Are you prepared for the next disaster?
There’s no telling when disasters will occur. The next disaster – a new epidemic, data breach, earthquake, or flood – could compromise data, result in lost business, or prevent employees from accessing a physical office. How quickly will your firm be ready to continue operations seamlessly? We have all experienced a change in the way we work. All organizations need to have a solid disaster recovery plan and protocols in place to recover from a breach or disaster, ensure the continuity of business, and allow employees to work from home efficiently.
Why should my business get a penetration test?
During hurricane season, disaster recovery plans are especially important for specific regions in the country that often bear the brunt of their impact of these natural disasters.
According to an outlook on Thursday by NOAA’s Climate Prediction Center, the 2020 Atlantic hurricane season is predicted to be more active than usual, a division of the National Weather Service. The NOAA outlook calls for 13 to 19 named storms, six to 10 hurricanes and three to six major hurricanes – one that is Category 3 or higher (115-plus-mph winds) on the Saffir-Simpson Hurricane Wind Scale. This forecast is above the 30-year (1981-2010) average of 13 named storms, seven hurricanes, and three major hurricanes.
What is a Disaster Recovery Plan?
A disaster recovery plan is a set of tools and procedures designed to allow your business to recover from an unplanned service outage and restore normal function—the specific measures used might vary from one company to the next. However, with the advent of cloud-based data storage and processing services, disaster recovery has become increasingly synonymous with remote data backup and production environment services.
Cloud Computing allows the ability to store mission-critical data in a remote server that is in a different geographic location from your primary data center. This makes it easier to ensure that you won’t lose your data to a natural disaster such as a hurricane. A category five hurricane hitting Florida won’t put a scratch on a data center in upstate Washington, leaving the backed-up data intact. This backup can then be downloaded into a new data center if the old one is destroyed or otherwise rendered useless.
When remote data backup servers are combined with remote production servers in a platform-as-a-service (PaaS) or a disaster recovery-as-a-service (DRaaS) model, your DR plan can become a core part of your business continuity (BC) plan—helping to ensure minimal downtime regardless of what happens to your business’ primary data center.
What is the key difference between business continuity and disaster recovery?
The critical difference is when the plan takes effect. For example, business continuity requires you to keep operations functional during the event and immediately after. Disaster recovery focuses on how you respond after the event has completed and how you return to normal.
While both functionally incorporate the “after” response, disaster recovery is about getting yourself back to where you started before the event occurred.
For example, if a hurricane destroys your office building, your business recovery solution may be to allow employees to work remotely. However, this solution only works as part of emergency response and is not sustainable long term. Your disaster recovery plan focuses on ways to get employees back in a single location and how to replace equipment.
Steps to a Disaster Recovery Plan
- Determine recovery hierarchy – Certain parts of your IT are more mission-critical than others. Ask yourself which systems or data must be recovered in minutes, hours, or days to get your business back to running efficiently. For example, you may find that recovering sensitive customer information and eCommerce systems take priority over recovering your email server. Whatever the case may be, prioritizing your systems ensures that the right ones are recovered quickly after a disaster.
- Pay attention to location – First and foremost, your backup site should be in a hurricane-free zone. Ideally, your offsite facility should be located at least 100 miles away from your central location. If this isn’t possible, make sure it is built to withstand wind speeds of 160 mph (as fast as Category 5 storms) and is supported by backup generators and uninterruptible power supplies. You should also request an upper floor installation or, at the very least, keep critical IT equipment 18 inches off the ground to prevent water damage.
- Use image-based backups – Unlike fragile tape backups, image-based backups take “snapshots” of your systems, creating a copy of the OS, software, and data stored in it. From there, you can quickly boot the virtual image on any device, allowing you to back up and restore critical business systems in seconds.
- Take advantage of the cloud – The cloud allows you to host applications and store data in high-availability, geo-redundant servers. With the cloud, your backups can be accessed via the internet, allowing authorized users to access critical files from any device. Expert technicians will also watch over and secure your backups, allowing you to enjoy the benefits of enterprise-level backup facilities and IT support.
- Back up your data frequently – Back up your data often, especially during disaster season. If your latest backups were created on the 15th of May and the next storm makes landfall on the 28th, you could lose nearly two weeks of data. Get in the habit of replicating your files at the end of each day, which should be easy if you’ve opted for image-based backups.
- Test, test, and test some more – After setting up your backups, check whether they are restoring your files accurately and on time. Your employees should be drilled on the recovery procedures and their responsibilities during and after disaster strikes. Your DR team should also be trained on how to failover to the backup site before the storm hits. Finally, providers, contractors, and customers need to be notified about how the hurricane will affect your operations.
There’s no telling when disasters will occur, so your organization must be prepared. You can’t afford to have any lapse in your business and a proper disaster recovery plan can help your organization succeed when disaster strikes.
The Cyber Security experts at Lazarus Alliance are completely committed to you and your business’ success. Regardless of whether you represent the private sector or the public sector, we stand ready to partner with your organizations.
Lazarus Alliance is proactive cyber security®. Call 1-888-896-7580 to discuss your organization’s cyber security needs and find out how we can help your organization adhere to cyber security regulations, maintain compliance, and secure your systems.