Alternately, small businesses can store hard copy reports, magnetic tapes, DVDs, or flash drives off site.
If your small business stores physical information at a secondary site and/or backup information in the cloud or on an external device, you must consider security.
If cost is a major concern, a cold site may be your only option. You could also explore other creative avenues that mirror a formal cold site—for example, perhaps you could strike an agreement with a trusted small business peer who would provide access to their conference room or vacant office available if a disaster occurred.
Most small business owners don’t think they will be the victim of a cyberattack or natural disaster—until one strikes.
Consider: Once you develop a disaster recovery plan, you must maintain it.
To do this, establish a cross-functional team that drives maintenance and awareness initiatives.
However, most follow a similar structure, encompassing definitions, duties, step-by-step response procedures and maintenance activities.
In our template, we’ve used the following outline: Like any policy document, a DR plan is useless if it spends most of its life sitting in a drawer somewhere.
Your DR plan should take into account the following: At the centre of most DR plans are two all-important KPIs, which are typically applied individually to different IT services: recovery point objective (RPO) and recovery time objective (RTO).
Don’t be confused by the jargon, because they’re very simple: Even a small business DR plan can be a lengthy and complex document.