Evaluation Criteria for Disaster Recovery
The independent authority on credit card processors, topcreditcardprocessors.com, is a research firm dedicated to identifying and ranking the best credit card processors in the United States. Through an in-depth vendor analysis, client evaluation, and the use of our proprietary evaluation criteria, we have put together a list of the top disaster recovery services. Our analysis delves into a vendor’s business practices and compares them against industry standards to ensure that the service is quality. Often times we connect directly to the clients of a vendor and ask about their overall experience.
There are five key areas which we have identified as significant for a disaster recovery service:
Risk management is all about evaluating the system, testing it for failures and ensuring that known risks are documented and worked on before a weakness compromises the entire system. Payment systems must have safeguards in effect to prevent abuse of the system and catch unusual activity or suspicious activity before it becomes a serious problem. A complete risk management plan details current known risks as well as potential risks and potential solutions to problems when they arise.
Two factors go into efficiency: speed of recovery and impact on crucial systems. Disaster recovery services must use the approach that provides the best of both worlds. Unless recovery can be completed within a couple of minutes, it sometimes makes sense to use slower methods of recover, provided crucial systems continue to operate. This goes back to the concept of overall impact on the system as a whole. If crucial systems can stay up and running while recovery takes place it results in a lower overall impact on the business and infrastructure.
Continual monitoring on a regular basis of financial software and hardware components helps to reduce the amount of stress on the system. When failing components are detected, the IT staff must have a plan of action for prioritizing and replacing key infrastructure components. This could include prioritizing software updates, checking hard drives, memory and other system components for signs of abuse and potential failure, or simply knowing where to go to receive approval for costly, but much needed repairs.
The crux of a disaster recovery involves the actual process of recovery itself. This aspect takes into account the risk management plan, efficiency of the recovery and needed emergency repairs to get the infrastructure running again. The history of the disaster recovery company must be taken into account and whether the same issues keep coming up. Firms that don't learn from past mistakes must make concentrated efforts to improve their systems and uncover which evaluation criterion needs extra attention.
Finally, after a disaster has occurred and even during normal operation, reporting provides the clues necessary to implement an effective risk management plan. Event logging helps to prevent disasters in the first place and provides an essential evaluation criterion for the prevention and repair of issues. Reporting also provides the customer with information about the disaster recovery company and how quickly and efficiently they respond to partial or complete failure.
- How did you find your current payment processor?
- What other payment processors, if any, have you used?
- How many transactions do you process per month?
- What would be three things you would change about your experience?
- Rate your overall experience (1-10; 10 being the highest).
Service Specific Questions:
- How many firms did you consider for disaster recovery before selecting your current provider? Why did you select them?
- How much time did you spend with the service provider?
- What types of solutions did they recommend?
- What types of tests did they run?
- Did you experience a disaster? If so, how did they help? Were you able to complete recover or are in the process of doing so?