02-09-16 | Blog Post
A disaster recovery plan is important for many reasons, but in the world of business continuity, disaster recovery planning is a must-have component. There are several steps that need to be taken within a disaster recovery plan, including determining which systems are critical, what kind of recovery site is most beneficial for your business and determining what RPO/RTO your business can afford. But one of the most overlooked components of disaster recovery is testing your plan. When you have all of the elements, you must perform failover testing to make sure they work before a real emergency happens.
So, what constitutes a successful failover test? What should you test? Testing is expensive and takes a lot of time and human resources, but it’s imperative to do it for the overall health of your business as well as comply with regulations such as HIPAA and PCI. A successful disaster recovery test can be the difference between a smooth or rocky failover when a real catastrophe takes place.
There’s more to testing than meets the eye. It’s extensive, and involves people, processes, communication and equipment recovery. Break that down further, and it’s not just the server you want to test during a failover process. If it’s part of an application, you need to make sure all aspects of that application are working properly and can failover in a real emergency if needed. This includes the API, URLs, DNS, network systems, firewall rules, and the application itself. Understanding what systems help your application function is critical to figuring out what should be tested and how to write your plan. It’s also important to have a clear objective before you begin your test so you know what success or failure looks like. This can help you improve your testing process and perhaps your overall recovery plan.
Once you’ve completed your test and have achieved the results you’re looking for, you must remember to test again…and again. One test does not make a successful DR plan. Testing should be done at least once a year, but if you make any infrastructure, network, hardware or software changes, those should be tested when they are implemented rather than waiting for the next annual test. That way, should these new components fail in real life, you can be sure you’re ready to smoothly fail over when you need to.
There’s more to testing than you think. Because your applications need more than just your server to function properly, it’s important to test all the aspects that help it run. If an application fails, you need to trust that your recovery plan will get you back online without any hiccups or panic. Completing thorough testing, and completing it regularly, is important so you can avoid going in to your live failovers blind.
If you want to know more about disaster recovery testing, learning how to conduct an end-to-end disaster recovery exercise and learning the keys to a successful disaster recovery test are great places to start.