The growing threat of cyber attacks has moved disaster recovery planning up the agenda for many law firms determined to protect their client’s data. But why pay every year for something you are never likely to use?

Secure data

Every business should have an IT disaster recovery plan, with step-by-step procedures for recovering disrupted systems. The plan identifies critical IT systems and networks, assess the required recovery time, whilst establishing the steps to restarting, reconfiguring and recovering them.
Certain businesses are required by law or regulation to have such plans in place, with some required to keep all data secure and retrievable regardless of what happens to the business.
Instead of outsourcing the entire responsibility for disaster recovery to external service providers, it’s possible for smaller firms to plan for the worst, protect their business and only pay if disaster strikes.

The Plan

There are important steps to ensuring a recovery plan minimises the impact of any disaster. The first step is to undertake a business impact analysis to identify and prioritize critical IT components and systems. A variety of recovery strategies will help ensure systems can be restored quickly and effectively, with a contingency plan to replace damaged systems.
Regularly testing the plan identifies problems and offers the opportunity to train everyone for implementing the necessary procedures. It also highlights areas for improvement or change and keeps the plan up to date with changes in infrastructure or business operations.

Do It Yourself

For smaller firms, it’s a case of balancing risk against the costs associated with recovering from a disaster – and these include virus and cyber attacks, hardware & software malfunctions, even human error creating problems for your business.
Businesses will back up their data regularly and some will even check that recovery is possible from the back-ups. But the age of the backed-up data is another point of risk and each firm will have to assess how much data they are prepared to lose, maybe to have to enter again - generally, the more current the back-up, the more expensive the solution.
But just because data is backed up, what will this data be recovered to, if the IT system, servers, applications, licenses etc. no longer exist?  
Most available options incur costs that many smaller firms will find prohibitive, particularly given the challenges of the current legal services sector. But when even a short interruption to operations can cause significant, often irreparable damage to a business, the high costs associated with real time data replication to duplicate servers in different data centres, is perhaps more acceptable.
At the other end of the scale, management can accept more of the responsibility with a slightly increased risk to the business continuity accordingly, but at a much reduced cost. This is the balancing of risk against cost that smaller firms must evaluate.

There when you need it

Innovative solutions like Inactive/Active Disaster Recovery have been developed to help smaller businesses protect their future, without committing to the higher costs associated with traditional recovery solutions.
The inactive phase begins with an assessment of the IT infrastructure a business needs to function normally, with a record made of all the information needed to create a copy of the IT environment at extremely short notice - usually within 24 hours. The snapshots taken of each physical or virtual server being supported are stored at the disaster recovery centre.
The necessary server space is guaranteed, with the power and communications to turn this virtual, inactive environment, active, as soon as disaster strikes. Importantly for smaller firms, after the initial consultation fee, there is only a small annual maintenance charge until the service is required.
Once active, the client supplies the latest backed-up data, sending tapes or hard drives by courier if necessary. Only at this point are the costs associated with new hardware, software licensing etc., incurred, which are usually covered by the business insurance – but worth checking.  
Businesses continue to pay for a service they will never use alongside the insurance they have to cover their assets. Yet with a little planning and innovative solution like Inactive/Active DR they can protect their operation and spend money on what they want to happen, not what might happen.


About Quiss: Quiss tailors every solution to meet the specific needs of each client, with a team of dedicated professionals helping organisations improve their performance through the appropriate IT infrastructure, expert advice and practical support.
Quiss is a Microsoft Small Business Specialist and a Microsoft Partner with two gold competencies, Server Platform and Midmarket Solution Provider. It operates from its headquarters in Tamworth, Staffordshire and offices in Harrow, North West London.