Seven Steps To Create An Effective Disaster Recovery Plan

Uploaded on 2021-07-12 in TECHNOLOGY--Resilience, FREE TO VIEW

All IT and senior management need an effective Cyber Disaster Plan to reduce the chances of a cyber attack, criminal hack or ransomware demand. An effective  disaster recovery plan should include identifying critical IT systems and networks, highlighting the recovery time objectives, and outlining the steps needed to restart and recover the systems and networks. 
 
End-to-end cyber security solutions provider Quorum have identified seven critical steps an organisation that assists with IT systems recovery. They will also help in creating a disaster recovery plan so you can ensure that your organisation is protected against a worst-case scenario. 
 
1. Central to this process is identifying all critical applications and servers that need to be backed up:   Be thorough, exclude nothing and don’t assume that you know what is best for your users. Make sure to include ancillary systems like domain servers, as well as other network equipment, circuits and locations. 
 
2. This is where you define key targets like recovery time objective (RTO) and recovery point objective (RPO), two important but often misunderstood terms:   Your RTO refers to the maximum time a server, application or system           can be down before it results in unacceptable damage to the business. Your RPO refers to the maximum acceptable age of the backup files that are to be used during a disaster recovery incident. This number tells you how often your data must be backed up. 
 
3. In an emergency, it is critical for everyone to know their role in advance.
 
4. Regularly updating your plan is as critical as creating it:    Your plan should be revisited and updated every time you test your DR system, change infrastructure and/or key personnel, any time an employee involved in the plan leaves the organisation or a new employee is hired who will have a roll in the plan going forward. 
 
5. Modern technology has changed that, making it easy to perform realistic tests with little to no disruption to your business’ function:    Businesses in different vertic als will have different best practices when it comes to test schedules. However, a good rule of thumb is to do a partial test monthly and a full at least once per year. 
 
6. What parts of the process (including software and other DR solutions) could be improved to make your DR process faster, more reliable, more efficient, or easier to perform? 
 
7. Now it’s time to evaluate whether you have the ideal disaster recovery solution in place and does it meet all the correct organisational needs. 
 
Quorum:         Image: Unsplash
 
You Might Also Read: 
 
Paying Cybercriminals A Ransom Will Double Your Recovery Costs:
 
 
« Russian Military Hackers Accused Of Global Campaign
India’s New National Cyber Security Strategy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Dataguise

Dataguise

Dataguise provides a data-centric security solution to detect, protect, and monitor sensitive data in real time across all data repositories, both on premises and in the cloud.

Government Communications Headquarters (GCHQ)

Government Communications Headquarters (GCHQ)

GCHQ defends Government systems from cyber threat, provide support to the Armed Forces and strive to keep the public safe, in real life and online.

enSilo

enSilo

enSilo secures customers data on premise or in the cloud. Regardless of the where the threat comes from, enSilo can protect your data.

International Telecommunication Union (ITU)

International Telecommunication Union (ITU)

ITU is the United Nations specialized agency for information and communication technologies – ICTs. Areas of activity include cybersecurity.

Nixu

Nixu

Nixu is the largest Nordic specialist company in information security consulting.

Celare

Celare

Celare delivers DPI based network perimeter monitoring solutions with integrated Big Data security analytics and threat detection.

ICS2

ICS2

ICS² is the first cyber security company focusing on protecting the control system of power, oil, gas, and petrochemicals plants.

Luxembourg Office of Accreditation & Surveillance (OLAS)

Luxembourg Office of Accreditation & Surveillance (OLAS)

OLAS is the national accreditation body for Luxembourg. The directory of members provides details of organisations offering certification services for ISO 27001.

Keyless Technologies

Keyless Technologies

Simple, secure, and interoperable authentication. Keyless offers unmatched security, privacy and usability, while reducing risk and infrastructure costs.

DH2i Company

DH2i Company

DH2i is a leading provider of multi-platform Software Defined Perimeter and Smart Availability software enabling customers to create an entire IT infrastructure that is always-secure and always-on.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.

Scybers

Scybers

Scybers are a global cybersecurity advisory and managed services company. With our deep expertise, we help our clients reduce their cyber risks with confidence.

Collabera Digital

Collabera Digital

Collabera Digital engineer the next generation of solutions that power tech-forward organizations and create an impact on people and communities.

Blackmere Consulting

Blackmere Consulting

Blackmere Consulting is a Nationwide Technical and Executive Recruiting firm dedicated to Cyber Security and Information Technology.

Cypheria

Cypheria

Cypheria harness the expertise of elite military units and combine it with extensive digital combat experience to deliver unparalleled security solutions for organizations.

Security4Media

Security4Media

Security4Media is a non-profit association set up to reduce risks and support trust in media, in the face of increasing cybersecurity threat levels.