Tag Archives: Disaster Recovery

Disaster Preparedness for Business Recovery

We are entering the seasons of storms (including hurricanes and tornadoes), wildfires and other possible disasters. Even a power outage of short duration can affect your business. What if you ship orders because of an interruption in your order processing service, for example? Or what about a bigger disaster, that takes your business out of operation for days or weeks? Read on to learn more about the importance of disaster preparedness for keeping your business running.

 

What a Disaster Recovery Plan is and Why You Need One 

 

Having a plan does seem obvious, doesn’t it? Yet many companies may not have one in place. A definition of a DRP is a structured document describing how your company can resolve data loss and get back to functionality during and after a disaster. Even a brief power outage that may seem like just an inconvenience can strongly impact your business. Downtime can be costly to your bottom line and to your reputation. 

 

Advantages of Having a Plan

 

A key benefit is knowing what to do when a disaster happens, and swinging into action immediately. What’s more, a plan will give you confidence, and give others like workers and customers confidence in you. Customers will know that you’re keeping their data safe from loss or compromise, because you’ve backed up that data. You’ll know how much to budget for recovery from disaster, and which systems need to be back up and running. 

 

Getting Started: Planning and Documentation

A conversation gets the ball rolling. Discussing what might happen in the event of a disaster, and what mission-critical systems need to resume first. What will happen first, and who will be responsible for making that happen? Who are your stakeholders, and what do they need from you? What data most needs to be protected, and how will it be safeguarded? What information will you provide, and what will be the messaging? The answers to these and other questions will give you the structure for your planning and documentation. 

 

Besides answering the above questions, your documented plan should include both recovery time objective (RTO) and recovery point objective (RPO) – two key metrics for preparedness. Recovery Time Objective refers to how much time can pass to get your systems back up and running, whereas the recovery point objective refers to the age of files to retrieve from backup storage. 

Working the Plan: Testing and Refining

 

Testing, done frequently and with practical exercises, will show how well your plan works, and also show “what you don’t know that you don’t know.” Going through scenarios and table-top exercises will point up unknown vulnerabilities, show what needs updating, and show whether key players know what to do. Information technology workers in particular will know about data protection strategy, and are vital to your efforts. Having tested your plan, you will know what changes are needed. Once the changes are made, testing can resume. 

 

Disaster recovery planning may seem overwhelming. Taken step by step, though, it is possible and your business can be on a sure footing. For more assistance, contact your trusted technology advisor today.

Getting Started with A Preparedness Plan

With the recent wildfires in Maui, disaster preparedness is (or should be) once again top of mind. Aside from the physical recovery of businesses, integrity of their data (the lifeblood of the business) is at stake. Even if you think you’re prepared, you may not be. Read on to learn more about where to start in your disaster recovery planning.

 

Consequences of Not Being Prepared

 

The disaster may be twofold, as discovered in Maui. Not only did brush fires start, but winds from Hurricane Dora blasted part of the island, resulting in an even worse catastrophe. Businesses and homes were burned to the ground, and work stopped. Do you know what your business would do during an outage, let alone a disaster like Hawaii’s? And why limit preparedness to major disasters? These days, anything can happen–even a worker unwittingly clicking on a link in a phishing email, giving away confidential information. Disasters can be big, or stem from small actions. Data can be lost or stolen, resulting in regulatory fines and loss of confidence in your business. Bad actors are always looking for ways to catch businesses off guard; the cyber damage can last even longer than physical damage. 

 

Where to Begin

 

Perhaps you’re overwhelmed by the process, wondering how to even get started. A good place to start is doing an audit of your current preparedness level. What systems, data and applications need to be up and running first, to keep your business operating? Which ones can be delayed a bit while you get your bearings? A thorough review of business-critical functions can show you where you have preparations in place and where you don’t. Where is your data stored, and what security procedures does your provider practice to keep the data from getting lost or stolen? 

 

Preparing a Plan – What to Consider

 

Agencies like the Small Business Administration (SBA) can help you formulate your plan, step by step. A good first step is auditing and updating contact information for everyone in the business, to assess their welfare in the case of a natural disaster. Consider also which applications you need to use immediately, such as email or file-sharing, to keep your business going during and after even a relatively small incident. Which data protection regulations does your company adhere to, and how do they address data loss? 

 

While getting started with (or refining) your company’s preparedness plan can be daunting, doing so will pay off. For help in designing a plan, contact your trusted technology advisor today

Disaster-Proof Your Business with a Business Continuity/Disaster Recovery Plan

As recent events like severe storms demonstrate, disasters will occur. But they needn’t sideline your business. Read more to find out about developing a plan to mitigate the effects of disasters on your company’s data and network. 

 

The Cost of Failing to Plan

 

The cost of downtime is $5,600 per minute! Multiply that out, and you could be paying hundreds of thousands or even millions for lost revenue, lost wages (or overtime when systems come back online), or fines for regulatory non-compliance. Even if unplanned downtime is just an hour, the cost is steep. The revenue you lose because your customers can’t purchase items on your website, and even missed deadlines for projects, can hurt your bottom line and your reputation with customers. Data breaches from cyberattacks can reduce your customers’ trust as well, and possibly result in fines for regulatory non-compliance. By not having a plan, you may waste valuable time because you don’t know what to do first. 

 

Developing a Business Continuity/Disaster Recovery Plan

 

A business continuity/disaster recovery plan is vital in protecting your company. The disaster recovery aspect deals with how your business will bounce back from a natural or manmade disaster.  How do you develop your plan? A good first step is assessing the current state of your network as well as the risks your company faces. Do your systems have any holes where malware can enter or places where data might become bottlenecked? Do you have redundancy/failover so that if one part of your network is down, another part can pick up the traffic? What about equipment you have on-premise–is it protected from overheating, a common cause of equipment failure? And what about cyber defense? Is your data backed up and safeguarded in the event of loss or intrusion? Finally, consider whether your employees are adequately trained and able to recognize (and stop) a potential phishing attempt. A robust plan will have provisions for infrastructure, systems, processes and personnel.

 

Keep Your Plan in Shape

 

Once you have a plan and implement it, testing will show how well it works. Staging mock events will show how workers act in the event of a cyberattack, and will show what they know (or don’t). Testing your plan will show what areas are strong and which need fixing. How quickly, for example, can data be retrieved from backup? Making detailed note of what goes well will help refine your plan and prepare you in case of an emergency.

 

Disasters come, but need not harm your business; having a plan is key. For guidance, contact your trusted technology advisor today. 

Disaster Recovery Plans Help Keep Your Business Going

Any time of year, a disaster can happen, disrupting business operations and even threatening your company itself. Statistics show that some small to medium-size businesses close after a disaster; even some of those that reopen may be out of business in a year. Having a plan for disaster recovery can help your business defy the statistics. Read on to learn more about preserving your company’s data, reputation and bottom line by having a disaster recovery plan in place.

 

Why You Need a Disaster Recovery Plan

 

A Disaster Recovery (DR) plan outlines how to protect your data and other technological assets during and after a disaster. Since data is the lifeblood of your business, a DR plan can make a difference between staying in business and having to close. In the shorter term, it can save you money that you might lose from an unacceptable amount of downtime. Costs can escalate to $100,000 per hour from an infrastructure failure, and a critical application failure can cost up to $1 million. Aside from financial damage, a data breach resulting from a disaster can cost a business its reputation. Apart from cyber threats that affect any organization, your location may be subject to natural hazards like fires, floods or earthquakes. Even equipment failures resulting in unacceptable downtime can be costly. 

 

Disaster Recovery is Part of an Overall Business Continuity Plan

 

While a Business Continuity (BC) is an overall plan for keeping your business going during and after a disaster, a Disaster Recovery plan deals with protecting your company’s data from loss and compromise. It’s a part of your overall BC plan, following from and supporting it, yet is distinct. A Business Impact Analysis is a good first step, helping you assess how much data you keep, which of it is mission-critical, and what data protection regulations apply. What is the least amount of downtime you can risk before experiencing unacceptable consequences (recovery point objective) and how long will it take to recover (recovery time objective)?

 

Risk analysis is just like it sounds, assessing which natural hazards can affect your area and what cyber threats exist both internally and externally. What if people have to work remotely, and how does that impact data protection? A big part of disaster recovery involves backup and failover, where you keep original data and how quickly your company can access it. The 3-2-1 rule applies–keep three copies of your data in two places, one of which is offsite. 

 

How Disaster Recovery as a Service Can Help

 

One key advantage to contracting with a cloud service provider is that they provide the infrastructure allowing you to back up data for failover, with reduced cost to you. Even with these benefits, you also need to ask about the provider’s reliability in meeting metrics like RPOs, RTOs, and others. Is their network robust enough to handle the needs of other clients dealing with a disaster at the same time? What’s more, your provider should be following the same data protection regulations that require your compliance.

 

As a subset of your Business Continuity plan, a disaster recovery plan helps protect your data from loss, theft or compromise. For help developing or fine-tuning your plan, contact your trusted technology advisor today.

Understanding Disaster Recovery

What would your company do when faced with a disaster? For example, what would happen if a fire damaged your physical headquarters? And what if a cyberattack compromised your network with its data and applications? Even a short power outage can impact your company’s business operations. Read on to learn more about how a disaster recovery plan can help you protect your company’s technology assets and recover from a disaster.

 

The Importance of a Disaster Recovery Plan

 

Having a detailed disaster recovery plan (DR) for how to proceed during a disaster can make the difference in how well your company recovers, helping you avoid costly downtime and even fines for failure to comply with industry regulations. With this detailed, written plan in effect, your company can stay running, or get back to running, as soon as possible–protecting you from the loss of revenue and reputation resulting from an extended outage or data breach.

 

Key Metrics for a Disaster Recovery Plan

 

According to an article from CompTIA, two key metrics will help you draw up a plan to recover from a disaster, either natural or man-made. The Recovery Point Objective (RPO) defines how much data or service time can be lost before consequences become unacceptable. This objective should be considered ahead of time. For example, what outage duration is acceptable before legal and financial consequences become a reality? How much data can you afford to risk losing? The RPO will determine how often you backup your data, for instance. As far as data goes, what is mission-critical and what can you back up less frequently? With data, sometimes minutes matter, otherwise daily backups are ok. While related to RPO, Recovery Time Objective (RTO) sets the clock once an incident occurs. Do you know what procedures to follow in the event of a cyber attack or other data loss, to get the system back up? These two metrics both have bearing on issues like regulatory compliance, financial cost of loss of data and/or services, and cost of solutions to any problems resulting from a disaster.

 

A disaster recovery plan, carefully considered and executed, can make a difference in your company’s ability to bounce back after a natural, technological or man-made disaster. For help with your plan, contact us today.

The Importance of Data Protection in Business Continuity and Disaster Recovery

In the last week, two earthquakes have shaken southern California, alerting us to the need to have our businesses prepared for a disaster, whether natural or manmade. Not only can fires, floods and earthquakes cause business interruptions, but so can systems failures, human error, malware and ransomware attacks. It’s never too soon to evaluate what needs to be done to prepare your business for a disaster. And a disaster doesn’t have to be large-scale; a power outage of an hour or two can be enough to stall business operations. Read on to learn about the most important things to do before an emergency

Make Data Protection a Key Part of Business Continuity

Data is the lifeblood of many businesses, its loss or compromise affecting their ability to do business. Data is needed for transactions and communications, among other functions, and even a short period of downtime can have a potentially disastrous impact on revenue and reputation. When considering the data protection aspect of your business continuity plan, focus on your mission-critical data and applications. What do you need in order to stay in business during a disaster, or recover afterward? Perhaps it’s customer records, or an in-house research database. Be sure to get mission-critical data backed up first, so your business can continue operating. Make sure there is failover—when one network backbone falters, another picks up the slack.  

Different Methods Can Achieve the Same Goal

While the ultimate goal is to remain in business without compromise of revenue or reputation, different methods exist to realize this goal. However, one common thread is the idea of storing data offsite, in the cloud or in geographically diverse data centers. Throughout the working day, “snapshots” can be taken of business activity, and copies placed in these data centers, which adds an extra layer of security. Software-defined wide area networks (SD-WAN) are another good option, with multiple carriers providing redundancy and reliability. Finally, storing data in the cloud can help you access it in case you can’t get physical access to your office. Many tools exist for helping minimize the impact of a disaster.

Instead of waiting for a disaster to slow or stop your business operations, learn how protecting your data can keep your business running during and after a disaster. To evaluate your preparedness and make strides toward business continuity, contact your technology advisor today.

How Much Downtime Can You Survive Without a Business Continuity and Disaster Recovery Plan?

With disasters–natural and manmade–in the news, preparedness in the form of a business continuity plan is vital. Disaster recovery, or the ability of a business to continue running during and after a disaster, is a key part of business continuity. Read on to learn more about developing a plan to keep your business operating even when things go wrong.

The Importance of Being Prepared During a Disaster Recovery Scenario

According to an article by CompTIA, 40% of businesses do not reopen after a disaster. A quarter (25%) of unprepared businesses fail within one year. A disaster recovery (DR) plan enables businesses to respond, not just react, in the event of a disaster. It is a subset of an overall plan, and has to do with immediate access to systems and applications–and their associated data. The company can stay in business, without loss of revenue or reputation.

Creating a BC/DR Plan: Questions to Consider

The first question to consider in developing a DR plan is determining which systems are mission-critical, most crucial to conducting business. Some, such as communications, important applications and data storage, are the most essential; others can wait until the disaster is over. How much downtime can your business handle, without loss of revenue or reputation? With regard to data storage, consider whether it should be kept on-premises or be stored remotely in a data center. Is the network redundant; that is, if one section goes down, can another take up the load in its place? For data storage, the cloud can also be a good option, and using the cloud has become a trend in recent years. Of course, whether your business chooses a public or private cloud depends on whether it is subject to data protection regulations.

Testing Your Disaster Recovery Plan

Once your disaster recovery plan has been developed and implemented, be sure to test your procedures periodically. Testing’s benefit is to learn how your systems will function, and discover if any bottlenecks exist or if any data is corrupted or lost. Problems can be found and solved before a real disaster happens.

Problems come in all shapes and form; fire, weather, cyber attack, systems failure & human error to list a few. It is not a matter of if a problem will occur, but when. It’s never too early to develop a plan to help your business recover from a disaster, whether natural or man-made. Contact your technology advisor today to get started.

Planning for Disaster Recovery

We hear in the news every day about natural disasters such as fires, floods, storms and even earthquakes, and know the damage they cause. But what about the potential consequences for your business? What if your business stays closed for a period of time, and loses revenue because your information systems are unavailable? Or if a cyberattack occurs that results in a data breach that compromises your business’s reputation? Read on to learn more about how to make a disaster recovery and business continuity plan.

The Importance of Having a Plan

Disaster Recovery and Business Continuity consists of processes used to prepare for disruptive events, whether natural or man-made. Having a plan will help you know what to do and how to do it in events that can result in downtime for your business. Your plan can prevent loss of revenue, as well as loss of reputation. It can even help keep your business in business.

Assessing Your Risks

Think first of your mission-critical applications–your phone system, email system and maybe even processing orders. Consider how much downtime you can risk, having these systems out of commission. Tabulate  potential overhead, loss of employee wages and revenue over the course of hours, days or weeks. Systems needing to take priority are the ones that keep your business running smoothly, keeping revenue flowing and employees productive. Other applications, including shared files, can be backed up and retrieved.  Along with mitigating financial risk, a plan can guard against potential damage to your business’s reputation resulting from a data breach, or being unavailable in the event of a natural disaster.

Implement, Test and Monitor Your Plan

Once you know your risks, you can find a plan with solutions in line with your goals. One issue in implementation is making sure you have alternate systems of backup in case one system fails. Make sure to have this redundancy built into your plan. Before your plan even “goes live,” test it for restoration and recovery processes. Monitor your backup on an ongoing basis, to find and correct problems as they occur. Don’t forget the human element, and educate your employees on how to respond in a disaster scenario.

Having a plan in place can make all the difference for your business. Contact your technology advisor today to help evaluate your risks and get prepared.

Disaster Recovery and Data Protection –Now More Than Ever

Disaster Recovery PlanRecent Hurricanes Harvey and Irma, along with major earthquakes in Mexico, remind us how vulnerable we can be to disasters, and underscore the importance of data protection. As businesses depend on access to a range of systems–including call center, communications and collaboration application, customer management, and more–having a solid data protection plan can help you in a disaster recovery scenario. Now more than ever, a range of options exist to help maintain business continuity. Here are a few options to consider.

 

Review Your Data Protection Plan

Key to your data protection plan is identification of mission-critical systems. The most important systems should be redundant, with the ability for failover in the event of a disaster. Your data centers and failover options should be geographically dispersed and on different network backbones. This can minimize downtime and get you back up and running sooner. Having your data backup available in Cloud Storage can help you recover other important files and application data if you lose access to your on-premise systems.

SD-WAN for Business Continuity

Software-defined wide area networks (SD-WAN) can also provide you a highly reliable and redundant network. Having the ability to switch Wide Area Networks using SD-WAN as an alternative to more costly MPLS solutions can ensure connectivity during a natural disaster. What’s more, Software-Defined Wide Area Networking can save you money in the long run by giving you the flexibility of a multi-carrier solution.

Software as a Service for Disaster Recovery

More businesses are turning to the Cloud for a range of applications–hosted email, Voice over IP (VoIP), Call Center, and others–to keep communications flowing during a disaster. Using Software as a Service (SaaS) for these important communications and collaborations applications keeps your employees, customers and business partners connected even when you are unable to gain physical access to your facilities. Having these applications in the Cloud can help you ensure everyone on your team is present and accounted for.

Don’t wait until a disaster strikes to review your data protection and disaster recovery plans.  Contact your technology advisor today if you are unsure how well you will weather the storm.

Can A Business Continuity Plan Save Your Reputation?

Reputation Management is a hot topic in the boardroom these days. Having a solid business continuity plan could make or break your company’s ability to survive a data breach or other systems failure that could tarnish your hard-earned reputation. Company news about data loss, systems downtime and other unplanned interruptions occur with regularity. According to technology research firm Gartner, a business that has a catastrophic data event has a two-year survival rate of just 6%. Surprisingly, your company can avoid these scenarios by having a solid BC/DR Plan. It is no surprise that recent research by MarketsandMarkets forecasts the spend on DR as a Service (DRaaS) to grow from $1.68 Billion in 2017 in revenue to $11.11 Billion by 2020. Read on to find out how a Business Continuity Plan could save your business.

Understand Your Business Continuity Risk and Exposure

A great place to start with Business Continuity planning is a review of your company policies and procedures. Your business continuity policies should — in addition to identifying the technical standards for managing your company’s applications, data, and related infrastructure — should identify acceptable risk, what your employees will do in a disaster recovery scenario, and identify any compliance requirements. It is important to understand what information is most important and to consider the risks of suffering a data loss. What would be the impact to your revenue, productivity and reputation? If you could not access your information, or it was subject to data breach, how may that impact your customers’ trust and your business’s reputation?

An Ounce of Planning is Worth a Pound of Cure

Ensure you have a solid data protection plan. Ask yourself; how often is your data backed up, how fast could you recover if needed, who are the stakeholders and how would you communicate with them if you suffered a data loss? Another consideration is your Recovery Time Objective (RTO). Your RTO is how long it will take to restore your data. The size of your data and backup methodologies can impact how long recovery may take. Your network may also be a factor in how quickly you can get up and running. Network bottlenecks can turn a routine restore into a never-ending project. Make sure your network is robust enough to meet your Recovery Time Objectives. Also, remember to train your employees on how to avoid malware and phishing schemes. Last but not least, test your backups regularly to ensure data integrity.


Proactive Communications and Rapid Recovery are Critical

If you find yourself in a situation where your data has been compromised, most experts agree you should respond quickly and proactively. As of last count, the United States had 48 state data breach notification laws to comply with. Many countries around the world have various data protection breach notification laws as well. The EU is in the process of implementing The General Data Protection Regulation (GDPR), which establishes data protection guidelines for its citizens’ information.

Having a Business Continuity plan could save your business. Being able to rapidly respond in a disaster recovery scenario is a critical element of survival. Not only will it help you get back up and running quickly, you will avoid unnecessary fines and protect your company’s reputation. If you feel your business would benefit from a risk assessment, contact your technology advisor today.