensure that you won’t lose your data to a natural disaster such as a hurricane. A category five hurricane hitting Florida won’t put a scratch on a data center in upstate Washington, leaving the backed-up data intact. This backup can then be downloaded into a new data center if the old one is destroyed or otherwise rendered useless.

When remote data backup servers are combined with remote production servers in a platform-as-a-service (PaaS) or a disaster recovery-as-a-service (DRaaS) model, your DR plan can become a core part of your business continuity (BC) plan—helping to ensure minimal downtime regardless of what happens to your business’ primary data center.

Setting Up a Hurricane-Proof Disaster Recovery Plan

If you want to hurricane-proof your DR plan, odds are you’re going to want to use remote data backup services—it doesn’t do you much good to back up your data to another drive or computer in the same state if it gets destroyed, too, after all.

Aside from making sure that your backup is in a safe location far from a hurricane zone, the process for creating a robust, hurricane-proof disaster recovery plan isn’t that different from a regular DR plan creation process:

  1. Begin with an Audit of Your IT Resources. To ensure that you’re able to back up ALL of your most important data, it’s necessary to know what IT assets are on your network and what data is on each asset. Without a thorough audit, it’s possible to miss essential data—plus, this can help you make sure that there aren’t any pieces of sensitive information on terminals that shouldn’t have such data.

  2. Find a Remote Data Storage Solution. Take some time to investigate different options for creating/acquiring a remote data storage solution for your business. For hurricane DR preparedness, check for the following:
    1. The geographic location of the data storage site—for protection against natural disasters, you want it to be far away.
    2. The frequency of backup creation—the rate at which backups are made affects your recovery point objective (RPO) following a disaster. More frequent backups mean less data lost to a hurricane.
    3. Business continuity features—if you have the budget, it may be worthwhile to consider a PaaS or DRaaS solution that includes a remote production environment that can near-seamlessly take over should something happen to your primary data center during a hurricane to minimize disruption to your customers.

  3. Identify and Separate Your Mission-Critical Data. Most businesses don’t typically need to copy every file from every workstation, mobile device, and USB drive in your company. In fact, a lot of the data on these assets might be redundant. Trying to copy all of it could result in unnecessary expenditures for storage space and for the processing power to copy it all. Instead, use the information gleaned during your audit to identify all of the data that is “mission-critical” for your business and copy that over to the backup. The audit also provides a good chance to practice some data hygiene by removing extraneous files from assets that shouldn’t be storing it—which helps to reduce the risk of data leaks.

  4. TEST YOUR PLAN! There’s this thing called Murphy’s Law. It states that “what can go wrong, will go wrong—and at the worst possible time.” When a hurricane is blowing through your offices, and the flood waters have just wrecked your data center, that is not the time to find out that there’s a flaw in your DR plan. To ensure that you have a foolproof DR plan, you NEED to test it rigorously and check for issues like single points of failure, recovery times, and completeness of the data backup. Failing to test your disaster recovery plan could prove disastrous in its own right.

Need help implementing the tools you need to make your DR plan work? Then contact the team here at Compuquip Cybersecurity! We have extensive experience in helping companies find the right technology to fit their needs and get said tools up and running. Let us worry about your data security and recovery so you can focus on running your business.

back-to-cybersecurity-basics