Data Disaster Recovery

A disaster is defined as a sudden calamitous natural or manmade event that causes great damage, loss or destruction. Natural disasters include fires, ice storms, damaging winds, earthquakes, pandemic diseases, hail storms, hurricanes, landslides, lightning, tornadoes and tsunamis, among others. Manmade disasters can include hazardous materials, civil unrest, explosions, blackouts, nuclear events, chemical threats, biological weapons, cyber-attacks and other disasters caused by humans.

For commercial-building owners, facility managers, architects, engineers and contractors, the list of potential disasters seems endless. Disaster preparedness is the act of anticipating all different types of disasters and then building and maintaining customized plans for each that enable a business to maintain operations no matter what is happening around it.

Disaster preparedness can be a daunting task. So where do you start? The Federal Emergency Management Agency has identified the following framework for businesses to follow:

  • Program Management: Before you plan, you need to think. Program management involves organizing, developing and administering a disaster preparedness program. To do this, you must identify federal, state and municipal regulations that constitute your baseline requirements.
  • Planning: After you complete the fundamental program management tasks listed above, you can begin disaster preparedness planning. An effective disaster preparedness plan is a comprehensive one. But that doesn’t mean it’s all about grinding through apparently endless processes and details. Disaster preparedness plans also require imagination, creativity and an ability to think outside the box. This means assessing all the risks your business could potentially face from different types of natural and manmade disasters. Consider those that you deem impossible in addition to those you think most probable because, in reality, you just never know. Once you have all of your business threats outlined, conduct a business impact analysis that outlines disaster recovery consequences, and determine ways to mitigate these risks.
  • Implementation: After the initial planning phase comes the heart of disaster preparedness—creating the plan itself. Strong disaster preparedness plans are those that are customized for each specific type of threat. They must also address resource management, emergency response, crisis communication, business continuity, information technology, incident management and training. Let’s take a look:
  • Resource management: Ensure resources are in place for communication and warning technologies, fire protection and life-safety systems and pollution control systems, among other equipment, material and supplies.
  • Emergency response: Prioritize actions for life safety, which include, where appropriate, evacuation, sheltering, shelter-in-place and lockdown.
  • Crisis communication: Establish a crisis communication plan and designate one or more persons to be the main point(s) of communication during a disaster.
  • Business continuity: Provide the facilities and resources as part of your commercial infrastructure that enables the execution of your disaster preparedness plan.
  • Information technology: As above, provide facilities and resources as part of your commercial infrastructure that enable the execution of your IT disaster preparedness plan. An IT disaster preparedness plan is typically performed by each of the businesses in your property.
  • Incident management: Establish an Incident Management System (IMS) and designate incident commanders who can work with tenants during a disaster to coordinate execution of the disaster preparedness plan. Incident management is critical because while you can plan to the fullest, there are always unanticipated events that occur.
  • Training: Prioritize training so that everyone knows what to do when a disaster strikes.
  • Testing and Exercises: No plan is perfect. A key mantra in real estate is “location, location, location.” Likewise, a fundamental tenet of business disaster preparedness is “testing, testing, testing.” You must test and evaluate your disaster preparedness plan. And test again. This means defining a set of testing exercises, learning how to conduct those exercises, and then using the exercise results to determine the effectiveness of your plan and to improve any weak spots.
  • Program Improvement: Beyond testing, which examines conformance to your plan, you should also put your disaster-preparedness plan under broad, comprehensive reviews. Evaluate your program using a cross-functional review team, and then use the results to improve your disaster preparedness plan. This step is often ignored or forgotten after the first disaster preparedness plan has been completed and a rhythm of testing and exercises begins, which is potentially a costly mistake. Program improvement enables a continuing assessment of evolving types of threats and responses to those threats, which are critical given the pace of change in our society.

Disaster preparedness can be overwhelming, but don’t let it be. With a little planning, patience, creativity and strategic thinking, you can reduce the risk of damage and downtime in the event of a disaster. If things get tedious, just remember, being proactive is always better than being reactive after the damage has been done.

About the Author

Dr. Mark Campbell
Dr. Mark Campbell is the chief strategy and technology officer at unified data protection provider Unitrends.

Be the first to comment on "Data Disaster Recovery"

Leave a Reply

%d bloggers like this: