Join Now / Sign In
Ask a Question
I don't run an IT department, but the obvious main lesson is that it's crucial to make disaster preparation a priority before a disaster. Otherwise disaster recovery is likely to be haphazard and ineffective.
A disaster preparation strategy -- including lines of command and specific steps to take under various contingencies -- needs to be worked out in detail when people are thinking clearly and not responding in a panic. I saw this process in action earlier this week when the organization my wife works for -- which provides support services to school districts in upstate New York -- developed a clear plan last week for dealing with Sandy. Once the storm hit (and it wasn't that bad up here), everyone knew what to do. So when my wife got a 5:30 a.m. call Monday from a school superintendent, it wasn't to figure out how to handle the situation, it was to give the go-ahead to implement the plan.
IT needs to do the same thing. Figure out how to handle specific crises in a way that mitigates or avoids downtime for a network and protects data.
Your question, by the way, is perfect for situations such as this. When something bad happens, even if it doesn't affect you, it should prompt IT pros to say, "Are we prepared to handle this kind of situation?" If the answer is no, then IT has some work to do. I also think it's best for IT to be proactive in pushing a plan to top executives, rather than waiting for them to request a disaster-recovery plan.