一个re you Ready to Activate your Disaster Recovery Plan?
一个re you Ready to Activate your Disaster Recovery Plan?
Published OnMay 21, 2021
What is a disaster to you? When many people think about the need for disaster recovery, they picture hurricanes, tornadoes or other natural disasters. In reality, catastrophes caused by humans — such as cyberthreats, wide-scale system failures and human errors — are the main sources of disaster.What is a disaster to you? When many people think about the need for disaster recovery, they picture hurricanes, tornadoes or other natural disasters. In reality, catastrophes caused by humans — such as cyberthreats, wide-scale system failures and human errors — are the main sources of disaster.
With the recentColonial Pipeline ransomware attack, this has come into sharp focus and is a stark reminder to companies to make sure they have up-to-date and functional disaster recovery plans in place, and to test those plans regularly and proactively. In an article inThe Verge, Philip Reiner, CEO of the nonprofit Institute for Security and Technology, said, “One of the things we see here is another example of basic steps not being taken in order to secure your systems. Cyber hygiene, or the lack thereof, is really one of the greatest causes of cybercrime. … very basic things [are being left] undone.”
In response, President Joe Biden has issued anExecutive Order on Improving the Nation’s Cybersecuritywhich seeks to strengthen the federal government’s ability to prevent and respond to cyberthreats. The order also encourages private sector companies to follow the federal government’s lead and take ambitious measures to augment and align cybersecurity investments with the goal of minimizing future incidents.
Tie Your Disaster Recovery Plan into your Business Continuity Plan
When IT professionals were asked in a recent survey about the actualdisasters they reported experiencingover the last year, man-made disasters topped the list (65%), followed by technology incidents (29%) and IT security incidents (22%).
Every component of a disaster recovery (DR) plan should tie into an overarching business continuity plan (BCP). Disaster recovery includes the processes, tools and procedures to reduce downtime and data loss beyond the capabilities of backup. Business continuity encompasses backup, disaster recovery and high availability (i.e., making sure your systems are running 99.999% of the time) as well as aspects of the business (technical and non-technical) and the process to restore business functions.
The Threat of Downtime is Real
The threat of downtime is the single biggest driver for business continuity planning for many organizations. IDC indicates80% of small businesses have experienced downtime at some point, with costs ranging from $82,000 to $256,000 for a single event. For larger enterprises, downtime costs can reach $9,000-$17,000 per minute.
Between 40-60% of small organizations that lose access to operational systems and data, and don’t have a disaster recovery plan, end up going out of business forever, according to awebinarhosted by Carbonite, an OpenText company, and Iron Mountain.However, 96% of organizations with disaster recovery solutions in place fully recover their operations and do so relatively quickly.
To successfully prepare your organization to recover from a disaster, these basic steps are required:
You need at minimum a Backup Disaster Recovery (BDR) plan documented and in place
You need a team that knows how to recover your systems (and knows your data)
Your BDR needs to fit into the Business Continuity Plan (BCP)
Everything needs to be tested – at least once a year
Two Stories of Preparedness
在另一个disaster scenario, preparedness saved the day. Ice storms in Texas knocked out power and closed roads in early 2021, but thedata centers prevailed, primarily because their disaster recovery plan included provisions to have at least 48 hours’ worth of diesel fuel on site to keep things up and running, despite the lack of power.
The Texas weather event reminded many of 2012’sHurricane Sandyin the New York and New Jersey area. However, in that storm, hundreds of people died, 8 million people lost power and the damage was devastating – estimated at $70 billion.
One company weathered the storm and put a robust data protection system in place as a result. At the time of Hurricane Sandy, one of the largest managed healthcare companies in the United States stored all of its data within a 30-mile radius of its headquarters and lost massive amounts of medical insurance information due to flooding. As part of an overall system upgrade, they turned toIron Mountain’s Iron Cloud Data Protectionservices to replicate data across their two locations and protect their data in the cloud. As a result, the company transformed its disaster recovery system, moving from tape to cloud to prevent future problems. They estimate $2 million in IT cost savings, as compared to using their traditional commodity cloud service. The organization can also now rely on geo-redundancy across Iron Mountain’s ultra-secure data centers.
Coronavirus: A New Reason for a Disaster Recovery Plan
In response to the global coronavirus pandemic, many businesses have adopted remote work, 24/7 operations and face new challenges to IT security. According to tdwi’s Upside, “One of the most important trends we saw in 2020 that will continue into 2021 is an organization'sneed for a robust disaster recovery plan... Every company has always needed a disaster recovery plan. Some just didn't realize the criticality until the pandemic and remote work made it more apparent. It is not clear to most that they not only need a plan, but they need to routinely test it to make sure it is comprehensive. The COVID-19 pandemic, wildfires, hurricanes, and economic closures of 2020 shined a continuous spotlight on the problems, forcing companies to consider if they had the right plan.”
Business data has never been more critical to an organization’s survival and success and securing and protecting it is essential. Whether you use on-premise backup, cloud backup or manage a hybrid IT environment, you need to consider yourdisaster recovery optionsand put a plan in place before a worst case scenario occurs. You also should consider storing a gold copy of your data offsite - in anair-gapped environment not connected to a networkand therefore, un-hackable - so you have additional ways to recover. Security measures, such as multi-factor authentication, which is available with Iron Mountain’sIron Cloud Secure Offline Storage with Vault Lockservice, can provide added protection for the critical data that runs your business.
一个re you protected? It’s time to reassess your disaster recovery and business continuity plans to ensure they cover all scenarios - natural and man-made.