What are some best practices for disaster recovery approaches?

13.3k views1 Upvote7 Comments

VP of Global IT and Cybersecurity in Manufacturing, 501 - 1,000 employees
Strictly DR or DR, BCP?

Understand, clearly document what the business RTO/RPO are before you start. 

Would also recommend a BIA and Risk assessment. 
1 1 Reply
CISO in Software, 201 - 500 employees

Agree, Business owners have to understand importance and meaning BIA, RTO/RPO.

VP of Information Technology in Services (non-Government), 11 - 50 employees
Continuous testing restoring to a staging environment to ensure recoverability. The last thing you want to do is find out there is a flaw when you need it restored to production. 
Founder/CTO in Hardware, 11 - 50 employees
First you need to do a BIA and make sure you understand which systems are critical and which ones can wait. They you build out a plan for what do you do in case of a failure. This includes backup's, how to rebuild environment, testing, network, etc. Lastly, you need to do a paper walkthrough like you have had a disaster and validate that you can rebuild the environment(s). My teams use to do a paper walkthrough minimum each year and I asked for a real one as well. We rebuilt it in a dev/test environment to ensure backups were accurate etc. You should have a formal DR document that describes the process, what systems come up first etc. I can say if you do these things and do the testing if will pay off if you have a disaster. 
Assistant Director IT Auditor in Education, 10,001+ employees
The only certain way to know if your DR environment can function seamlessly, is to run the DR site as the production site once or twice a year.  One company I worked for would shut down their primary site and run the market from the backup site, twice a year for two weeks. I know most companies cannot afford this cost, but it is one way to get almost absolute assurance that your DR site will run and function as intended when you need it. This also depends on the criticality of your business, the impact to your customers and your reputation in the market place of being reliable.
Director in Manufacturing, 1,001 - 5,000 employees
Absolutely need to have full tests.  Agree with other posts on BIA's etc, but once that is done, table top exercises help you be successful, but unless you start a recovery from scratch, you won't uncover what you are truly missing.   And don't use your top talent on the test.  Top engineers can figure out the problems and make the leaps between gaps in the documentation.  
Vice President of Information Technology in Finance (non-banking), 501 - 1,000 employees
Backups, redundency, replication, contingency plan, all off-site

Content you might like

The data19%

The people46%

The processes25%

The policies7%

I wish I knew4%


6k views7 Upvotes6 Comments

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
39.8k views130 Upvotes318 Comments