Can you share any best practices for ensuring that disaster recovery tests are comprehensive and realistic?
Sort By:
Oldest
VP, Enterprise Solutions & Digital Services Delivery in Software9 days ago
One of the key steps is to "practice as you play" and "play as you practice." We conduct dry runs ideally once a quarter, although sometimes business pace forces us to defer them to twice annually. This involves having a dedicated incident response team that understands their roles clearly, along with well-documented recovery procedures.A robust communication plan is crucial, encompassing not just internal stakeholders but also external ones, including key vendors, suppliers, and cloud providers like AWS and Microsoft.
For us, CrowdStrike is a key component of our stack. By conducting these drills frequently, we aim to be better prepared when actual incidents occur, making the chaos more manageable. While the level of chaos never reaches zero due to external pressures and media portrayal, these practices have proven successful for us.
There are also third-party companies that offer certifications for disaster scenarios, whether it’s a tornado, terrorist attack, or electrical issues. While these certifications are not perfect, they provide some confidence by having a third party evaluate your setup.