Menu
A disaster recovery plan (DRP) defines exactly how your business restores IT systems, data and operations after an unexpected event whether that's ransomware, hardware failure, or a power outage.
Average cost of a data breach in the UK
(IBM Cost of a Data Breach Report, 2025)
Of businesses that suffer significant data loss
close within six months
(National Cybersecurity Alliance)
Of UK organisations were hit by
ransomware in the last year
(Sophos)
A disaster recovery plan is a documented, structured approach that defines how an organisation will respond to and recover from any unplanned event that disrupts its IT systems or business operations. It covers everything from ransomware attacks and hardware failure to fire, flood, and human error.
At its core, a DR plan answers three questions: What could go wrong? How quickly do we need to recover? And exactly who does what when something does go wrong?
A disaster recovery plan is not the same as a business continuity plan — though the two are related. A BCP covers the broader picture of keeping the business running during a crisis. A DR plan focuses specifically on restoring IT infrastructure and data.
Many businesses assume disaster recovery is something only large enterprises need to worry about. That's a costly misconception. Mid-market businesses are increasingly the target of ransomware attacks precisely because they hold valuable data but often lack the defences of larger organisations.
The consequences of having no DR plan in place — or having one that hasn't been tested — can include:
Before building a DR plan, every organisation needs to define two critical metrics. These numbers will drive every technology and process decision you make.
The maximum amount of time your business can tolerate systems being down before the impact becomes unacceptable. Could be hours, minutes, or near-zero for mission-critical systems.
How much data loss is acceptable? If your RPO is four hours, your backups must run at least every four hours. A near-zero RPO requires continuous replication.
A small accounting firm might accept an RTO of 24 hours and an RPO of 12 hours. A financial services business processing live transactions might need an RTO of minutes and an RPO of near-zero. Defining these numbers honestly is the foundation everything else is built on.
Identify which systems are critical to operations, what threats are most likely, and what the financial impact of downtime would be for each scenario.
Not all systems are equal. Email, CRM, financial systems and production databases may each have different recovery requirements.
Define where backups are stored (on-premises, offsite, cloud or tape), how frequently they run, and how they are protected from ransomware. The 3-2-1 rule is a solid baseline: 3 copies, on 2 different media types, with 1 stored offsite.
Step-by-step runbooks for how each system is restored, in what order, and by whom. Vague plans fail under pressure — specificity is everything.
Who declares a disaster? Who contacts customers? Who manages the technical recovery? Every role must be named and every person must know what they are doing before an incident occurs.
An untested DR plan is not a DR plan. Recovery procedures must be tested at least annually — ideally more frequently for critical systems. Testing reveals gaps before a real incident does.
LTO tape remains one of the most cost-effective and ransomware-resilient backup media available. Because tape is offline by nature, it cannot be encrypted by ransomware targeting your network. IBM LTO tape libraries such as the TS4500 and TS4300 provide air-gapped backup with a 30-year archive life at a fraction of the cost of all-flash or cloud storage at scale. Learn more about LTO tape technology.
We've been helping UK businesses protect their data since 1994. Tell us about your environment and we'll help you work out what a practical DR strategy looks like.
We supply and support the hardware and software that sits at the heart of a practical, tested disaster recovery plan from backup software to air-gapped tape libraries to managed security monitoring.
Our team can review your current backup and recovery posture and help you understand where you're exposed. No jargon, no pressure — just a practical conversation about what you have and what you might need.
