5 Steps to a Brilliant Incident Response Plan
September 21, 2016
Making an incident response plan and choosing disaster recovery services are much like getting insurance. You hope for the best (we’ll never need this!) and you plan for the worst. As stated in an earlier post, “only a comprehensive offsite backup replete with a tested and proven disaster recovery plan can get you back to business”.
The success or failure of an incident response plan is actually determined before the first sign of trouble is noticeable. How well your team can respond to an outage or disaster is directly related to how well you planned for the actual emergency you must face. Here are the actionable steps for creating an incident response plan and establishing disaster recovery services that do what they’re supposed to when the time comes.
Companies commonly confine incidence response and disaster recovery to the IT department only. In actuality, incidents that lead to any measurable downtime, as well as a disaster recovery process, are company-wide issues. Plan for a company-wide response. Make sure the operations and production teams know their responsibilities, as well as the support staff, such as the finance team, R&D, quality control, and other departments that are affected by IT downtime (which means all of them).
2. Establish Roles in the Recovery Process
It’s simply impossible to imagine beforehand what kind of incident or disaster might strike and exactly what the severity will be. For instance, preparing for a minor infiltration of some mid-level malware is quite different from a major hack to your business’ power company or a fire inside your data center. Since you can’t plan for every single potential problem, set roles for the recovery process. These people are in charge of recovering this database, those people are responsible for getting this application back up and running, still others are supposed to remain in contact with first responders, partners, or customers. This way, your disaster recovery services will naturally and automatically scale to the disaster and level of difficulty of any given situation.
3. Set Security Standards for the Recovery Period
A little-known fact about downtime is that executives are not screaming about data security. They’re in the ears of the disaster recovery team, demanding to know how quickly productivity can be restored. That means that security won’t be on the forefront of anyone’s mind at the time, so you’d better address this beforehand with smart disaster recovery services and planning. Establish what security measures and protocols will be put in place during the recovery process. This keeps you from having a bad situation turn to worse before you can make it better.
4. Check Out Alerts Even When They Seem Insignificant
Any incident response plan or disaster recovery service is more effective and efficient if the problem can be stopped when it’s little instead of after it escalates into a full-blown event, complete with downtime. Don’t ignore those small, seemingly benign alerts. Sometimes a slow-running system is an early indicator of a larger problem, such as a malware infection. Never discount an alert or notification until you’ve thoroughly researched it, identified the problem, and fixed the issue.
5. Determine a Minimum Recovery Goal
Your disaster recovery services may not always be able to restore 100 percent of your data. During a significant event like fire, flood, or massive data breach, it is possible that some data gets lost or corrupted and simply can’t be recovered completely. Set a minimum recovery goal, so that you can engage the recovery process wholeheartedly until you reach the threshold established. After that, services are restored and productivity is back to normal. Then your disaster recovery team can take its time restoring non-essential services, data, and applications.
Are you aware of everything that goes into today’s incident response and disaster recovery services? Learn more about cyber security now when you buy the e-book: ‘Easy Prey: How to Protect Your Business From Data Breach, Cybercrime and Employee Fraud’.
Subscribe now and stay up to date with News, Tips, Events, Cybersecurity, Cloud and Data Compliance.