According to Nationwide's recent Small Business Indicator survey, it’s estimated that at least 68% of small businesses operate without a documented disaster recovery plan. This is an unfortunate reality, given that these plans can help businesses recover from unexpected disruptions more quickly and minimize their impact both short- and long-term.
No one can predict when their business will face a disaster, which is why it's always a good idea to make sure that your recovery plans are clear, documented, and up-to-date. What's more, a plan is only as good as its execution, which is why it's also important that your entire team understands the plan and the immediate steps that need to be taken in the event of a disaster long before one strikes.
Business Continuity vs. Disaster Recovery
If your business already has a "business continuity" plan in place, you may think that you already have adequate protection from the unexpected. However, this may not be the case.
A business continuity plan is a set of protocols put in place to ensure that business can continue for a period of time during a crisis. Disaster recovery plans go a step further and are directly focused on how the business can recover from a catastrophic event where business continuity may no longer be an option.
What Should Be Included in a Disaster Recovery Plan?
While every business has different disaster recovery needs, some of the key components may include:
PREVENTION: Outlining what steps are to be taken to ensure that critical systems are protected from failure or destruction. This may include performing regular risk assessments, internal risk management meetings, and conducting regular audits and inventories to ensure that all systems and infrastructure are adequately protected. Testing protocols may also be outlined in this portion of the plan.
DETECTION: Determining what measures are to be taken to ensure that threats to business systems and infrastructure are identified quickly and thoroughly. This may also include regular data collection and processing, deployment of automated “circuit breaker” protocols, audits of security systems (physical and IT), and a regular review of detection and restoration procedures with critical team members.
CORRECTION: Arguably the most important part of a disaster recovery plan, this section covers how a downtime event is to be corrected with the least significant negative impact. This may include guidance on the location(s) and use of backups, when outside/offsite equipment should be used (e.g. cloud servers), and unique measures that should be taken immediately after restoring service to protect temporary systems.
When critical business systems go down, minutes matter. For an in-depth look at what you should do when facing such an event, visit snb.com/disaster-recovery.
Sterling's dedicated team of Business Banking professionals are a vital asset to business owners and can act as conduits to other resources. To locate a Business Banker in your area, visit, visit snb.com/find-a-banker.
OTHER HELPFUL RESOURCES
The U.S. Department of Homeland Security’s Ready campaign educates and empowers Americans to prepare for, respond to, and mitigate emergencies. They have prepared an extensive free guide on business continuity and disaster recovery planning, which can be found at www.ready.gov/business-continuity-plan.