January 2017

3 Components of an Effective Data Recovery Plan

You’ve probably got a data recovery plan in place; most companies do. However, do you enforce that plan so that it can actually deliver, in the event of a disaster or other service interruption? A plan without enforcement isn’t much of a plan. What your company needs is a strategy to implement and enforce that well-crafted plan. The effort and investment of such a strategy will cost is far less than the cost of having to replace lost documents or rectify a security breach.

Here are three components of an effective data recovery plan that goes beyond the “set it and forget it” plans of yesterday.

1. The Data Lifecycle

The first component you need is full knowledge of your documents lifecycles, from creation to destruction.
Determine what each important document is and where it will be located to minimize legal risk, regulatory compliance risk, and the annual cost of data management and storage.

The follow-through comes when you appoint an individual or committee to move the plan forward in every department of your company that is involved in that data lifecycle.
These people will include everyone from administrative assistants that work with, or create, the data to CEOs. It will be up to each department to determine the data for which it is responsible on a regular basis.

2. Accessibility

Data should be organized in a user-friendly way so that it can be accessed as quickly as you need it — and sometimes, that is pretty quick.
A detailed retention plan will help you ensure proper data organization.

Determine which documents are necessary and how long their operational, regulatory, and legal lives are.
You will be dedicating a valuable portion of physical and virtual space to these documents, so choose wisely. When documents are no longer viable, securely dispose of them.

Classify information by department, assigning standardized file names to eliminate confusion. Once your data is organized, train staff thoroughly on how to handle the system.
The security and accessibility of your data is too important for a simple office memo.

3. Audits

Unfortunately, the need to retrieve data unexpectedly or in an emergency is not a matter of “if,” but “when” for most companies.
Laws and regulations change, and disasters arrive without warning. Preparing for these data needs will enable quick access to compliance-related documents, a crucial ability for companies rich with data.

Create an annual auditing process to ensure your data recovery plan is current and in good working order.
Recruit either an internal expert or an outside consultant to oversee and review the audit.
Use these audits as an opportunity to ensure your policy is being adhered to and that the strategy is still aligned with your business.

While you may not know when a disaster or other damaging event will occur, you can take the steps toward preparedness with these simple and straightforward pieces of an effective data recovery plan.