And You, Do You Have a Contingency Plan?
And You, Do You Have a Contingency Plan?
Accidents happen; It often happens that no matter how careful we may be, there are inevitable things and also for those we have to be prepared.
Regarding the security of a company and its data, today it is absolutely necessary to have a contingency plan, since as the saying goes, “better safe than sorry”.
A clear example took place just recently, when a major cloud provider suffered from a fire in its facilities, affecting companies around the world that had their web services hosted there.
But let's start at the beginning. What is a contingency plan?
In English, it is defined as ”Disaster recovery” and consists of, in short, having a “Plan B” through which to protect the company against possible adverse effects. If we develop it a little more in depth, a contingency plan, also called a "disaster recovery plan", would consist of carrying out a series of procedures that would allow the business to continue working even at times when some of the parts of the company stop working. That said, it is clear that having a proper contingency plan is key so that the company is not affected in the event of an incident. In addition, some advantages of the recovery plans are worth highlighting, such as their business and service continuity to your users, the ability to adapt to your needs, be multicloud or have geographic distribution.
The value of having a contingency plan... or why not having one could ruin your company
Every now and then an incident takes place that reminds us of the importance of having a disaster recovery plan. Although it seems obvious, not all companies have a contingency plan and most of the times this is due to economic issues.
Having backup copies has a cost and if we already delve into issues such as geolocation, etc., the cost may be too much for some small companies. However, as we have seen, the importance of this rather justifies its cost because, in the event of a failure of the CPD where we host our services, we could lose all the data and that could mean the end of the company, worst case scenario.
According to Uniway experts, “having a Disaster Recovery plan is essential to protect your data from any unforeseen event either hardware, such as any physical damage to the servers, or software, such as the case of a ransomware attack, we have seen both cases recently. A good contingency plan would allow you to recover your data in a short amount of time and thus minimize the damage that this could cause. Nowadays, this is a critical point every company must focus on, data loss could cause irreparable damage to any business.”
Thus, there is something indisputable, to have a backup, noting that the location of this second one has to be different from the first one. This process is quite simple and can be done either through a backup, or by replicating it in real time.
How to carry out a contingency plan?
It is true that disaster recovery plans are different depending on the sector the company belongs to, as well as its size, however, there are some common basic elements that give us an idea of the path we should follow. It will also vary according to the size of the company, but it is important to have a team or manager in charge of managing the plan.
When creating a contingency plan, you must have five basic guidelines that will be the basis of everything else.
- Evaluation
- Planning
- Feasibility
- Execution
- Recovery
Once these are internalized, let’s proceed to develop them:
- Evaluation: It is the first step, that of analysis. Here we have to get into assessing the possible risk scenarios, as well as the essential activities and their recovery time. It is also time to study what the necessary resources are, both human, financial, and material.
- Planning: What are the best measures to take in a critical situation? It is time to define the actions, to achieve an objective as important as the survival of the company. In case of need, you must have a strategy in place and be able to have the necessary resources.
- Viability: The prior measures will depend on human, material and economic aspects that must be determined. On an economic level, it is also important to have a minimum liquidity of a range between one and three months.
- Execution: Once the company has suffered the accident, it is necessary to get down to work and stabilize the situation, get rid of possible dangers, anticipate possible damages, and find a way to resume activities as soon as possible.
- Recovery: Once the pothole has been overcome, measures must be taken to restore the previous situation. In addition, it is advisable to review the plan periodically and adjust it if necessary, as well as carry out drills to identify errors and be able to fix them.