You have launched your new website or application and it's starting to produce results for you. To protect this new asset do you have a backup and disaster recovery plan in place?
Depending on the size of your project and what budget you have for these processes there are a number of ISO standards that cover disaster recovery and business continuity. For the this post we'll cover some of basic ideas on what you should expect your software development company to deliver to you when it comes to backups and disaster recovery outside of the ISO standards.
All hardware fails eventually, all operating systems and software have security vulnerabilities that can lead to data loss or outages. Managing those risks is a different discussion, but what happens if, the in the worst case scenario, you have an outage or data loss? How to do you recover your data and get back online again?
You should have an written agreement in place with your development company explaining what backups are required for your application or website. These would include databases, file uploads and code bases.
Backups may be incremental and taken at regular intervals, i.e. hourly, daily, weekly etc. depending on your requirements. You will then have a preserved copy of your data for that period of time. It is important that backup systems are regularly monitored for corruption so the system maintain its function and integrity.
Backups should be stored in a secured manner. Many data breaches come from backups being stored on unsecured, exposed servers or third party storage services. Attackers are constantly on the look out for these vulnerabilities.
You should have an agreement with your development company on how you can access your backups and where they are stored.
In the event of a disaster and your entire application or website is offline, you should have an agreed disaster recovery process in place.
Approach it in terms of what happens when a database is lost, file hosting, if a server or a data center is lost and what can be done to restore one piece or the loss of everything. Your software development company will highlight these critical areas and create a plan for you.
A disaster recovery plan could be presented as a step by step document outlining what is required to get each piece of mission critical infrastructure, software and data back online and bring the site up.
The smallest application or website should have a backup and disaster recovery plan in place. Having proper processes in place will mean that in the event of something going wrong your application or website can be recovered with minimal impact on your business and your customers.