What is a disaster recovery plan?
A Disaster Recovery Plan (DRP) is an essential set of policies and processes designed to help an organization recover from potentially severe operational interruptions caused by foreseen and unforeseen circumstances.
These circumstances can be natural or human-caused, with causes which can include but are not limited to:
- Natural disasters
- Accidental equipment failure
- Computer hackers, viruses, ransomware, and more
An ideal DRP is part of a larger Business Continuity Plan, and will include strategies to ensure all business-critical data has been backed up in accordance with the 3-2-1 backup rule.
Why do I need a Disaster Recovery Plan?
Disaster Recovery Plans allow organizations to respond before, during, and after interruptions that would otherwise limit or cease the organization’s operations. If severe enough, unplanned-for disasters will cause organizations to dissolve or go out of business.
For example, in cases of cybercrime, computers and servers are popular attack targets for hackers and ransomware. With a good DRP, a policy in place for endpoint detection/response can help minimize and prevent additional damage caused by the attack; a policy for endpoint backup can help retrieve business-critical data from a point before the attack and allow operations to continue while the attack is contained.
Endpoint detection/response policies and endpoint backup policies complement each other by working together to prevent business interruptions and allowing business to continue functioning after foreseen and unforeseen circumstances affecting endpoints.
Some examples of circumstances affecting endpoints include:
- Accidental hardware failure
- Intellectual property theft
- Ransomware attacks
What should I include in my Disaster Recovery Plan?
A strong foundation for a Disaster Recovery Plan should include, and is not limited to, the following:
- A designated recovery team
- An emergency contact list, which should include all parties involved in the recovery process
- A complete inventory of assets, ranked by criticality for ongoing operations
- A catalog of critical data, their location, and their backup locations
- Data security protocols to ensure data safety and regulatory compliance
- Data loss prevention protocols to ensure sensitive data is not mishandled
- Procedures in place and documented to respond to foreseen and unforeseen disasters, including potential offsite locations for continued operations.
- A recovery point objective (RPO) and recovery time objective (RTO)
- Communication plans for employees, external stakeholders (eg. shareholders, board members or law enforcement partners), and customers where applicable
- Continual tests, drills, and updates
Who should be part of creating a Disaster Recovery plan?
Disaster Recovery Plans should involve key members of all departments throughout the organization; these individuals in particular would provide insight into the organization’s interdependencies critical for disaster recovery and business continuity.
Disaster Recovery as a Service (DRaaS) companies are also an option for disaster recovery planning needs, with services that can range from minimal assistance to full responsibility for disaster recovery.
Learn more about disaster recovery planning here.
- What is endpoint detection and response (EDR)?
- What is the 3-2-1 Backup Rule?
- How is EDR different from endpoint backup?