Skip To The Main Content

What to include in a disaster recovery plan


While you’re out building your business, disaster recovery might be the last thing on your mind. No matter how robust your security is, small to medium-sized businesses can be susceptible to all kinds of threats; some mild some moderate, and some severe enough to bring all your operations to a screeching halt.

Some perils come from the outside world, and some can actually come from within your organisation. Some are deliberate and some accidental, and some you may have absolutely no control over whatsoever. These can include cyber threats from malware, viruses or ransomware; equipment damage from electrical surges, storms or flooding; site loss due to an act of war, earthquake or other natural disaster; or unexpected loss of key staff members for any reason.

To protect yourself and your business from these potential threats and others, having a comprehensive disaster recovery or business continuity plan in place can help you get back up and running, no matter what happens. 

If you’re unsure of where to start, here are several key issues that should be addressed in your disaster recovery plan:

Safety first

Remember, the most important thing is to keep your staff safe from harm. Devise an evacuation plan and run drills periodically so that all personnel are aware of the procedures. Being prepared means less anxiety when disaster strikes.  

Physical location

If you lose access to your physical location for any reason, alternate solutions should be available until the issue is resolved. These can include staff working from home or moving operations to a temporary location. 

IT infrastructure and equipment

Your IT recovery plan should address two main components: equipment and data. If your computer equipment, servers and other IT hardware is damaged or beyond repair, ensure that you are able to locate sufficient replacements. Make lists of models, makes and manufacturers and compile lists of suppliers that can replace what you have lost. 

Your data is irreplaceable. Have a backup available in place at all times, and follow the 3-2-1 rule – there should always be three copies of your data stored on two different types of media, and store one copy offsite for security. 


This encompasses not only your phone systems but every possible way your customers communicate with you, and how staff communicate with each other. 

Things you can do include re-routing telephone calls to mobiles; accessing business email through cloud servers; and keeping website systems up and running by hosting on a cloud platform or through proxy servers that are not dependent on any one physical location. 

Plan ahead

Know how long it will take to implement necessary workarounds. Go through each step of the recovery process and estimate the time it will take to resume normal function. This will provide your workforce as well as your customers with a realistic framework as to when you will be back to business as usual. 

Work together

When designing your disaster recovery plan, assign specific tasks to specific personnel, and ensure that everybody involved knows who is responsible for what. By distributing the workload among several individuals, your business continuity will be accomplished much more efficiently. 

When disaster strikes, having the confidence to spring into action immediately can mean all the difference. Every moment your business is incapacitated is reflected in your revenue, and mitigating this loss should be of the highest priority. 

A workable disaster recovery plan starts with a conversation. Develop your plan with input from your key personnel. Detail each step and assign duties to ensure an expedient process but, above all, don’t delay. 

Roy Castleman is the founder of Prosyn IT Support