1. business and industrial

An eerie, thick silence pervades the city, punctuated intermittently by low moans
and the occasional piercing scream. Doors are double-bolted, windows boarded-up,
protecting the few living from the undead horde shuffling through empty streets
strewn with shattered glass, blood, overturned cars… and hundreds of thousands of
smashed hard drives, smart phones and tablets. Inexplicitly, the first thing a newly
born zombie does is seek out and destroy technology, which has had the most
unfortunate effect of making virtually impossible any communication beyond
shouting distance. Perhaps from deep in the only part of their brain that survives –
the primitive basal ganglia, or “reptilian brain” – the walking dead know that our
need to communicate will finally drive us out of our hiding places – into their
staggering arms.
It’s the Zombie Apocalypse. And unless you were prescient enough to buy zombie insurance (yes, it exists), you’ll
probably be shuffling along with the undead before long.
OK. It’s a long shot. But our society’s current obsession with a world gone to hell perhaps does reveal our Great
Recession and Global Warming-fueled fears that it is possible for things to go very, very wrong.
And, in fact, it is possible. Maybe not on a global scale overnight and most likely not something that defies the laws of
biology, like zombies, but in our little corner of the world things could, indeed, go quite wrong. Just ask the thousands of
people in my hometown, Nashville, Tennessee, who were washed out by a “1000-year” flood a few years ago. Or the
thousands of people every year who lose everything in a natural disaster, whether flood, or tornado, or hurricane, or
earthquake, or volcano explosion.
It’s not every day that your office building is flooded or a tornado hits, but what if one does? How do you protect your IT
resources? What do you do first? Who makes the decisions?
How to prepare for and recover from an IT disaster
The answers to these questions differ for every business, which is why every business needs its own disaster recovery
plan. Unfortunately, because they’re often viewed as tedious and even unnecessary, many business owners never create
this important plan. Don't be one of these businesses.
You can think of a disaster recovery plan as your doomsday bunker, only instead of preparing for a zombie apocalypse,
disaster recovery plans prepare your business for IT traumas. Every plan should highlight worst-case scenarios and
provide thorough and clear instruction about “what do we do when…” happens.
Page 1 :: bytes of knowledge :: Is Your IT System Ready for the Zombie Apocalypse?
This white paper seeks to ease the pain of disaster planning by outlining the
building blocks of a good plan. It’s intended to simplify the process and
provide you with a starting point that you can adjust along the way to fit the
needs of you and your business.
Creating the Master Plan
Disaster recovery plans aren’t a one-size-fits-all model. Every plan should be
custom built for specific businesses and as detailed and thorough as possible.
Your disaster recovery plan should serve as a master plan, coverings four subparts:
 Technology planning
 Communications planning
 Personnel planning
 Testing the plan
Technology Planning
Ultimately, what you choose to include in your plan boils down to your risk
tolerance. For instance, your business’ comfort with risk may be based on the
level of importance that you place on technology and how vital it is for your
business to run.
Regardless of the severity of the potential disasters included in your plan, a
true IT disaster recovery plan should account for data disasters, software
disasters and hardware disasters.
What type of disasters
should you plan for?
When thinking of disasters that
could harm a business, many
people only think of major natural
disasters like floods, fires,
earthquakes and tornados. What
they often forget to consider are
the more common day-to-day
disasters, such as power outages,
lost Internet connectivity, and
failure of vital Customer
Relationship Management (CRM),
inventory and e-commerce
systems. Even the seemingly small
issues, such as no Internet
connection, can cause businesses to
shut down temporarily, affecting
your clients’ projects and therefore
putting your business at risk.
There are many potential cause of disasters, including hardware failure, software failure, human error, and power
outages, as well as natural disasters like floods and tornados. These calamities can cause issues, such as:
 Internet failure
 Email failure
 Lost or temporarily unavailable customer databases, CRM, e-commerce and inventory systems, accounting software,
employee timesheet programs, etc.
 Damaged hardware, resulting in loss of irretrievable data and software
Fortunately, some of these problems are easily fixable as long as you have backup redundant systems in place, and one
way to do this is to set up dual Internet connections. The more redundancies you build into the system, the better. For
example, building in two power lines and two Internet lines provides a safeguard against minor issues from becoming
disasters.
Who should be involved in the planning process?
Key personnel from business and IT/operational sides should drive the recovery team, such as:
 A technology expert. If this person doesn’t work with your company, you should also have someone internally who
understands your technology—at least to a certain degree.
 The CEO or COO. They will help overlay important requirements of the business, such as benefits and dangers.
 Someone in charge of the company’s money and budget. You’ll need someone to evaluate the information and determine
what must be included in your plan for it to outweigh any next-best alternatives.
 Any operations or key players in your organization. Someone needs to be there to make sure that what you’re trying to
replicate serves the same operational purposes and needs as those currently in place.
Page 2 :: bytes of knowledge :: Is Your IT System Ready for the Zombie Apocalypse?
There are three options when backing up your information and programs:
1) back up locally within your office using a hard drive or external
source that gets taken offsite daily,
2) back up to an offsite location, or
3) back up to the cloud.
Which you decide to use may depend on how vital the data and files are to
running a successful and smooth operation.
To protect your IT resources from “total disasters” like fires and floods,
consider backing up your data, software and hardware offsite. For example,
you can upload your files to an Internet server that keeps them offsite but
available for use. Or, you can set up a duplicate server in the cloud, which
allows you to access the files from or anywhere. Every business should also
have email continuity services, which hold the last 30 days of your email so
you can access them at any time, even if you don’t have replication services
yet.
During disasters, you’ll want to keep your core business functions up and
working. Depending on your business, you may be okay working offline for a
little while, but in the case of physical disasters, it’s best to have a
technology communications plan in place to keep the business operational.
Communications Planning
After you’ve listed out all worst-case scenarios in detail, you need to
consider a communications system to put in place for when disaster strikes.
You’ll need a designated person in place for employees to call and report
any disaster to. This person should be prepped to know how to respond to
any emergency outlined in the plan, what actions to take and who to reach
next.
Questions to consider:
 Who has the resources to be this contact?
 How will employees reach him?
 What if the cell networks are down?
 Who will employees reach if the designated contact has left the
company since you’ve updated the plan?
 What if the main contact is unavailable?
o You should have a cushion—three to four total contacts—so that
there’s no problem getting in touch with someone who is well versed
on the next steps to take.
Technology Planning:
Covering the Basics
To determine the bare minimum
that must be covered in your plan,
ask yourself a few of these
questions:
 What’s at stake?
 What is the next best alternative and
do the outcomes outweigh those of
creating a plan?
 How long can we have the business
or our clients without service?
 How important are our business
applications? Which ones are the
most critical to our business?
 What is really required for us to do
business?
o Is email critical for us? Are we able
to serve clients or customers
without it?
o Is our database of customers
critical to keeping business
running? What about our
accounting/payroll systems?
o Do we have systems that
communicate logistics, sales, and
inventory or that send information
between applications that rely on
the Internet?
 What’s our budget? The more
complex and holistic the solution,
the more expensive it will be. The
solution needs to be the right size
for your company. However, it’s
important to note that investing a
little money now may save a lot of
money—or even your business—
down the road.
Personnel Planning
If your building catches on fire, how are you going to reach your employees and clients? You should have everyone’s
home and cell numbers in addition to their email addresses so that you can increase your chances of reaching them. Let
them know what happened and where they are expected to report for work. Depending on your company, you may
need to consider an offsite office location where employees can work remotely during business down time. What
computers are they expected to work with? What should they tell their clients? These are all questions that you can
answer ahead of time in the plan so that there is no confusion when an actual emergency takes place.
Page 3 :: bytes of knowledge :: Is Your IT System Ready for the Zombie Apocalypse?
Testing the Plan
For the plan to be successful, it’s essential to test it on a regular basis. If you don’t, or if you wait too long between tests,
no one will remember what you need them to do. How often you run the tests depends on your risk comfort, but it
should be somewhere between once a quarter and once a year. It’s all driven by what’s at stake.
To test the disaster recovery plan, first determine the type of testing necessary. There are a few levels of testing,
including walkthrough, checklist, simulation and full interruption tests.
When you’re ready to run a full interruption test, turn off all of the systems and then turn them back on. The recovery
team should log events throughout each test drill to help evaluate the results. The process should provide feedback to
ensure that the plan is adequate and effective. If the results suggest otherwise, the disaster recovery team should assess
the results and take recommendations from team leaders to improve and modify the plan. Once modified, test the
changes to make sure they are successful.
Summary—how to prepare for and recover from an IT disaster:
1) Determine who should be part of the planning and recovery stages
2) Sit down with the recovery team and devise a list of worst-case “what if” scenarios
3) Devise a master plan, which should include each of the following:
a. Technology planning
b. Communications planning
c. Personnel planning
4) Test, test, test
It’s bound to happen—your business will face some sort of disaster situation. It’s just a matter of what type, when and
how severe. No disaster is predictable, so to ensure you’re prepared to handle any emergency, it’s essential to have
some sort of well thought out plan in place.
Julie May – CEO, bytes of knowledge
bytes of knowledge is a Nashville company specializing in web, mobile & software dev, brand support, social
marketing, digital elearning, business strategy, network design & maintenance, and entrepreneur consulting
www.bytesofknowledge.com | 615.383.9005
Page 4 :: bytes of knowledge :: Is Your IT System Ready for the Zombie Apocalypse?