Skip to content
Call: 1300 596 560
ITL-Coloured-H.png
  • Products
    CCare.png

    Comprehensive IT support and maintenance services to ensure smooth business operations.

    CPrivate_1.png

    Secure, private networking solutions tailored for your business's specific needs.

    CCloud.png

    Flexible cloud solutions for secure, scalable, and efficient data management.

    CNetwork.png

    Robust networking services to keep your business connected and efficient.

    CNBN.png

    High-speed NBN services to boost your internet connectivity and productivity.

    CVoice.png

    Advanced voice communication solutions to enhance your business communications.

    CPBX_1.png

    Innovative PBX systems providing reliable and scalable telecommunication solutions.

    Connect Web

    Enhance your online presence & streamline operations with our tailored web solutions!

    Our Products - Connect Cyber

    Protect your digital assets & safeguard your business online with our comprehensive cyber security services.

  • Services

    IT Support Services

    We offer tailored IT support customised to your business or enterprise needs & operations, ensuring optimal performance of your systems and infrastructure.

    Learn More

    Business IT Support

    Get specialised IT support for your business that ensures your technology aligns with your specific business goals, enhancing efficiency and productivity.

    IT Consulting

    Make informed decisions, implement effective strategies, and navigate complex landscapes with the help of our expert IT consultancy services!

    IT Procurement Services

    Let us assist you in acquiring the best tech solutions at competitive prices so that your business gets superior value, quality & performance.

    Managed IT Services

    Our innovative Managed IT Services drive business growth & scale with you! We work with you to understand your specific Managed IT needs, creating solutions that improve your IT infrastructure at a simple fixed monthly rate.

    Learn More

    Managed IT Support

    Experience hassle-free & cost-effective IT outsourcing to take the complexity out of IT management for your business.

    Managed Backups

    Safeguard your critical data, minimise downtime and ensure quick recovery when you need it, for total peace of mind and continuity.

    Managed IT License Management

    Streamline your IT lincense renewals and software license management to ensure compliance and optimised usage.

    Managed Firewall

    Fortify your network's security, protect against unauthorised access & evolving cyber threats for effective collaboration and operations.

    Microsoft 365

    Transform and modernise your workplace with our comprehensive M365 Solutions. Designed to foster collaboration, enhance flexibility & enable seamless connectivity from any location!

    Learn More

    Microsoft 365 Migration

    Seamlessly migrate to Microsoft 365 with our smooth transitioning process for minimal downtime.

    Microsoft 365 Backups

    Protect your critical M365 data with our robust backup solutions, ensuring data integrity and security.

    Email Signature Management

    Manage & unify your organisation's email signatures, reinforcing your professional brand identity.

    Microsoft Teams

    Achieve unparalleled team collaboration with Microsoft Teams for Business or Enterprise!

    Cyber Security Solutions

    In today’s ever-changing digital landscape, robust cyber security is essential. We develop tailored solutions that protect your business and safeguard sensitive customer information for confidence and peace of mind!

    Learn More

    Email Security

    Fortify your email communications to safeguard sensitive data and ensure uninterrupted business operations.

    Endpoint Security

    Enhance the security of your endpoints, from laptops to mobiles, ensuring compliance & threat protection.

    Cyber Security Training

    Empower your staff to proactively handle cyber threats & foster a culture of cyber awareness and preparedness.

    Essential 8 Simplified

    Implement a streamlined Essential 8 cyber strategy to effectively mitigate cyber risks in your business.

    Cyber Security Audits

    Conduct cyber audits to identify vulnerabilities, enhance security measures & ensure robust defences.

    Cloud Computing

    Reduce your IT infrastructure costs, increase operational efficiency and flexibility & improve the overall performance of your systems with our versatile and scalable cloud computing services for business and enterprise.

    Learn More

    Cloud Computing Services

    Enjoy fully scalable & versatile cloud computing services to drive business efficiency.

    Cloud Migration

    Our seamless migration services ensure a smooth transition and integration with your IT systems to the cloud.

    Cloud Backups

    Benefit from reliable cloud backup solutions to protect your critical data and client information.

    VoIP Telephony

    Our VOIP telephony solutions provide a cost-effective and flexible solution for businesses to communicate with their clients & employees. Enjoy greater mobility, scalability, and accessibility compared to traditional phone systems!

    Learn More

    VoIP Phone Systems

    Discover our state-of-the-art VoIP phone systems for superior communications.

    Remote Workplace Solutions

    Explore our innovative IT solutions to support efficient remote work environments & hybrid teams.

  • Industries

    Transportation

    Specialised IT solutions for the transportation sector.

    Learn More

    Professional Services

    Tailored IT services for professional service providers.

    Learn More

    Education & Government

    Specialised IT services for educational institutions and government bodies.

    Learn More

    Healthcare & Aged Care

    Custom IT solutions for healthcare and aged care facilities.

    Learn More

    Manufacturing

    Advanced IT solutions to streamline manufacturing processes.

    Learn More

    Mining & Resources

    Robust IT solutions for the mining and resources industry.

    Learn More

    Retail Industry

    Explore our innovative IT solutions for the retail industry.

    Learn More
  • Resources

    New User Form

    Do you need assistance with setting up a new user? Complete our new user form.

    New User Form

    Exit User Form

    Need help with an urgent IT issue? Complete our exit user form here.

    Exit User Form

    Blog

    Stay ahead in the digital world with our latest blogs. Get expert insights on evolving IT advancements or tips for seamless business IT operations!

    Read The Blog

    Case Studies

    Discover the success stories of IT Leaders’ clients and unlock the secrets to seamless IT support, managed services, cloud computing & VoIP telephony!

    Discover Our Case Studies
  • About

    About Us

    Learn more about IT Leaders, our values, team, and our expert services!

    Learn More

    Get Support

    Lodge a support ticket & we will get back to you as soon as possible!

    Get Support

    Technical Capability Summary

    Discover IT Leaders’ range of technical capabilities as a leading Australian IT solutions provider and MSP!

    Learn More

    Careers

    Discover the opportunities to join our team!

    Explore

    Our Team

    Do you need assistance with setting up a new user? Complete our new user form.

    Learn More

    Our Partners

    Gold Coast IT Services that will help your business optimise and grow as fast as you grow.

    Learn More

    Testimonials

    Do you need assistance with archiving your email? Complete our exit user form.

    View Testimonials
  • Contact
Call: 1300 596 560

Why Every Business Needs an IT Disaster Recovery Plan

  • September 30, 2024
a man in a suit typing on a computer

Table of Contents

Your organisation probably needs a functional IT environment. So what happens when your hardware or software stops working? A disaster recovery (DR) plan can help restore your operations as quickly as possible – with minimal financial and data losses.

But putting together an effective plan isn’t always easy. This article will cover why every business should have an IT disaster recovery strategy and break down 5 DR principles you should incorporate.

What Is an IT Disaster Recovery Plan?

An IT disaster recovery plan is exactly what it sounds like: a set of policies, procedures and documentation designed to keep your data and IT infrastructure accessible, secure and operational if an adverse event occurs.

There are two basic components to any IT disaster recovery plan. The first is data security. Your DR plan should follow the CIA triad – that is, your data should be kept confidential, integrous/intact, and accessible. If you lost important data following an event, for example, your DR plan would have failed the ‘intact’ component.

The second component is operational resilience. How quickly can your organisation’s IT environment return to full functionality? Operational resilience could range from securing a digital environment after an intrusion to procuring and deploying key hardware following a physical disaster.

There are also other disaster planning aspects, like prevention, detection, and response, which can be included in your DR plan (although, often, they’ll fall under your overall security plan instead).

What Constitutes a Disaster?

The word ‘disaster’ connotes a natural catastrophe – a cyclone, a bushfire, a flood. But, in a business context, it actually refers to any adverse event that significantly disrupts operations.

That could range from a physical disaster (natural or otherwise) to a cyber security breach. In some cases, a disaster could be as simple as a key person, like a business founder, dying – without anyone else having access to their digital accounts.

Why a Disaster Recovery Plan Matters

Most organisations are aware that they need cyber security. Even if standards like the Essential Eight aren’t actually met, non-technical leaders understand that threat actors can and will attack their businesses, and they generally take steps of some kind to prevent that from happening.

But disaster recovery is a different beast. A 2021 study of 150 UK organisations found that just 54% of survey respondents have a DR plan in place – a figure that’s representative of what we see in day-to-day practice. Maybe it’s optimism bias. Maybe it’s a lack of awareness. Maybe a ‘maybe’ scenario takes a back seat to more pressing operational concerns.

Either way, DR plans are non-existent or immature in many organisations. That’s a problem, because nearly 94,000 cyber security reports were lodged with Australian law enforcement in FY 2022–2023. There’s a high likelihood that an adversary will attack your organisation at some point – and, if something goes wrong, you need to be able to recover quickly.

Remember: if Facebook and LinkedIn can be breached, so can you.

How to Develop an Effective DR Plan

One of the hardest parts of DR planning is knowing where to start. Use these 5 principles if you’re developing a new plan or refining an existing one.

(If you don’t have an IT team with experience in resilience and DR, it can be a good idea to engage an experienced MSP to help you. They’ll be able to streamline the planning process and ensure your measures are compliant with any relevant standards.)

1. Identify Your Priorities

Every organisation has critical functions that it needs to operate at the most basic level. Your DR plan should identify what those are for you. One of the easiest ways to do that is to conduct a business impact analysis (BIA).

A BIA typically:

  1. identifies all business activities

  2. identifies the people, infrastructure, systems and applications (resources) required for each activity (dependencies)

  3. quantifies the impact of each activity’s cessation on business health (generally using a 5-point severity grading framework across different timeframes; the point at which a given activity reaches ‘5’ is called its maximum tolerable downtime (MTD))

  4. prioritises the recovery of all activities based on their MTDs.

Your DR plan should ultimately contain a table that looks something like the below.

a diagram of a business impact analysis
This example BIA was sourced from the Aged Care Quality and Safety Commission.

2. Have a Clear Plan

Once you know what your priorities and their dependencies are, you need to define when your plan is activated and who does what. Your IT DR plan should sit within your organisation’s broader DR framework, so its scope should be restricted to restoring IT-owned resources.

Your plan should answer questions such as:

  • Who is responsible for developing, maintaining, and testing the DR plan?
  • Where are copies of the DR plan stored and who has access to them, keeping in mind that your plan may contain sensitive information?
  • What criteria must an incident meet to activate the DR plan?
  • How is an incident initially identified and escalated?
  • Who is responsible for making the decision to activate the DR plan?
  • Once a decision has been made, how is the decision communicated to all relevant stakeholders, keeping in mind that normal communication channels may be unavailable?
  • What central location should the plan’s execution be coordinated from?
  • Where are your designated recovery sites?
  • How will resources be restored, and who is responsible for taking the required restoration actions for each resource?
  • While resources are inaccessible, how can their dependent business activities be restored?

Your plan should follow the SMART criteria: specific (such as having one owner per task), measurable (such as clearly defining activation and restoration criteria), achievable (such as planning for multiple scenarios), realistic (such as accurately gauging MTDs), and time-bound.

Keep in mind that your plan will require supporting documentation – information like key personnel, staff contact details, and current service provider contracts (which will likely overlap with your existing records).

3. Have Multiple Backups

Most adverse events impact data, not IT infrastructure – and, for most organisations, data is exponentially more important than a few fungible pieces of hardware covered by insurance. Even if you don’t have a fully mature DR plan in place, make sure you back up your data.

Aim to follow the 3-2-1-0 rule, which means having:

  • 3 different copies of data
  • stored on at least 2 different media
  • with one stored offsite
  • and zero errors following backup recoverability verification.

We typically recommend combining a solution like Veeam or Commvault with air-gapped, offsite backups and immutable blob storage. (‘Air-gapping’ is almost exactly what it sounds like – reliable storage devices that are physically separated from your network and isolated in cold storage, preferably in a different city).

4. Be Realistic

We talked earlier about how optimism bias often stifles disaster planning at the outset. It’s equally fatal when it’s embedded in a plan that looks, on paper, as though it works.

Unrealistic assumptions can range from ‘that won’t ever happen here/to us’ to ‘we don’t need multiple redundancies’ and ‘we can definitely get everything back up and running in 2 days’. During your planning, be pessimistic – or work with someone who can be. You need to assume that everything that can go wrong will go wrong.

At the same time, be realistic about costs, recovery point objectives, and recovery time objectives. For example, you might run daily incremental cloud backups, but only write to offsite tapes once a month to mitigate unnecessary transport and storage costs. It’s also important to look at opportunity cost – how much will it cost your business to have a given resource unavailable versus the costs involved with recovering faster?

5. IT Isn’t the Only Consideration

It’s worth noting that, while this article is about IT disaster recovery, any non-cyber event will impact more than just your IT-owned resources. A building fire, flooding, theft, power outages – each one will have business-wide impacts.

Make sure your IT DR plan is congruent with your business-level disaster recovery and continuity plans. The last thing you want during a disaster is to have multiple departments in conflict because their DR plans are running on different timelines with different criteria. Use the same methodology for all plans, make sure all executive stakeholders have discussed and approved them, and have them tested at the same intervals (and, intermittently, together).

Next Steps

Designing an IT disaster recovery plan that’s realistic, effective, and cost-viable isn’t straightforward. Your controls need to be tailored to your priorities – a professional services SMB could be offline for a few days without major business implications, but even an hour of unavailability in a hospital could lead to patient deaths.

Defining those priorities and implementing appropriate controls is easiest when you have a team with DR experience. We’ve helped more than 500 organisations prepare DR plans and data backups, ranging from small accounting businesses to aged care facilities with high availability requirements.

To learn more about what DR planning involves – or for an independent review of your existing DR plan – schedule a consultation with us.

Share It:

Read More IT Leader Articles
Loading...
laptop screen showing software updates
October 28, 2024

Windows 10 Countdown: Why It’s Time to Upgrade Your PC Today

Windows 10 has been a reliable companion, but its days are numbered. Come October 14, 2025, Microsoft will end support for it. That means...
Read More
someone using a laptop looking at an email
October 21, 2024

Six Signs of Business Email Compromise to Watch For

Table of Contents Business email compromise (BEC) attacks are the most common cyber threat that Australian businesses face. They’re also one of the most...
Read More
smart office trends
October 14, 2024

Boost Productivity: Top 6 Smart Office Trends You Need To Know

The office environment is experiencing a major overhaul. The days of drab cubicles and repetitive routines are behind us. Today’s smart offices are vibrant...
Read More
ITL-Coloured-WhiteSub-H.png

Professional IT Services that are optimised to change and grow as fast as your business!

Facebook Twitter Linkedin

Products

  • Connect Care
  • Connect Cloud
  • Connect NBN
  • Connect Network
  • Connect PBX
  • Connect Private
  • Connect Voice
  • Connect Web
  • Connect Cyber

Services

  • IT Support
  • Managed IT Services
  • Microsoft 365 Solutions
  • Cyber Security
  • Cloud Computing
  • Cloud Migration
  • Cloud Backup
  • VoIP Telephony

Support

  • Contact Us
  • New User Form
  • Exit User Form

Resources

  • Careers
  • Blog
  • Technical Capabilities

© 2025 IT Leaders

Terms & Conditions

Privacy Policy