We don’t expect the worst to happen – “That’ll never happen to us”. But there’s nothing more frustrating than being caught out by forces out of your control.

Damage from a fire or flood, a power cut or a cyber attack can suddenly render your business inoperable.

It’s reported that between 40-60% of small businesses that suffer a disaster never open afterwards. In fact, 90% of small businesses that don’t reopen within 5 days of a catastrophe fail within 12 months. Yet, despite the risks, 20% of businesses don’t have any disaster recovery planning in place. (Source: FEMA)

It is crucial that small business owners create and regularly assess a disaster recovery plan, so we’ve put together some simple steps to creating a solid template.

Already have one? It’s not enough to just have a disaster recovery plan!

Many small businesses that do take the time to create a disaster recovery plan, fail to allocate regular time to reevaluate it. Your business isn’t static, it’s evolving and growing, and so should your disaster recovery plan. It needs to be updated and tested regularly.

Are there any preventative measures you can take?

Clearly there isn’t much you can do to prevent a freak storm or accident. However, when it comes to cyber security there is a lot you can do to reduce the chances of an attack being successful. For starters you can make sure everyone is running an up to date operating system, using secure passwords and WiFi connections and has reliable antivirus software installed – take a look at our Managed Antivirus service, or take advantage of our in-depth and free IT Health Check.

And of course, having up to date backups of your business data is an absolute must! 

Backing up is essential to business continuity in more ways than one. Constantly backing up your data is an absolute must, and will help your business recover more quickly in the event of a natural disaster or cyber attack.

Putting together a comprehensive Disaster Recovery Plan

Should the worst happen, although stressful, you’ll be glad to have a clear plan for everyone to follow.

1. Create an emergency response plan

When disaster strikes, what’s the first move? What steps should you and your team take in the event of an emergency to stay safe? Next, it’s important to decide what employees should do to prevent the loss of assets, inventory, and data. There should also be a protocol of who to contact and in what order, including the authorities, yourself, and your security team (if you have one).

2. Develop a business continuity plan

Business impact analysis (BIA): The goal of a BIA, conducted before a disaster occurs, is to better understand the effects of a disaster on your business. For example, what impact will there be as a result of certain types of disruptions? How will the timing of a disruption affect sales?

Recovery strategies: Based on your BIA, identify and document the resources necessary to lessen the impact of a disaster (e.g. data backups, duplicates of important records, backup power sources) and conduct a gap analysis to understand what you need compared to what you actually have.

Plan development: Develop a framework for your plan, including assigning responsibilities to team members, having an inventory of equipment and devices and developing workarounds for issues that arise as a result of loss of IT infrastructure.

Testing: Regular testing of your business continuity plan is essential. If testing reveals a weakness in your plan, tweak it and re-test until you’re satisfied that your business will be able to resume operations quickly.