In the previous weeks, we've been talking about RPO, RTO and DRP, but how can you combine all of them in order to design the perfect for your company?
Define the focus
First of all you have to be precise and decide on which part of your business the DRP is focusing. For some companies, a DRP applies to every department with a lot of measures (e.g. Emergency Escape procedures or homeworking in case of staking,...). But we, at EASI, as an IT company, we want to highlight the IT part of the DRP.
Business critical or not?
You also have to determine the RPO and RTO that your business requires. Indeed, you don't need to restart all your servers if they are not business critical. Maybe just some of those are important and it is important to focus on those ones.
Some can be replicated into a Cloud environment or a second site while some others just need a cold recovery site that can be activated within a few hours/days.
Testing is crucial
Once your servers have been prioritised and your DRP designed, you HAVE to test it ! This test is crucial because it will reassure you when needed. Remember when you were young and the fire alarm started at school. You all had to go to a determined spot even if there was no fire. This exercise was done to make sure you knew exactly what to do on the D-day.
Step-By-Step
To conclude, your DRP won't be set in just a few days. You have to build it step-by-step and even more important, you have to create a crystal clear procedure in order to apply it in case of unpredictable event. This document has to be understandable by other people than the IT manager because it might happen that the person in charge of the DRP is also impacted by the disaster and therefore unavailable.
In short, get prepared for the unpredictable
