The Disaster Recovery Plan

In my last article, “Where Recovery Begins,” I discussed the importance of prioritizing your critical data. Businesses need to determine what data they would need immediately to continue functioning after a disaster or loss of corporate data. Once the business defines the significance of all of their data, they can begin to develop their disaster recovery plan. A properly structured plan is comprised of three components: data, communication, and people.

data recovery concept


The most common type of disaster recovery is the retrieval of lost or destroyed data. A business can’t function going forward if they can’t retrieve their critical data after a disaster. Here are some steps to follow when developing your data recovery plan:

  • Backup options: Company data should be securely backed up offsite and available for recovery at any time. An excellent way to do this is via online backup whereby a company’s data is backed up each night and stored far away from the company’s location.
  • Delegate: Determine the person responsible for the data backup plan. They must check that the backups are running smoothly and tested regularly.
  • Dress rehearsal: Practice a recovery process every few months to ensure that everything runs smoothly. Make sure that the data that is stored is easily retrieved.
  • Check the location of your critical data: Make sure you know where the critical data is stored at your company. If people store their data on their desktops instead of the file server, make sure all desktops are backed up.

Contact and Communication

Assume that your normal methods of communication during a disaster or emergency will not be functioning. Instead, consider alternative communication vehicles:

  • The alternatives: Should your office phone lines be down, you might want to consider using AOL instant messaging and/or Skype. Make sure that everybody in your company has each other’s cell numbers.
  • VOIP/Virtual: VOIP and virtual phones are useful in situations when access to a central physical location is not possible. These services allow you to forward office lines or even create virtual lines that can be accessed from anywhere. They are practical for fielding incoming calls from clients. We once used Grasshopper as our failsafe phone system. If our phones went down, we would be able to immediately forward our calls to Grasshoppers 800 number which would then forward our calls to our personal cell numbers. Now we use M5net and it works great for our VOIP needs.
  • Contact lists: It is very important to have both a physical contact list of clients and vendors as well as a virtual copy stored on an online storage site where you can access it from anywhere (LockYourDocs or VSafe, LockYourDocs is part of my company just to ensure full disclosure). Having your contact list on your unavailable file servicer is useless during an emergency.


It is imperative that your employees know where to go and what to do if your office or computers are down. Here are some roles and functions you should designate:

  • Identify the critical functions and determine who will fill them. For example, who will contact clients and handle the insurance?
  • Determine rendezvous points for evacuation scenarios.
  • Designate and prepare for alternative working sites and suggest remote work facilities for a temporary period.
  • Distribute the plan to all employees and upload a copy where it can be accessed by everyone.
  • Put a copy of the plan somewhere that won’t be affected by data failure or office evacuation. Do not put the lone copy on the server.
  • Share the plan with all new hires as part of their company introduction. In addition, review the plan with all employees on a quarterly basis.

All businesses experience some kind of data failure or emergency situation. It’s just a matter of time and magnitude. Most people don’t think it will happen to them, but all it takes is one small instance to ruin a company. The best protection against such a scenario is a well thought-out plan that’s been tested and communicated to everyone. Make sure  you are prepared.

Disaster Recovery Photo via Shutterstock


Jennifer Walzer Jennifer Walzer is the CEO and Founder of BUMI, an online backup and recovery provider that serves over 500 businesses. Jennifer has been featured in numerous national publications such as The Wall Street Journal, New York Times, Daily News, Money Magazine, New York Enterprise Report and Crain’s New York Business. In 2010, she was selected as a winner in the Best Entrepreneur category in the 7th annual Stevie Awards for Women in Business.

8 Reactions
  1. Your point about doing a dress rehearsal can’t be emphasized enough. That process will show you where you’re backup is insufficient and the difficulty of the process may lead you to consider a more robust solution (with tech support).

  2. To me, nothing is more important than backing up your data! I love DropBox as a storage method as it gives everyone in your office access to shared information and also backs everything up in case of emergency.

  3. Thank you for including the people component! I would like to add one thing to your list, which is housing for your critical personnel. Companies spend a lot of time, money and other resources finding off site workspace, but many/most of them either overlook or underestimate the need for safe, guaranteed housing in the new location. If employees can’t get to work at the temporary site, then how are critical tasks accomplished, and what are the costs? Business and service levels can suffer, resulting in both hard (actual dollars) and soft (reputation, morale, duty of care, employee attrition, etc) costs.

    Contracting with hotels is a much more complex process than people may think, especially when it’s on a contingency basis. There are more than 60 negotiable items in a typical group block contract with a hotel, for example, and putting a business continuity spin on that contract requires additional language that addresses this specific need. However, for organizations that make housing a part of their plan, it can be an efficient, cost-effective task that reduces risk and increases likelihood of a plan’s success if/when it’s actually put to the test.

    Thanks for a great article!

  4. @Karl Walinskas, One point I’d add is not to confuse cloud file sharing services with cloud backup. There’s value in file sharing for fostering collaboration, but it’s important that SMBs do not rely on file sharing services as their primary form of backup. The reason, file sharing is not designed for disaster recovery. A backup solution, on the other hand, can back up not only files, but also applications that need to be recovered in the event of a disaster. SMBs need to consider more than just files when they are making decisions about which backup solution to use. You may find this blog post about common SMB DR mistakes, penned by a network manager at an SMB, insightful as well:

    And, Jennifer, thanks for sharing your thoughts on DR and getting the conversation rolling.

    Chris Halcon

  5. We have been going through a refresh of our BCP recently. Our next step is a real test, where we demonstrate each piece of the plan.