HAVE A DISASTER RECOVERY PLAN IN PLACE!
A disaster recovery plan is a step-by-step plan that describes the methods used to secure data against disaster and sets guidelines for how an organization will recover lost data if and when a disaster occurs. One of the most destructive corporate disasters in recent history v/as the September 11, 2001 terrorist attack that caused the World Trade Center collapse.
Surprisingly, very few companies affected by the disaster experienced critical data loss. Most companies were able to reconstitute their computer systems because a bombing eight years earlier at the World Trade Center prompted many companies in the towers to design disaster recovery plans.
One Example is: Kemper Insurance
Kemper Insurance was located on the 35th and 36th floors of the World Trade Center North Tower. After the 1993 bombing Kemper's IT staff designed a disaster recovery plan. The plan not only detailed what to do in case of a disaster but also required a mock disaster recovery exercise at least once a year. In these yearly exercises, IT employees went through the process of reconstructing the company s computer system from scratch at an off-site location. They configured new hardware, installed the required software, and restored data from backup tapes.
In response to the 9/11 catastrophe, Kemper Insurance IT employees followed the disaster recovery plan and re-created the computer system at another Kemper Insurance site. Kemper Insurance was up and running by 4 00 a m on September 12 - less than 24 hours after its main office was destroyed.
Disaster recovery plans must deal not only with calamities such as the World Trade Center collapse; they also must take into account day-to-day events that could potentially cause data loss. Backup tapes can become corrupted, an employee might spill coffee onto the most critical storage device in the building, or a virus can slow down the network to the point that its unusable
A well-formulated disaster recovery plan should account for all kinds of trouble. from the most minor glitch to the most destructive disaster Specifically, an enterprise-wide disaster recovery plan should
• Ensure the safety of people on the premises at the time of a disaster
• Continue critical business operations
• Minimize the duration of a serious disruption to operations
• Minimize immediate damage and prevent additional losses
• Establish management succession and emergency powers
• Facilitate effective coordination of recovery tasks
A disaster recovery plan can mean the difference between an organization rebounding after a disaster or simply ceasing to exist. Disaster recovery plans are as critical to data security as data backups, firewalls, and password protection. As a key component of computer system management, disaster recovery is the focus of numerous publications and conferences.
Digital Data System Guards and Controls |