Disaster Recovery and Continuity plans. What lessons have we learned from Covid-19?


One of the main lessons learned from the current Covid-19 pandemic is the necessity of having a Disaster Recovery and Continuity plan.  Every business owner should ask him/herself, “What resources, help and plans do I need to keep the business operational during and after a major disaster? Whether it is manmade or otherwise.”

We have always thought of a disaster as server crashes, Act of God disasters (such as fire, flood or an earthquake), cyber-attacks and even act of terrorism.  In a majority of cases, they mainly affect the equipment and not the people on a large scale such as a pandemic. But now, we have seen firsthand that a pandemic virus can not only cripple a business operation, but also cause a worldwide interruption of supply lines and even shutting down some businesses or lines of business for good.

The lesson is, if businesses want to survive and ensure a smooth recovery process and continuity of business operations, it is critical that they do a risk assessment and develop a recovery of services strategy with disaster recovery and business continuity plans. In addition, business continuity plans should include provisions for employees as well as systems. The plan should specifically cover areas such as:

  • Technology – (Server, storage, backup). How can businesses ensure data backup plans or recover lost data in the shortest time?
  • Manpower – What safeguards and safety procedures can they implement for their employees?
  • Operation – How long can you be down? Who are the essential people? Can they work from another location? How to inform clients about your limited service capability and how to keep the communication lines open?
  • Infrastructure – Internet, Water and Power, & phone outages- implementing redundancies.
  • Vendors – Their availability and resources during the crisis and what to expect from them?
  • Contracts with clients and Vendors–   Are there clauses for these type of circumstances?  What should be an acceptable expectations and availability?
  • Cash flow- The money needed for having the operation running and paying the employees and vendors until the crisis is over.  Knowing how to contact resources such as banks and FEMA and others.  

Nowadays, because of heavy dependence of businesses on technology, it is recommended that businesses focus on IT redundancy. To prepare, companies should invest money and time in the following resources to help ensure a smooth recovery process following any type of natural or man-made disaster:

  • Continuity of business operations – Implement remote access infrastructure that are capable of supporting the entire workforce (VPN devices and licenses, high-speed internet lines to the organization, laptops and/or on-site servers to host user connections).
  • Cloud- Think of migrating your on premise server and applications to the cloud. Mainly, because it has many built in Disaster Recovery features
  • Ensure resources are available – Ensure proper access to necessary resources at the office even when employees are remote (This may mean needing additional firewall rules to permit VPN users to get to the systems; often these rules are separate from what exists on-site).
  • Keep employees online – Offer mobile hotspots for remote internet access in case employees lose power or don’t have available connectivity.
  • Ensure constant communication – Educate users on how to access resources and make available the instructions and contact information for them to request technology assistance. This material should be accessible offline, as well, in case they can’t connect to the company networks.
  • Allocating additional IT resources to the employees working from home.  Especially if they are using their own devices.

Based on our recent experience, employees should also be planning in advance for a major disaster by establishing the following best practices:

  • A comfortable and quiet space to work from home
  • A reliable and up-to-date computer and high speed internet and peripherals such as printers and scanners
  • Routine, periodic testing of remote access – this way any bottleneck is taken care of. 
  • Considering security and safety- when it comes to accessing the host computers and servers, these practices should be continued: changing passwords regularly; not leaving the computer on connected while in not use; security compliance guidelines with respect to sensitive data

If you have any questions or help developing and implementing a Disaster Recovery and Backup plan, please call us at 818-501-2281 for a free consultations.

For over 32 years, CEO Computers has assisted many small businesses in the Southern California area with their IT support needs.

Posted in IT Blog