A shadow looms over the New York City landscape – the tsunami and impending super-storm that Dennis Quaid and Jake Gyllenhaal had warned humanity about is set to engulf civilization as we know it. Or perhaps it’s the asteroid that Bruce Willis and his team take on singlehandedly to prevent from wiping out existence. How about a massive spaceship that only the flight skills of Will Smith and the inexplicable knowledge of alien technology that Jeff Goldblum possesses can stop?
When we hear “disaster” we instantly think about a cataclysmic event akin to the plot of our favorite world-ending flick. In reality, disaster can strike much closer to home, with very real and tangible consequences and losses. This is where Disaster Recovery comes in, as a way of mitigating what the business equivalent of an asteroid, or alien attack, may encompass.
Unlike lens flare in a JJ Abrams movie, loss of data can definitely be prevented. By taking the proper steps, educating yourselves with the proper materials, and coordinating with all parties involved, you can rest easy at night knowing that your data and business models are safe and sound. What proper steps might these be you ask?
- Know what your critical business functions are. While many people would love to be able have their entire organization functional at 100% at the drop of a dime, this is not always a possible scenario – budgets, time constraints, and the extent of the disaster at hand all play a part. Know what parts of your business absolutely need to be up ASAP, and you will know what you need to prioritize in the event of an emergency. Once you have critical business functions and workflow functional, you can worry about the rest – you already have less weight on your shoulders knowing your business is continuing to run.
- Create a plan to bring up prioritized business functions. How is everything being backed up and replicated? Make sure you have a plan that addresses all points of continuity in your business – interaction between each individual component of your environment is just as important as getting access to data back. Your SQL server will not be too helpful if your front-end application server is down. Your files may be accessible from within your disaster recovery environment, but if none of your employees can access them to work they’re useless. Make sure you not only have a plan on getting back the devices themselves, but also the workflows associated with them.
- Thoroughly test your disaster recovery plan. I wish I could repeat this one several times on this page. Your plan is only as strong as its weakest link, and the only way you’ll be truly ready in the event of an emergency is if you consistently and constantly test your DR plan. Upgrading your environment? Test it. Bringing in a third-party to do an audit and assessment? Test it. Your “number of days since last incident” sign reached 3 digits? Test it. Feeling bored? Test it.
- Educate your users. When disaster strikes, do you want to be taking care of bringing your business back online, or trying to juggle employees who don’t know what page to log in from, why their accounts aren’t loading as quickly, what happened to their desktop, why are all their mission critical files they saved on their local drive on their computer in the office not accessible, etc.? These are all issues employees need to be trained on so as to facilitate as smooth and painless as possible transition into a disaster recovery scenario. What good is bringing up your business workflows when your users don’t know how to access them?
- Keep up to date with Security. Not all disasters strike as a server crashing or an office losing power. As the recent breach of over 100TB of data in Sony has proven to us, as well as the constantly evolving security holes and breaches in the cyber world, security is paramount and is becoming a far more potent force in the world of business and technology. Don’t think that securing yourself from the outside is enough, either – as a very popularly cited study in 2004 in England showed that over 70% of people would reveal their computer password for a bar of chocolate. A proper implementation of antivirus, antimalware, password and file lockdown policies, and penetration tests help mitigate these breaches. Make sure your business is staying ahead of the curve by staying ahead of cyber threats – don’t be afraid to implement multi-factor authentication, stringent computer lockdown policies (no usb drive access, no local admin rights, etc.), and DLP (data loss prevention) technologies.
- Thoroughly test your disaster recovery plan. Seriously, test it.
Disaster Recovery is a term that’s thrown about constantly now, however it all boils down to the same principle – you want your business to continue running, and so do we. Don’t let your business and infrastructure become just another prop in a Michael Bay movie.
By: Danil Panache