Disaster recovery planning is something organisations don't fully appreciate until disaster actually strikes. Any organisation that underestimates the importance of preparation may find it has some mighty big holes in its data protection strategy when disaster finally hits.
By then, it may be too late. Look no further than the MyBizHomePage fiasco for proof.
Once upon a time valued at $100 million, MyBizHomePage was a promising internet start-up that offered a platform designed to help small businesses manage their financial data online. Internal turmoil prompted a rather dramatic twist of fate.
The company suffered a massive data security breach, a targeted attack orchestrated by former executives. Backups containing critical data were destroyed in the breach, creating monumental challenges on the recovery end. Despite attempts at a rebound, MyBizHomePage was left with no choice but to file bankruptcy and close its doors for good.
Be it a natural disaster or man-made mishap, it shouldn't take a close call to realise that one catastrophe could turn a business's whole world upside down. Here are five proven tactics to help safeguard data through fire, flood or cyber attack.
1. Expect the unexpected
Data protection is as much about protecting information from the unknown as it is about shielding against anticipated threats. Even if the mix of encryption, antivirus software and physical security does its job of keeping the bad guys out, it becomes less effective as the disaster landscape expands.
We need to back up important data and have a reliable means of restoring it if stuff hits the fan. Disaster recovery should be the focal point of any data protection strategy. It's the key to ensuring business continuity in the face of security threats, hardware failure, natural catastrophes and human error.
2. Know what's important
IT took the time to back it up, so of course they want to protect company data from harm. With that said, protecting every single file can become cost prohibitive when figuring the cost of data storage and storage management into the equation. The costs are why it pays to take a more selective approach to data protection.
An example would be organising data assets by the mission-critical data required to operate on a day-to-day basis-followed by the data that staff might be able to live without for a couple of days, and so forth. Through priority, it is possible to streamline both the recovery and retention aspects of a data protection plan.
3. Realistic retention
Some firms may still be sitting data collected some 10, maybe even 15 years ago. Does it hold the same value it did way back then? Mandated regulations are a obviously a big factor, but the relevance of data changes over time, and knowing how to manage its life cycle is crucial.
As the process moves along, management will decide what gets backed up immediately and what requires longer-term storage, and determine where exactly to stash it all. Identifying the data that needs to be actively managed can help IT to spend wisely in the storage department as well as enable the best possible security measures.
4. Designate a safe haven
Where an organisation's data is stored is just as important as what is kept and how long management decides to keep it around. Having a secondary site to recover from and shift operations to is highly recommended, but if the offsite facility is situated a few miles down the road, it can be just as vulnerable as the primary data centre. In order to maximise data protection, a backup site should be located beyond the reach of natural disasters that could affect the main facility, yet it should provide easy access to execute recovery operations.
5. Keep testing!
The only thing more frustrating than enduring a disaster is a failed attempt at recovery. Testing is the final piece of the data protection puzzle. Through a combination of simulated attacks and recovery drills, IT will make sure that data is truly protected and can be recovered after a ransomware infection, system failure or natural disaster.
Commit to extensively testing the DR plan at least twice a year to uncover any weaknesses or problems that may arise when it really needs to be executed. Better find flaws during a test-because when disaster strikes, there will be to no room for error.