In late November 2014 Brisbane experienced its worst storm since 1985 with over $1bn worth of damage to property and businesses.
Fortunately no one was killed or badly injured but more than 88,000 homes were without power and some areas of the city looked like more
like a war zone than a residential area.
Since then, we’ve seen earthquakes, volcanoes, typhoons, hurricanes, fires and floods around the globe impacting people and businesses. We
never know when a disaster whether it be natural or man-made may strike and it’s vitally important to be prepared.
I’ve put together some key tips around what businesses should be doing in planning for a disaster to help protect themselves and if
the worst was to happen how the business could get their IT systems up and running again.
1 Put together an IT disaster recovery plan
An IT disaster recovery plan should be essential part of any business plan. It is usually a compromise between best practice and
cost, with the overall cost usually dependent on how quickly the business needs to be up and running again. It needs to address all
functional areas within IT prior to, during and after a disaster.
When putting together a disaster recovery plan, risks need to be evaluated and decisions need to be made as to what will constitute a
disaster as well as how long the business can afford to be off-line for.
2 Put a Communication plan in place
If disaster strikes, it is very easy for things to get out of control quickly and be missed. That is why it is essential as part of
the overall disaster recovery plan that a communication plan be developed.
It is critically important to define who has responsibility communicating with staff, emergency services, media and customers, and that
this is documented and staff members are aware of their communication responsibilities.
You also need to think about who in the business has the responsibility for declaring a disaster and if they are unavailable, who that
responsibility is delegated to.
3 Test your plan
It’s all very well to create a plan, but it’s just as important to practice it and ensure that it works in case there is a real
disaster. Practicing the plan can identify areas of weakness and improvements.
Your disaster plan should be tested and modified on at least an annual basis. Every time there is a major change within the business,
whether that be IT systems related or process related, your disaster recovery plan needs to be updated.
4 Get insured
If the worst was to happen and your business IT systems are damaged or destroyed in a disaster, not having the right insurance, being
uninsured or being underinsured could have a catastrophic impact on your business. This could lead to it being forced to close for an
extended period of time or even worse not being able to re-open again.
A professional insurance broker can help you make the correct insurance choices.
5 Create an asset register
As part of the process of getting insured, every business should create a list of what assets they hold. In terms of IT equipment this
would include all pc, laptops, tablets, mobile devices, servers, network switches etc.
Your IT provider should be able to provide you with a list of your IT assets that you can store securely and provide to your insurance
company if the need arises.
6 Back your systems up off-site
You need to ensure that you are backing up your critical IT systems at least every night and that a copy of this is held securely
If your office is hit and your IT systems are destroyed or unreachable, then you will need to be able to access your critical data from
7 Save your critical recovery documents securely offsite
Some documents are absolutely critical for businesses in the event of a disaster, like contact lists and emergency procedures. These
need to be stored securely on the company network but also a copy needs to be available easily if the computer network is not reachable.
Some businesses keep these documents in a bank vault or with senior management. Other business have set up a cloud based file sharing
account that senior management have permission for and can be accessed easily in the event of a disaster.
8 Flexible working
Many businesses have suffered due to IT systems or offices not being available after a disaster, which has led to severe and sometimes a
Businesses with flexible working capabilities and cloud based IT now have the ability to function even if their office/premises are out of
9 Cross-train staff and spread the skills
Only having one person with a certain skill and over relying on that person as well as not training other staff to cover the area is a
mistake many businesses make.
In the event of a disaster if that person is unavailable for whatever reason the business can really suffer.
10 Check with your network to ensure your suppliers and customers are protected as well.
Even if your business is covered, how are your suppliers or customers protected if a disaster hits them? Will your business be
impacted if a supplier can’t supply a specific part or service because they have suffered a disaster? And if a large customer
suffers a major disaster and cannot take your product or service how will that impact your business?
If you need any assistance with your IT security strategy or any advice around your technology requirements please call us on 1300
or email us at firstname.lastname@example.org.