If recent hacking scandals have taught the world anything, it’s that even some of our biggest corporations can fall prey to cybercrime. If they can, so can you.
And there are threats closer to home: a careless piece of code or something deleted in error - even when done innocently by a member of staff - could leave your website broken and start costing you money.
Then there are fires and natural disasters, which - however rare they might be - happen from time to time.
How quickly could you get back to business as usual in those circumstances? That will probably depend on the disaster recovery provisions you have in place.
Disaster recovery (often abbreviated to DR) relates to the policies and procedures put in place to ensure the recovery and/or continuation of the technology infrastructure supporting key aspects of a business in the event of a disaster.
For many businesses, this will mean restoring a server or servers to normal working order in the event of the sort of technical, human-induced disasters outlined above or a natural disaster.
In a previous blog post, we encouraged you to consider what level of unavailability would be tolerable for your website. For instance, a business consultancy with a brochure website advertising its services to clients in a single geographic market could probably be offline for an entire night without any serious or lasting effects to the business. If the same fate befell Amazon, a huge chunk of revenue would be lost, share prices would drop and the consequences would be far greater. Therefore, Amazon needs a better, more thorough disaster recovery plan than the business consultant. It needs to get back online more quickly.
Now suppose it was The Guardian that has suffered the same disaster. Just like Amazon, it serves multiple markets and would soon start to lose significant levels of revenue. But it also has the additional dilemma that its most valuable asset is its content: the articles on its website. So, it needs a disaster recovery plan that allows it to revert to a version of the website from as close as possible to the moment disaster struck to minimise the loss of any content published since the last backup was taken.
So, as with website availability, a good disaster recovery strategy depends on finding the sweet spot in which the type of recovery available tallies with the cost of your website being backed up or replicated.
As a bare minimum, you should be taking regular backups of your website and any other data stored on your server. As we’ve touched on, the regularity required will depend upon how frequently the data changes and how costly or inconvenient it would be for your business to lose a week’s worth, a day’s worth or an hour’s worth of updates.
The most expensive, but also the most effective, disaster recovery plans involved real-time backup.
Beyond that, some of the options available include:
It’s all very well taking regular backups, but if they are kept in the same place as the server and the problem is a fire or natural disaster, you will still be in exactly the same situation as if you had no backups at all. Overcome that problem by backing up to a separate geographic location.
A step up from backing up to a remote location is to host a duplicated version of your server at a remote location. This allows you to recover from disaster very quickly by simply switching to the alternative server.
Some of our most prominent clients, including those in the energy sector, rely upon their digital infrastructure being able to withstand and recover quickly from disaster. In these cases, we regularly simulate disaster conditions in order to test the infrastructure and ensure that all the correct processes are in place to cope with such conditions when they are encountered
To find the right disaster recovery strategy for your organisation, you will need to calculate the appropriate RPO (recovery point objective) and the RTO (recovery time objectives). These should be agreed with your web host or the person responsible for restoring services in the event of a disaster.
RPO refers to the tolerable levels of data loss, while RTO refers to he amount of time that is tolerable before a return to operational status.
Feel free to ask if you need advice on your disaster recovery strategy.
Get in touch
