By: Stephen Young, Director, AssureStor
The pandemic has resulted in a major shift in working practices with large numbers of employees abandoning their familiar office environment for kitchen tables, garden offices and spare bedrooms. For those organisations that had not already fully embraced remote working and a more agile workforce pre-pandemic, there was a hasty scramble to deploy remote solutions, including SaaS, cloud, hosted or remote access – and in some cases a hybrid of all of these options.
The backdrop to this is an increasingly hostile cybersecurity environment. Cyber criminals have not been slow to capitalise on this shift to remote working. The threats are predominantly the same – malware and ransomware – but the chances of a successful attack have increased.
With new and often unfamiliar practices, and with the absence of a more formal working environment, the intrinsic security processes and procedures taken for granted have now diminished, potentially exposing gaps in security, and leading to an increased risk of attack.
With so many changes in such a short period of time, organisations should now look at revisiting – and where appropriate revising – their disaster recovery plans to ensure they evolve to keep up with changing conditions and new working methods. Any business that fails to see this as a priority needs to take a serious look at what is happening today, especially with the growth in ransomware attacks.
Well-prepared and well-executed disaster recovery plans will keep the business up and running through disasters of any kind, whether it’s an IT failure, data breach or a malicious attack of some kind.
The three ‘Rs’ of disaster recovery
Focusing on what we refer to as the three ‘Rs’ – resilience, recovery and robustness – and how quickly can you get your systems and data back online should be a priority. Where recovery times were measured in days or possibly hours a few years, this is no longer an option, with businesses today expecting to be back online within a matter of minutes.
One customer recently suffered a ransomware breach affecting a number of its critical systems. As soon as the threat was discovered, systems were taken offline to avoid any cross-infection, causing downtime for the entire organisation. With a traditional backup solution, the company’s IT team realised it would take over 24 hours to recover, with the added risk that the recovered data could still contain the original infection. But using their data recovery as a service (DRaaS) platform and based on the known infection time, they were able to recover the impacted servers in less than 10 minutes, and to within seconds of the infection point, minimising downtime and data loss.
This shows that an effective disaster recovery solution must be able to deliver flexible recovery from a single item through to an entire estate, applications and sites, and perform recovery operations with minimal downtime and data loss.
Five-part recovery plan
For organisations looking to update their disaster recovery plans or still basing recovery procedures on the previous evening’s backups, consider the following five-point plan:
- What do you consider to be an IT disaster? Everyone is different; a financial company will differ from a manufacturing organisation for example. In a complex environment, a single server failing could have the same impact as a catastrophic site outage for IT services. Any plan should also factor in data loss or corruption events, such as user error and cyber attacks – especially ransomware and DDoS attacks – with options allowing for rapid recovery of recent and aged data.
- With the rise of cloud applications and services, and businesses adopting a remote working approach, it’s likely your IT environment is spread over multiple sites, data centres and vendors. Don’t limit your disaster recovery plan to technology, recovery point objective (RPOs) and recovery time objective (RTOs) only. Be more holistic and factor in the external delivery of applications and services. As the workforce becomes more dispersed, the importance of user connectivity and access to corporate data must be included in your plan.
- When planning or implementing a new deployment of hardware, software or services, consider post-installation implications. How quickly can external applications and services come back online? Remember this is something out of your direct control, but with the potential to cause significant disruption. Check the vendor’s small print to see what it says about data, disaster and recovery, as their objectives may not necessarily align with yours?
- It is vital to ensure your disaster recovery policies are regularly maintained and kept up to date. It is easy for these to drift when focusing on other priorities and demands from users, particularly with a more dispersed workforce. If the business is regulated, as many are in finance, banking, pharmaceuticals and government, ensure the policy still adheres to relevant industry regulations.
- Run regular tests and ensure they are measured and approved. If there are any concerns run the test again as soon as viably possible. Consider the use of the cloud for a DRaaS platform, as these typically provide robust, regular testing paired with seamless access that mimics the normal day-to-day remote access familiar to users. Regular testing will mean your IT team is in a far more confident position to respond promptly and appropriately when disaster strikes.
For more information, visit: https://www.assurestor.com/