All-weather Disaster Recovery Plan

October 11, 2022
Colocation, Disaster Recovery, Hybrid IT

Be Disaster-ready with an All-weather DR Plan

Florida and other coastal areas are reeling from the devastation Hurricane Ian left in its wake. California and Arizona are still dealing with the effects of Tropical Storm Kay whose downpours triggered flooding.

Wildfires are currently burning in 10 states, stretching from Alaska to Texas. While winter is still several weeks out, the Midwest is preparing its supplies of salt and sand and its fleets of snow plows ─ all while hoping that freak tornadoes don’t pop up this fall.

The fact is that every geographic location has its weather-related risks. Not all of these risks will transform into full-fledged natural disasters that can take out a data center ─ but they could. They also could generate events that result in power outages or other disruptions to business.

And that makes preparation for the “what ifs” so important.

No matter where your business is located or your data is stored, it’s important to have a storm-preparedness plan in place as part of your overall disaster recovery (DR) and business continuity (BC) plan.

Plan for All Potential Risks

As part of your DR planning, conduct a risk assessment. Identify all potential risks, including those related to weather. Determine how they could affect your IT infrastructure and business operations.

Don’t just think of storm- or weather-related risks in terms of the direct impact of the event. For example, a storm could damage a neighboring suite in your building, causing a fire or flood that in turn damages your offices. Or a storm could cause road closures that prevent your key employees from getting to your offices.

Plan for the People-centric Components

The most important component of the plan should deal with protecting employees, and include instructions for what they should do if threatening weather or potentially hazardous situation – like a wildfire – is approaching, or if a warning has been issued. This includes directives to:

  • Evacuate or move to the identified shelter location if officials recommend this.
  • Abandon work trailers as they offer little protection and seek shelter in designated areas.
  • In the case of tornadoes, stay inside the building but away from windows, doors and outside walls. Move desks, files, equipment, and furniture away from windows. Papers, drawings, etc. should be placed inside files or desks. Wrap office equipment, such as copy machines and computers, in plastic to protect against water damage.
  • Turn off all air conditioners, disconnect electrical equipment, shut off lights and turn off all utilities at the main power switch. Close the main gas valve if there is time.

Many of these directives will be specific to the situation, which makes it all the more important to account for any potential disaster.

Plan for Your Facilities and Data

Once the “human factor” is covered, outline processes for minimizing disruptions to business operations and protecting mission-critical IT assets, data, and applications. Among the required tasks:

  • Assess risks to your mission-critical infrastructure and data.
  • Determine what functions you could lose or do without for a certain amount of time so that you can create a priority list for your DR planning.
  • Identify your most critical IT applications and data.
  • Make sure all data is regularly backed up, preferably off-site.
  • Test your data recovery process to be sure that it works and that you know how to access critical information.
  • Consider options such as cloud storage or cloud-based disaster recovery to minimize loss of or access to your critical IT assets. A number of managed services are also available from companies that specialize in information technology (IT) infrastructure.
  • If you use colocation, cloud, or other outsourced IT services, check with your vendor to see what kind of DR plan it has in place.
  • Compile a “business on-the-go kit” with everything you might need if you had to conduct business from a remote location.
  • If employees are expected to work from home, make sure they are equipped to be productive there.

Plan for After the Event

After the threat of a disaster, or the actual disaster itself, has passed and/or any warnings have been lifted:

  • Make sure all employees are accounted for and not injured. Be prepared to accommodate employees who can’t make it back to work due to the effects of any disaster on their families and/or homes.
  • Put your communication plan into effect as soon as possible.
  • Immediately enact relevant components of your DR/BC plan.
  • Pay attention to the latest news and weather updates.
  • Survey the inside and outside of the building for structural damage, and sharp objects. If you were forced to leave your building prior to the storm, make sure the site is safe for re-entry.
  • Stay away from downed power lines or other hazardous situations, and report them immediately.
  • Contact emergency response personnel to report any hazardous materials that have leaked.

Plan for Resiliency

It’s important to remember that DR/BC planning isn’t just about “recovery.” It also includes resiliency. IT resilience is a company’s ability to maintain acceptable service levels, no matter what challenges arise or disasters strike. The focus is on “uptime” rather than recovery time.

But it’s not just a matter of data center resiliency and keeping servers and applications up and running. Resilience extends to all physical and virtual layers of an organization, including business processes, workflows, technologies, policies, and even the people required for always-on availability.

While it’s difficult to find an off-the-shelf solution that can offer complete DR resiliency, it is possible to develop a customized, resilient DR plan. If you don’t have the internal resources to create one, consult with a third-party vendor that specializes in IT solutions that can be tailored to your company’s specific needs.

Here are some of the important components you may need in your DR plan in order to keep your mission-critical computing platforms and systems available even when disaster strikes:

  • A data center or colocation facility that employs redundant components, systems, or subsystems. When one component or system fails or experiences an outage, the redundant element seamlessly takes over to continue providing services to end-users. The data center or colocation facility should also be powered with separate utility feeds from diverse substations so that a backup is available when the first utility feed fails.
  • Ideally, you want access to a second (or possibly multiple) strategically located, geographically distributed data center or colocation facility. If an unplanned outage or system failure occurs at one facility, your data and applications remain available at an alternate site or multiple sites. The cloud counts as a secondary location.
  • High-speed, low latency network connectivity enables large quantities of data to be continuously replicated and synchronized in real-time between the facilities. There should also be a sufficient network capacity to avoid bottlenecks. All the better is you also have monitoring of your WAN bandwidth consumption to allow network routes to be established and modified as required.
  • Around-the-clock monitoring of your systems and operations. This can enable you and/or your service provider to proactively identify and mitigate issues.
  • Support from a Technical Operations Center staffed 24/7/365. Disasters aren’t restricted to normal business hours. When you have a question or concern, you need to be able to reach a technical expert right away regardless of the time.
  • Service level agreements (SLAs) for any data protection services, including DR, replication, and backup, guarantee infrastructure availability and recovery time objectives for greater peace of mind and protection from or prevention of downtime.
  • Measures (employed by you or your service provider) that can reduce the probability of system failure such as load balancing servers to prevent an overload, or providing redundant systems that can prevent single points of failure.

It’s important to note that not all your workloads and applications need as much protection and availability as others. A business impact analysis and risk assessment of all your IT assets can help you determine their acceptable levels of availability and better match elements of your DR plan to meet those requirements.

Plan Your Next Steps

You can’t escape bad weather and other potentially business-disrupting events. However, you can be prepared for them. For more information on how US Signal can help, call toll-free: 866.2. SIGNAL, or email: 616.988.0414.