6 Steps to Creating an Effective Business Continuity and Disaster Recovery Plan

Despite the critical importance of a business continuity and disaster recovery (BCDR) plan, the vast majority of businesses simply don’t have one. According to Mercer51 percent of companies don’t have a plan at all and an additional 31 percent have a plan but haven’t implemented it.  

That’s a big number, especially since business interruptions or crises of varying degrees are pretty common. But of companies that experience some kind of disaster, 90 percent won’t recover, reports FEMA, unless they can get back up-and-running in under five days 

Within company-wide BCDR plans, there are also department-level plans. Of those, IT operations are among the most critical. 

The only way to bounce back quickly from disasters big and small is to set up IT processes that keep a company functioning following an unexpected event. 

Fortunately, creating a BCDR plan to support IT operations in the event of a disaster comes down to just six basic steps, says Justin Guse, senior cloud solutions architect at EagleDream Technologies (EDT). 

1. Define the scope

Before you can develop a plan to keep your company operating, it’s essential to identify how the organization could be impacted by any kind of future disaster, natural or man-made. That is typically done through a business impact analysis (BIA). To create a BIA, you first identify all the potential points of vulnerability and then craft a plan to reduce the impact of any failures in those areas. 

As part of the BIA, it’s likely that you’ll identify where all of your critical business data resides. This includes paper-based data, too, which may be stored away in filing cabinets, and data that is outside the IT departments control. 

This could include customer data, financial data, access control data, facilities data, and human resource data, to name just a few of the many possible types of information. 

2. Determine backup solution and frequency

Once you’ve identified all the data you want to protect, you’ll want to establish routines for backing that critical business information up and restoring it, ideally in the cloud. That requires defining the systems that need backing up and the required frequency. 

Depending on the type of system being protected and restored, including database servers, file servers, or web applications, there are a variety of solutions. 

3. Choose backup technology

Since most cases requiring disaster recovery are human-caused, with data being inadvertently deleted or corrupted, Guse says, one of the most important system parameters must be recovery point objective (RPO), or how long the interval is between system backups.  The other critical parameter is recovery time objective (RTO), or the maximum amount of time it takes to get the system operating again. 

The best solutions provide both a low RPO and a low RTO, so that companies can go back within minutes (versus hours) to correct a corrupted line of code before it gets published system-wide and so that it will take only a few minutes to get back online.  

EDT’s partner CloudEndure offers the best solutions on the market at the moment, due to its low RPO and RTO, and the fact that it can work on any system, on-premise or in the cloud. It is modular, easy to use, and highly automated. 

With many companies having to pay penalties to server customers based on downtime, minimizing that metric is essential to profitability. 

4. Implement the tool

With a backup tool selected, the next step is deciding whether to implement the technology internally or with the help of a consulting firm like EDT or third-party provider.  

Most companies make this decision based on available resources, time, and expertise. 

5. Test it

After getting the backup system operational, it’s time to test it to make sure it is working as expected. This frequently involves running test restores. 

Once it is fully functional, it’s important to document the backup process by creating a run book. This manual for how to restore data, step-by-step, ensures anyone can get the system up-and-running again. 

Testing quarterly or semi-annually is considered best practice, though at least once a year is the minimum standard. Testing routinely helps ensure backups are working as anticipated, so that you don’t encounter surprises down the line. 

6. Review results

Just because your backup technology was working as expected last month, or last year, doesn’t mean you shouldn’t check it regularly. That includes reading through the documentation to confirm no part of the process has changed, and then revalidating it. 

Ideally, you should have an advisory team regularly reviewing your BCDR to keep it continuously updated. 

For most organizations, any lack of attention to disaster recovery typically has more to do with the overwhelming number of priorities already on their plate than with a belief that they are immune to catastrophe. There are so many pressing issues for IT departments to address that frequently other projects take precedence over forward-looking activities. 

“The one thing every business dreads is failure or data loss,” Guse says, which sometimes happens when you go to restore and find out the system hasn’t been backed up in three months. Continuous monitoring and testing can help avoid such surprises. 

The vast majority of IT professionals understand the importance of preparing for a system failure, to reduce its impact on business operations, but with limited resources, planning can fall to the bottom of the to-do list. However, an investment of human capital and new-age backup solution now, to prepare for the inevitable failure and recovery, can save time and money in the long-run, and reduce the negative impact a disaster may cause. 


Justin Guse

Senior Cloud Solutions Architect
AWS APN Ambassador

With over 10 years of experience in IT, Justin has strong background in infrastructure, networking, and systems administration. As an avid learner of the latest emerging technologies in cloud computing, networking, automation, and DevOps, Justin is professionally certified in AWS and Microsoft technologies.

Using his industry knowledge and skills, Justin appreciates enjoys working closely with his clients to design and build modern, cloud-native systems, focusing on high-availability and scalability. He continuously strives to deliver a superior customer experience through long-term, strategic relationships.

Learn More about How EagleDream is Raising the Bar for Disaster Recovery with CloudEndure.

Dream Build Soar

Let’s start building

Have an idea that you would like to share? We want to help you bring your ideas from concept to reality.