The Ping: Disaster Recovery and Business Continuity Planning

July 23, 2019 Corie Bogan Leave a comment BUSINESS CONTINUITY, business management, disaster recovery, network, PCI DSS, Security, The Ping, vulnerability

Last week we talked about the importance of keeping your machines upgraded on scheduled intervals. This not only helps your company save time and money, but also keeps your employees happy with efficiently running machines. While this does help keep your company functioning smoothly, what would happen if a disaster were to strike and take down all businesscritical devices or software? Could you say at this very moment that you are prepared for a disaster? 

What is a Disaster Recovery Plan?

We’ve previously discussed in The Ping: Disaster Recovery and Business Continuity Planning 101, the difference and necessity of having a Business Continuity Plan and a Disaster Recovery plan. So, how are they different? Disaster Recovery and Business Continuity Plans are similar in principle but quite different in practice. Business Continuity (BC) is a plan that identifies how to maintain business functionality during and after a disaster.  Somewhat of a big picture or a vision.  Disaster Recovery (DR) is a sub-plan of your Business Continuity Plan that focuses on restoring IT services and data after the disruptive event begins and loss is confirmed.  This is more like a milestone achievement that happens in an order to get to the end goal.  

Why is Disaster Planning and a Business Continuity plan necessary for your city? Most cities, and other organizations, require at the least one type of compliance requirement. Whether that requirement is CJIS, PCI, HIPAA (learn more here  The Ping: What is Compliance?) or a combination, a Disaster Recovery plan is necessary to stay within those requirements. Not only are you required to stay compliant, having a Disaster Recovery plan is beneficial to your company’s productivity.  The faster your organization is up and running, the less likely your company is bleeding funds due to a business stoppage. Perhaps most importantly, the longer you stay out of commission, the more of a hit your company’s reputation will take.  

What you Need

When creating a Disaster Recovery plan there are multiple required elements to ensure your plan will cover all your bases. Here are a few of these required elements: 

  • Communication plan! 
    • Who’s doing what and how to reach them in the event of an emergency? 
  • What are your critical systems and what procedures will you use to get them back up? 
  • Where are all your critical assets going to be in a disaster? 
    • Determine the physical location and who to contact to obtain them 
  • List of required licenses 
    • Examples include: Microsoft Office, Proprietary software, 3rd Party business critical software, etc 
  • Specific procedures that are required to implement your Disaster recovery plan. 
  • Who are the key 3rd party vendors and how do you reach them? 
    • Bonus Tip: Obtain their Disaster Recovery plans and add this information to yours! 

Due to the overwhelming amount of city hacks that have taken place over the past few years, a new option in company coverage is cybersecurity insurance. Last month in Florida a small city was targeted by hackers that demanded $460,000 after disabling their computer systems, according to The New York Times. However, due to their insightful thinking, the city had previously obtained cybersecurity insurance. In the end, the cost to the city was $10,000, while the insurance covered the remainder. A new must-have in keeping your business prepared! 

How to Prepare

Preparing for the unexpected may seem counterintuitive but can ultimately be advantageous for you in the long run. With much talk surrounding city hacking, your first thought might be to do everything you can to prevent such a cyber-attack. Conversely, have you thought of what it would mean to your organization if a physical disaster were to strike? Living in the Central Texas area, we know that thunderstorms often occur often during the spring and summer seasons. What would happen if your infrastructure were struck by lightning? How quickly will you be up and running again? As we mentioned in The Ping: Initiating Your Disaster Recovery Plan, here are some things to consider: 

  • Who do I contact if I need to recover data? 
    • Are we your first call?  
  • What is the retention period of each? 
    • How many weeks/months of data do you need to retain to maintain your business?  
  • Where are your backups physically? 
    • Do you have local and offsite backups? 
  • How quickly do you need to be up and running again? 
    • Have you discussed with your account manager how quickly you need to be up and running? 
    • Do you know which systems are considered critical to handle your most important business functions?

Need Help?

The processes mentioned are not something you have to feel that you need to do on your own.  These plans are not only put in place to provide you steps to resume functionality as soon as possible, they are also in place to help alleviate confusion and pressure in what can be an extremely stressful situation.  As your dedicated IT team, we’re here to help you sort out all the details. We will work with you to create a Business Continuity plan and Disaster Recovery plan that will cover all your compliance needs.  Let us know how we can help!   

Your UniVista Team
*Celebrating 20 Years of Customer Satisfaction*