BCDR: Business Continuity vs. Disaster Recovery
Can your business continue operations and function in a time of distress or disruption? Natural disasters, cyberattacks, power outages, or even communication failures. This is a proactive response to potential threats. A BCDR device regularly backs up servers and allows you to create virtual instances from those backups. With this technology in place, a business can be quickly switched over to operating from virtualized backups and continue as normal.
Virtualizing your server with a BCDR device helps with more dramatic disasters that force your organization to transition partially or fully to a remote work situation. Since business continuity is proactive, careful planning is necessary to adequately prepare.
What does your business rely on when business continuity cannot be maintained? Disaster recovery deals primarily with the restoration of functional business operations.
Say a transformer blows, preventing you from accessing your office workstation. Your disaster recovery plan informs all relevant parties on how to re-establish access to applications. This might involve sending your employees home and switching to a redundant cloud-based server while you wait for restoration.
Creating Your Business Continuity & Disaster Recovery Plans
Consider the different scenarios that could impact business operations.
Your organization has unique ways to respond, so your plan should think about on and offsite. Consider the plan at a local, regional, and national level. If local, would you still be able to access office resources temporarily? Do you have a backup source for internet and telecom access? What if a regional or national issue, such as a pandemic, were to displace your employees from their workstations?
Finally, conduct an analysis of your IT infrastructure. This will help determine which resources you need to keep things operational.
Business Continuity Planning
- A Threat Analysis — should include potential disruptions as well as the damage they could cause to affected resources.
- Role Assignments — A well-defined chain of command that takes the absence of critical staff.
- Communication Strategy — how important information will be distributed in response to the incident and after.
- Your Backup Plans — detail where your backups are being stored, how to access them, and any cloud servers that can substitute.
- Infrastructure and Hardware Solutions — what is necessary to maintain business continuity and how would you respond?
Disaster Recovery Planning
If disruption of daily operations is unavoidable, your organization needs to know what to do to get back to normal. When determining the particulars of your disaster recovery plan, define your recovery time objective (RTO) and your recovery point objective (RPO).
RTO - Recovery Time Objective
Recovery Time Objectives are targets for how quickly your business should be back to normal operation after failure. This is how long your business can tolerate downtime. Conduct an assessment of how operations work and identify what critical tasks can still be done even in the event of a disaster. Different components may require different RTOs since some systems take longer to restore.
If your wi-fi goes out, it may only take minutes to restore. How long would it take to restore the loss of internet access at the office? Your organization’s answers will help narrow down RTOs and generate a sufficient disaster recovery plan.
RPO - Recovery Point Objective
Recovery Point Objectives are targets for what you should be able to restore your systems to after failure. Your RPO clarifies how current your data restoration needs to be. For example, if a business’s most recent copy of data available after an outage is from 18 hours ago, and the target RPO is 20 hours, then that copy would fall within the parameters of their target RPO. From a disaster recovery perspective, your main focus should be the systems and infrastructure.
Who Should Take Care of BCDR?
The person in charge of creating your BCDR plan ought to be the CTO or CIO since they’re the people who know most about your company’s technology capabilities and needs. If your business doesn't have those roles filled, you can get an augmented version of a CIO with our Managed IT services.