BCDR: Business Continuity vs. Disaster Recovery

Disaster Recovery

What does your business rely on when business continuity cannot be maintained? Disaster recovery deals primarily with the restoration of functional business operations. 

Say a transformer blows, preventing you from accessing your office workstation. Your disaster recovery plan informs all relevant parties on how to re-establish access to applications. This might involve sending your employees home and switching to a redundant cloud-based server while you wait for restoration. 

Creating Your Business Continuity & Disaster Recovery Plans

Consider the different scenarios that could impact business operations.

Your organization has unique ways to respond, so your plan should think about on and offsite. Consider the plan at a local, regional, and national level. If local, would you still be able to access office resources temporarily? Do you have a backup source for internet and telecom access? What if a regional or national issue, such as a pandemic, were to displace your employees from their workstations? 

Finally, conduct an analysis of your IT infrastructure. This will help determine which resources you need to keep things operational. 

Business Continuity Planning

• A Threat Analysis — should include potential disruptions as well as the damage they could cause to affected resources. 
• Role Assignments — A well-defined chain of command that takes the absence of critical staff.  
• Communication Strategy — how important information will be distributed in response to the incident and after. 
• Your Backup Plans — detail where your backups are being stored, how to access them, and any cloud servers that can substitute.
• Infrastructure and Hardware Solutions — what is necessary to maintain business continuity and how would you respond? 
  
  
  

Disaster Recovery Planning

If disruption of daily operations is unavoidable, your organization needs to know what to do to get back to normal. When determining the particulars of your disaster recovery plan, define your recovery time objective (RTO) and your recovery point objective (RPO).

RTO - Recovery Time Objective

Recovery Time Objectives are targets for how quickly your business should be back to normal operation after failure. This is how long your business can tolerate downtime. Conduct an assessment of how operations work and identify what critical tasks can still be done even in the event of a disaster. Different components may require different RTOs since some systems take longer to restore. 

If your wi-fi goes out, it may only take minutes to restore. How long would it take to restore the loss of internet access at the office? Your organization’s answers will help narrow down RTOs and generate a sufficient disaster recovery plan.

RPO - Recovery Point Objective

Recovery Point Objectives are targets for what you should be able to restore your systems to after failure. Your RPO clarifies how current your data restoration needs to be. For example, if a business’s most recent copy of data available after an outage is from 18 hours ago, and the target RPO is 20 hours, then that copy would fall within the parameters of their target RPO. From a disaster recovery perspective, your main focus should be the systems and infrastructure.

Who Should Take Care of BCDR?

The person in charge of creating your BCDR plan ought to be the CTO or CIO since they’re the people who know most about your company’s technology capabilities and needs. If your business doesn't have those roles filled, you can get an augmented version of a CIO with our Managed IT services.