Going through a sudden disaster or an emergency is one of the most terrifying things a business can experience, especially if the business is unprepared for it. For this reason, it’s essential for a small or medium business (SMB) to take the necessary precautions not only to implement disaster recovery plans and solutions but also to test them on a regular basis to confirm their effectiveness.
Testing disaster and recovery solutions is similar to running a fire drill before an actual catastrophic fire. Doing this ensures not only that the systems are working properly (such as the fire alarms and smoke detectors), but also that the individuals in the building know how to respond correctly when those alarms go off.
In the case of IT disaster recovery planning, testing ensures that all technology systems are working appropriately and preserving the essential data as intended. Additionally, testing helps to align the teams on procedures for a variety of different disaster situations, flags any potential challenges that may arise, and improves any processes that need smoothing. It can also identify any applications, systems or data that may have changed since the last test and now need to be included in further efforts.
Further reading Disaster Recovery Testing: Best Practices and Scenarios
There are several critical situations where disaster recovery solutions will be needed. Natural disasters (such as hurricanes, floods and wildfires) can cause outages, for instance. Operational disasters (such as the loss of a team member) or technological disasters (such as malfunctioning equipment or a cybersecurity attack) could also trigger the need for such a solution. These are just a few examples of disasters that could affect a company.
However, the reality is that most MSPs and businesses don’t test their disaster recovery solutions prior to an incident. A recent survey found that only 30 percent of MSPs simulate disaster recovery capabilities quarterly. An even smaller percentage (25 percent) test annually, and only 9 percent test monthly. A startling 15 percent said they never test their disaster recovery solutions at all — meaning the first time they test these solutions is in a time of crisis.
The need for functioning disaster recovery has only increased in the past two years, as the COVID-19 pandemic has, in many ways, highlighted the weaknesses in our operational, technology and supply chain systems. Nearly half of MSPs, for instance, reported that their customers had experienced a significant cyberattack during the year.
There’s no strict rule as to how often MSPs should be testing disaster recovery systems for their clients — only that they should be doing so regularly. An MSP should use their best judgment based on client needs as to how often they should be testing systems. In establishing such testing, an MSP should help its customer determine and then meet recovery point objectives (RPOs) and recovery time objectives (RTOs), or the capability and time criteria that define a successful recovery effort.
The world of technology continues to change constantly, as does the world we all live in. Given that MSPs have a responsibility to ensure the continuity and accessibility of their clients’ systems, it’s critical that they make every effort to proactively prevent any significant issues down the line. Testing is one way to do this, as well as further reinforcing their value as a trusted partner to their clients on a more regular basis.