How Important Are Disaster Recovery and Business Continuity Plans

SenseiSteve

HD Moderator
Staff member
I always recommend incorporating comprehensive disaster recovery and business continuity plans, then periodically reviewing their effectiveness.

One part of that plan should be remote offsite backups. Very often incorporating a remote backup is as easy as downloading a software client onto your network server or personal computer, so why do we see so many threads on web hosting forums from OPs complaining they've lost everything when their provider hiccups? Can that be attributed to complacency, lack of knowledge or what?
 
I always recommend incorporating comprehensive disaster recovery and business continuity plans, then periodically reviewing their effectiveness.

One part of that plan should be remote offsite backups. Very often incorporating a remote backup is as easy as downloading a software client onto your network server or personal computer, so why do we see so many threads on web hosting forums from OPs complaining they've lost everything when their provider hiccups? Can that be attributed to complacency, lack of knowledge or what?
I agree.
It is just like getting the message to clients that they must take their own backups and save them locally or remotely.

I have always been amazed at how many new clients would come to me and say can you try and get my site files as my host has vanished and I have lost my website.

I would even had clients that saved backup to the server the website is on and trying to explain to them 'what would happen if the server hard drive failed, where would you get your backup from'
 
I agree.
It is just like getting the message to clients that they must take their own backups and save them locally or remotely.

I have always been amazed at how many new clients would come to me and say can you try and get my site files as my host has vanished and I have lost my website.

I would even had clients that saved backup to the server the website is on and trying to explain to them 'what would happen if the server hard drive failed, where would you get your backup from'
I've had to recreate sites from the waybackmachine for the same reason ... no backups of any kind. One prospect even let their domain expire and still had it posted on their front door.
 
Generating backups should be second nature at this point. We all know a system is going to fail. But just as important as making backups is testing if the backup is valid and working. Most data centers will test their generators once a month, test redundancy systems, etc. We do the same with backups. We make them daily and spot test a set of backups each month. We run an integrity test after every backup, but only run a full decompress and test on select systems.

As far as responsibility, there's potentially a case for negligence - but the commitment from the company will depend on what they're liable for.
 
I've had to recreate sites from the waybackmachine for the same reason ... no backups of any kind. One prospect even let their domain expire and still had it posted on their front door.
I have had clients' domains expire and they blame me for their site being down and then you have to explain that they need to renew their domain.

I have always made my own backups of all clients websites as you never know when a disaster can happen, but these are for my purpose
 
The importance of disaster recovery and continuity plans really depends on the risk that a loss of data/services exposes you to.

If you run a web-shop that sells some sort of product, where you sell 1 to 2 units per month, with maybe 100 usd turnover, that is completely different to having 100s of clients that also depend on your services to operate their business.

its best assess the overall impact and work backwards from there.
 
The importance of disaster recovery and continuity plans really depends on the risk that a loss of data/services exposes you to.

If you run a web-shop that sells some sort of product, where you sell 1 to 2 units per month, with maybe 100 usd turnover, that is completely different to having 100s of clients that also depend on your services to operate their business.

its best assess the overall impact and work backwards from there.
It makes no difference if you sell 1 or 2 items a month or 1 million items a month your website can still be hit with the same server failures so you should still have disaster recovery processes in place.
It all comes down to how you value your business, if you could not care less then you will just think 'oh my host will have backups etc, so why should I bother, if anything goes wrong I will just blame my host', but if you care about your business then you will make sure you have backups, etc. all set up
 
It makes no difference if you sell 1 or 2 items a month or 1 million items a month your website can still be hit with the same server failures so you should still have disaster recovery processes in place.
Of course it makes a difference. The amount of damage (direct) and followup are in monetary values a lot different.

I am not arguing against disaster recovery plans. What i am making an argument for is scaling measures taken based on the damage potential in a worst case scenario.
 
As a rule, your backups should be in a different DC from your production products and ideally with a different vendor.
I typically restore a server (not every server) to bare metal, every 6 months to prove that the backup procedure/methods have covered everything.
Any improvements are noted and taken care of.
 
As a rule, your backups should be in a different DC from your production products and ideally with a different vendor.
I typically restore a server (not every server) to bare metal, every 6 months to prove that the backup procedure/methods have covered everything.
Any improvements are noted and taken care of.
yes i agree, although a different vendor is not a crucial part, the most crucial part is having the backups in a different DC
 
I once got into a bit of a pickle with one DC, when a VPS I rented to someone got used for a Command and Control for something nasty, The DC shut down all my servers on which the VPS could have been hosted, rather than ask me to shut down the VPS hosted on the servers.
The legal situation took more than 2 weeks to resolve. However, my customers were up and running on new VPSs within a few hours.
Just to make it plain they shut down all my servers, not just the one with the VPS, had I not backed up to a different vendor, there would have been a good chance of having my backups shut down as well.
This was back in 2012, and the loss of reputation at the time was bad, but imagine if you lost your server and your backups for 2 weeks, or even completely.
 
If it helps, we used to have several dedicated servers at a different datacenter which charged a base rate for 10TB download I think it was, but didn't charge for any upload. So as long as we were sending backups to that server, we weren't charged bandwidth fees. It was only when we pulled a backup, and exceeded the download of 10TB, that we would be charged.

This is a great way to offset costs and keeping an external set of machines at various locations. Most datacenters charge on the download bandwidwith, not on the overall bandwidth. So we would literally upload GB's of data every few hours, and not have any additional fees.
 

Forum statistics

Threads
80,722
Messages
248,161
Members
20,665
Latest member
Saranya Subramaniam
Top