What do we need to consider in developing a disaster data recovery plan?

First the disclaimers. Disaster Data Recovery Plans need to be tailored to the specific computing environment. In the small and midsize business market your IT professional is the best person to evaluate your specific situation. A good publication to read is the National Institute of Standards and Technology (NIST), Special Publication 800-34, Contingency Planning Guide for Information Technology Systems.

Studies have shown that ignoring disaster data recovery planning can be hazardous to your businesses health and survival. We never know when we might loose our data to a lightning strike, a fire, a flood or to simple hard drive failure. The data recovery business has grown helping companies and individuals recover data they never expected to loose.

Steps small and medium size businesses can take to prepare for a data loss disaster:

Concerns if your facility is unavailable

  • Who is responsible for creating the data recovery plan?
  • Where would you and your employees work if your office were damaged?
  • How quickly could you acquire replacement equipment and furniture for your staff?
  • Do you have any critical applications that are not compatible with current generation operation systems?
  • How would you restore key applications such as your accounting system?
  • How quickly can you switch internet and phone to you new (or temporary) location?


  • Where are your key data files located?
  • How these files are backed up?
  • How often do you back up key files?
  • How do you determine that the backup has run correctly?
  • How often do you verify and test the restoration of these files?
  • How often does the back up media go offsite?
  • How often do you replace your backup media?

Physical security

  • How do you protect data backups against loss or tampering?
  • Who has access to your company's technology assets?
  • Are your technology assets locked up to prevent tampering?

Protecting your Computers

  • Are your computers protected by battery backups?
  • Do you have antivirus and anti spyware programs running?
  • Are your antivirus and anti spyware patterns up to date?

Follow these steps to reduce the risk of extreme data loss, and prevent the need for data recovery from a natural diaster event.