Credit unions have had their fair share of setbacks in the last year. However, the recent 4th quarter report from the National Credit Union Administration (NCUA) shows that assets, shares, and deposits grew during the last months of 2021. To capitalize on that momentum, your credit union must continue to provide more on-demand and real-time products and services while you grow your member base.
But you can’t do that without a top-tier disaster recovery plan. But what does a good plan look like? Let’s go through some disaster recovery dos and don’ts.
Do: Set Plans & Goals for Your Disaster Recovery
Every disaster recovery system needs to be tested. And for you to measure how well your test and disaster recovery system work, you need to have something to measure against.
The best way to do that is to identify and set goals for KPIs (key performance indicators). The most common include recovery time objective (the amount of time that can pass before your business has been impacted by the disaster) and recovery point objective (the maximum amount of data that can be lost).
Best practice is to test your disaster recovery and business continuity plans at least once every year. This includes emergency evacuation drills, walkthroughs, and risk assessment reviews along with your recovery plans.
Don’t: Rely on Protecting Just the Basics
It’s important to protect the core components of your business in your disaster recovery plan, including the items that you need for compliance reasons. But that should just be a starting point. As you work on your disaster recovery strategy, it’s important to look at all aspects of your credit union’s operations.
Are there contingencies in place that will allow you to communicate with remote or offsite staff members? Are your software, app, or plugin vendors considered in your plans? Do you have a detailed description of who does what during the disaster?
Even if you don’t prioritize everything on a scale from most important to least, thinking through the intricacies of your credit union’s operations can help you mitigate damage and mobilize support when it’s necessary.
Your disaster recovery plan can consist of several smaller plans based on your credit union’s branches, departments, and even the emergency type.
For example, your IT department may need to have different priorities in different disasters. This can be based on the potential threat to the physical components of your security system versus the digital ones.
Do: Make Your People a Priority
You’d be surprised how many disaster recovery plans go into exquisite detail about the operations and technology considerations, but they leave out the human element.
Many disasters are natural or physical in nature – and that presents many opportunities for your staff to be harmed. Here are a few things to think about as you create your credit union disaster recovery plan:
- Where are the shelters or gathering areas for things like a fire, flood, tornado, hurricane, or another natural disaster?
- What is the survival plan for your employees if there is an active shooter?
- If people are injured, how do you want your teams to help? Which staff members should be prioritized? These questions and plans may need to be augmented by a medical professional’s opinion.
- Who will contact the authorities in the event of a disaster, accident, or other harmful situation?
You can’t ensure business continuity if you aren’t protecting the ones who are doing that work for you. And don’t forget to make sure that all your employees are able to get to your designated areas without trouble. This includes people with physical disabilities (from limited mobility to deafness or blindness)
Don’t: Forget to Define the Impact of the Disasters You’re Preparing For
You can increase or decrease the scope of your credit union disaster recovery plan to include a business impact analysis.
A business impact analysis can help you measure and prepare for how each different disaster will actually affect your operations. This includes everything from employee tasks that are interrupted or rendered unusable, impact on credit union members and member services, data loss, and more.
Here are some examples.
Let’s say the disaster you are preparing for is a ransomware threat. In the business impact analysis, you’d list the impact of that disaster: data loss, employees unable to access files which lead to lost productivity, corruption of technology and other digital assets.
However, if the disaster is a tornado, the impact is much different: loss or damage of equipment, buildings, etc., potential data loss, information systems going offline, human injury, loss of productivity, member services and experience will suffer.
These impact areas may be different based on the size and operations of your credit union. But a good business impact analysis will not only prepare you for what to do in an emergency, it will also show you what areas will suffer. This gives you insight into what and how you should implement preventative and other measures to create a successful disaster recovery plan.
Worry-Free Disaster Recovery Services
Server crashes, human error, malicious activity, natural disasters – your credit union could succumb to any one of these disasters at any time.
Disaster recovery is an integral part of your business continuity. As more and more people rely on real-time banking technology, any downtime and data loss are major hits to your credit union.
IMS offers worry-free disaster recovery. We help you keep your credit union operational by ensuring your critical servers, branches, and third-party vendor communications are all recovered quickly.