[Disaster Recovery] Disaster strikes when you least expect it. With that in mind, it’s a best practice to choose a website hosting company that offers 24/7/365 LIVE phone support.

[Disaster Recovery] Do you have a disaster recovery plan in place for your website? Today’s websites are more at risk than ever before. You might think, “Why would someone hack into our website?” You are right and this is a great question, but the fact is that tens of thousands of small business websites are compromised every day by hackers from around the world.

[Disaster Recovery] Like you’ve probably heard before, a good defense starts with a good offense. Proactively protecting your website against hackers and malware will make it less vulnerable to a successful attack. Talk to your Webmaster, hosting company, and consider protection services offered by companies like Securi https://sucuri.net/

[Disaster Recovery] While most website hosting providers guarantee “99.9% up-time,” this is only a guarantee on the server side hardware and operating system. In most cases, especially if you are using low-cost basic hosting (i.e. Hostgator, BlueHost, GoDaddy), it DOES NOT include recovery from virus/malware infection, hacking, injected server side scripting, or other similar malicious activities, including complete take-downs of your website. A well-planned disaster recovery plan is now standard operating procedure for any company if their website is important to their business and sales.

[Disaster Recovery] Most people’s business email is tied to their website hosting (i.e. yourname@yourdomain.com). If your website hosting is compromised, it could also adversely impact your email.

[Disaster Recovery] Hacked websites can lead to a company’s email being blacklisted and undeliverable. Hacked websites are also picked up by Google and will be noted on a search engine results page as “This site may be hacked.” Hacked sites are often dropped completely from Google’s index. Use Google Webmaster Tools to monitor what Google thinks about your website and for other security related issues.

[Disaster Recovery] Even if your hosting company tells you they backup your website, most Internet marketing professionals consider it a best practice to perform backups yourself. If your website was built using self-hosted WordPress, you can use tools like Backup Buddy to automate the entire process. https://ithemes.com/purchase/backupbuddy/

[Disaster Recovery] Understand the term “checkpoint.” A checkpoint is the exact moment that a successful backup of your site was completed. You might think of it as a “snapshot.” Restoring to a checkpoint means recreating your website as it was at the last successfully completed backup. Updates, new pages, and blog posts that were created between the checkpoint, or last successfully completed backup, and the moment of failure, will be lost.

[Disaster Recovery] How often should you perform backups? Backup frequency largely depends on how often you add or update content at your website. If you add content or perform updates daily, then backup daily after your updates are complete. At a minimum you probably should backup your website once a week and monthly. This will give you 4 weekly backups, or “checkpoints,” and one monthly backup, to use for recovery purposes.

[Disaster Recovery] Do not keep your website backup files on your hosting server. If your hosting server gets compromised, it’s very likely that your backup files will also be unavailable. It is considered a best practice to store backups “off-server.” Consider cloud-based services like Dropbox, Google Drive, or Amazon Web Services.

[Disaster Recovery] Consider keeping your backup files in the cloud for easy access. Dropbox, Google Drive, or Amazon Web Services are inexpensive options for reliable and secure cloud storage of your backup files. Do not keep the only copies of your backups on your hosting server.

[Disaster Recovery] A disaster recovery program should include quick and easy access to the following information: (a) hosting control panel link, login/password, (b) hosting company technical support phone number and usually a security PIN#, (c) content management system administrative level login/password, (d) domain registrar login/password, and (e) FTP access to your website (i.e. file transfer).

[Disaster Recovery] If your website was built using WordPress, you can perform backups and fairly easy disaster recovery using a WordPress plugin. Two of the most popular includes Backup Buddy https://ithemes.com/purchase/backupbuddy/, and UpDraft https://wordpress.org/plugins/updraftplus/.

[Disaster Recovery] VaultPress is another disaster recovery solution for those with websites built on WordPress. VaultPress keeps multiple backups of your website/database and offers one-click recovery to any previously stored backup.

[Disaster Recovery] There are four common issues that lead to the execution of a disaster recovery plan: website security compromise (i.e. malware, virus infection), hardware failure, user-error, and installing WordPress plugins that conflict with each other or with the core WordPress software (if you built your website with WordPress).

[Disaster Recovery] Set proper expectations for a complete disaster recovery if needed. Depending on the tools you use, a complete recovery can take from three to five hours, or maybe 24 hours – if not longer.

[Disaster Recovery] Create, have ready and distribute a disaster recovery contact list that includes key people that will be part of your recovery process. It may include your Webmaster, key people within your organization, and of course your hosting company (most require some type of call-in authorization PIN # so have that readily available). When disaster strikes, there’s no need to waste precious time looking for this type of important information. Consider keeping this information this readily available in Evernote (http://evernote.com).