GDT Webinar Series – How to Fail at Security? Reserve Your Spot

Don’t put off ‘til tomorrow what you must do today

Disaster Recovery planning

By Richard Arneson

Disaster Recovery planning is like insurance―you know you need it, but there’s nothing fun about it. And that’s before you’ve even paid a premium. It’s easy to file it into one (1) of two (2) categories: I’ll get around to it or It’ll never happen to us. And like insurance, taking either philosophy could leave behind a wide swath of damage from which total recovery may be impossible.
Actually, there’s a third reason disaster recovery planning is often the victim of procrastination―it’s not easy. In fact, it can be very complicated if done, well, properly. But it’s needed; not later, but now.
The following are ideas to consider prior to sitting down to take that first stab at creating a plan. There’s no question, each of the five (5) points will spawn a myriad of additional things to consider, but it will get you headed in the right direction.

Create a DR Team

Developing a Disaster Recover Team that meets regularly, even after the plan has been crafted and tested, will help create a more collaborative, open attitude toward disaster planning. Incorporate a wide-range of skill sets within the team, and each member should have a well-defined role. In addition, each should have backup roles; for instance, somebody whose primary responsibility is applications might have a secondary role working with the telecom department.

Inventory your Assets

An IT inventory must be conducted to include all applications, network assets, applicable personnel and vendors. Create a list of all that will be needed to recover from a disaster. Include network diagrams and any recovery sites, and ensure all equipment, including cables and wiring, are labeled. It might sound elementary, but if it’s not done, tracing cabling back to devices will take time and create unnecessary costs and headaches.
Once you’ve inventoried personnel and vendors, create a call list that―regarding personnel―details their responsibilities and backup assignments. Assign the management of the call list to one (1) person to avoid any blame games. And make sure they’re held accountable for updating it regularly.

Document the Plan

Once inventories have been conducted and verified for accuracy, include any pertinent information, such as software licenses and asset lifecycles. And while it hopefully won’t be needed, include information about applicable insurance, including policy numbers. If you’ve designated a recovery site, include information and maps about how to get there. Don’t leave out something because you assume it’s widely known. If you’re going to assume anything, assume that whomever refers to the plan knows nothing. You won’t offend anybody for including information that seems rudimentary or unnecessary. What will be offensive is if personnel refer to the plan and it’s unclear.

Now Test it…and test it…and test it

Prior to testing your plan, which should be conducted at least once a year, script it out, then rehearse it with key personnel. If you’re concerned that testing the entire plan will pull employees off projects for extended periods of time, test subsets, or smaller chunks, of it. But like anything, the more you rehearse the better you get. You can throw in some curveballs and see how the backup planning works. Pretend certain staff members are on vacation; see if their backup is ready to enter the game and make a difference. Or test it with personnel who have had nothing to do with its creation. Get creative, pretend you’re a football coach. Throw a variety of issues at your plan and personnel and see how well it stands up. See if your documentation is easy to follow and covers all the bases.

Get Executive Buy-In

Make sure to get executives to understand the importance of a DR plan and why taking time to create and test it on a regular basis will mean taking personnel off of projects or initiatives from time to time. Ensure they understand that creating a DR Plan will encompass all departments and key stakeholders from each, and that the plan isn’t static―it needs to be re-evaluated, edited and tested on a regular basis.

Need more info about creating a DR Plan?

Turn to the experts. For the past twenty-two (22) years, GDT has been a leading network and systems integrator by partnering with industry leaders, such as HPE, Cisco, Dell EMC, VMware, Pure Networks, Citrix and F5 Networks. Our tenured, talented solutions architects and engineers deliver customized, cutting-edge client solutions with best-of-breed technologies that lead customers on their digital transformation journey. For more information about creating a DR plan for your organization, contact GDT’s  solutions architects or engineers at or at They’d love to hear from you.
And if you’d like to learn more about DR plans, you can read about them here:
DR in the Cloud
How do you secure a Cloud?


Share this article

You might also like:

As a global IT solutions provider, we understand that technology partnerships are absolutely crucial in our line of business. It’s fair to say that without great partners to work with, we couldn’t do what we do. It’s also fair to say that without the expertise the GDT team brings to

If you’re wondering if your organization’s ransomware defense strategy is as strong as it could be, you’re not alone. Ransomware has emerged as one of the top cybersecurity threats of 2024, impacting nearly three-quarters of organizations last year with an average cost of $4.45 million.i According to Verizon, about a

Mergers, acquisitions, and divestitures (M&A/D) offer opportunities for businesses to grow, streamline operations, and enter new markets. However, strategic planning and financial negotiations can overshadow a crucial element: information security.   This blog post dives into the critical security considerations for M&A/D activities, exploring the importance of information security, potential risks,