Data can be considered the most valuable asset for many companies and the loss of this data can mean serious consequences. If you are a Managed Services Provider (MSP), it’s very important to offer proven, tested methods when it comes to business continuity and disaster recovery solutions.
Business continuity (BC) and disaster recovery (DR) planning is critical for companies of all sizes, especially SMBs. However many SMBs do not have a full-time IT staff on hand and rely on MSPs to provide them with comprehensive data recovery plans and systems in case IT hits the fan.
Here are a few steps to consider in relation to BC/DR.
1. Plan, plan, plan…and plan some more
Seems obvious, right? Any good business should plan for disasters. Surprisingly, very few businesses do – and those that do have plans in place, they are often times not nearly as comprehensive as they should be. Plan what you are going to do if your client’s business is disrupted by a natural event, major outage or any other number of disasters that may affect daily business operations.
It’s also important that you have contingency plans in place with your vendors and clients alike. Make sure your plans are clearly communicated BEFORE something happens so all parties that are impacted are not caught off guard. This should all be taken care of in your Service Level Agreement (SLA).
In short, have a detailed plan and communicate it well. Your customers will have great peace of mind as a result and it could be a fantastic selling point to differentiate yourself from the competition.
2. Test the plan
Don’t put a plan in place then hope it works when the time comes. You need to practice it and test it quarterly so you are at the ready. Good data center providers will actually run their production data center on their backup power sources on a regular basis to ensure everything works as advertised.
You need to do the same.
If the time comes, your customer’s business may depend on how well you are prepared.
Testing frequently will also allow you to stay well versed in your BC/DR plan, so that if a crisis does come up, you will be able to work through the plan efficiently.
Once again, communicate clearly with your customers BEFORE anything happens. If they are aware of the process and can be ready themselves for some of the impact it might have on their business, they can rest easier. Let them know when you are testing your systems as well so they can alert you and your staff to areas that may need tweaking. Treat them as a partner and you will help your own efforts in the long run.
3. Ensure That Your Vendors Can Support Your Failover Objectives
I mentioned before about data centers and their testing. Make sure your data center or your data center provider has redundancy in power, connectivity and more. If you are utilizing disaster recovery services through those providers, make sure you are aware of their capacity to deliver in case of an emergency.
Do your homework and due diligence before choosing your partners, so that your clients don’t suffer as a result.
4. 24/7 Availability Is Critical
It’s almost impossible to predict when a disaster might strike. If you do find yourself in a crisis, communication is critical for all sides of the equation. It’s impossible to guarantee uptime 24/7, but you should be able to reach someone 24/7 – and your clients expect the same.
Are your vendors available around the clock? Are you prepared to have your staff in place at any time disaster may strike, even on the after hours shifts? Outsourcing your help desk may be an option to help you accomplish this.
Communication is key in any disaster scenario. Uptime is never guaranteed, but make sure you have the right systems and people in place so that you can effectively communicate with everyone you need to at all hours of the day.
5. Establish and Communicate Your RTO and RPO Goals
The Recovery Time Objective (RTO) is the duration of time within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity.
The Recovery Point Objective (RPO) is the maximum tolerable period in which data might be lost from an IT asset or service due to a major incident.
Your RTO and RPO are key objectives that you must establish with your clients in order to manage all expectations. It’s important that everyone is on the same page and are all comfortable with the RTO and RPOs set forth.
As with all of these tips, the RTO and RPO should be established BEFORE any disaster strikes.
The bottom line when it comes to BC/DR is making sure you’re fully prepared and have established the right communication channels. As an MSP, you’re responsible for providing the necessary steps to minimize losses to your clients in the event of a disaster. There’s no telling when something might go wrong and what the issue might be. The best thing you can do is plan for the worst, and to make sure that you, your team, your vendors, and your clients all know what steps need to be taken in the event of a data crisis.
Have you ever saved the day from IT hitting the fan with your BC/DR plan? We’d love to hear about what you did in the comments.
By Gretchen Hoffman