Worldnet Technology Solutions

Convergence Is Cloud Computing

How to Improve Disaster Recovery Performance

by

shutterstock_52421020As the use of and dependence upon technology grows, network attacks have become more sophisticated. Indeed, perimeter defenses like firewalls and antivirus, no matter how layered, offer little protection against savvy cyber criminals intent on breaching network security. Anticipating an attack has become an inevitability for most companies. Building an effective disaster recovery (DR) strategy is necessary for operating securely in today’s connected marketplace.

An effective DR solution includes comprehensive risk management policies and incident response performances that are designed to mitigate the severity of an attack. By examining some common incident response failures, companies can better orchestrate their DR policies and meet the security challenges of tomorrow.

Poor Network Visibility

Without a clear understanding of the current IT environment, it’s impossible to adequately prepare a DR plan. The most important aspect of security involves knowing exactly what traffic is moving through the business network, where it originated, and which hardware it contacts. Without complete visibility, there’s no way to respond to possible threats.

Many DR plans call for the immediate isolation of an affected machine. However, unless the business is able to clearly identify lateral movement within the network, an eventual data breach could be forthcoming.

In order to proactively prevent an attack from escalating, companies must deploy web proxies and advanced firewalls that are designed to log, collect, analyze, and store interactions. Essentially, these technologies create an audit trail that can be utilized to address the threat and provide long-term actionable information.

Understaffing

Companies need a dedicated IT staff of experienced, competent personnel who can interpret and identify the information generated by these technologies. The advantage of employing IT professionals who understand the specific business network intimately is significant. Disaster response personnel should be able to communicate appropriate incident responses with each business department while keeping their attention solely dedicated to DR.

Budgeting Constraints

In many cases, an underfunded DR plan isn’t the result of a lack of available funding; it’s due to a lack of communication. DR personnel must be able to express their needs in a way that is relevant to the business’s success and profitability, stressing statistical information concerning repercussions created by a massive data breach (including both tangible and intangible consequences).

A business should develop standard IT security reports that can be delivered to various department managers and executives. These reports should include areas that are satisfactory as well as those that represent serious gaps in security that need to be addressed.

Comprehensive Risk Assessment

Any DR plan should address critical aspects first. The best way to ascertain specific business risks is to generate a comprehensive risk assessment and then use it to orchestrate explicit incident response levels. Companies should tailor responder access in relation to the risk management assessment so that key personnel have the ability to make infrastructure alterations without having to wait for authorization.

Companies can improve their DR performances by examining previous incident responses and equipping their internal IT support with the tools required to mitigate threats. Moreover, conducting a complete incident investigation in the wake of a disaster often helps illuminate gaps and provide key intelligence for future responses.

Understanding the Basics of Business Continuity Plans

by

shutterstock_167173277Many businesses understand the need for a disaster recovery (DR) plan. Restoring operations after a disruptive event such as a power outage or a natural disaster is a critical business process required to sustain success. However, DR plans frequently fail to create a comprehensive risk management structure. Gaps leave certain aspects vulnerable after a major business interruption. But businesses can develop heightened protocols by including a business continuity (BC) plan that complements their DR plan, generally referred to as DR/BC.

While DR plans typically address issues related to communication and facilities recovery, BC plans provide more actionable procedures that are designed to sustain revenue-earning activities in the event of a disruption. BC plans provide contingency mitigations for natural disasters as well as problems related to key personnel absences and supply chain issues with vendors or logistics/warehouse providers and other business partners who experience operational difficulties.

Getting Started

Building a comprehensive strategy for BC is much like the process for developing a DR plan. The key is to establish communication as well as backup solutions for physical locations, IT, and human resources. The first step requires conducting a business impact analysis (BIA).

Businesses should identify the systems and resources (including employees) that are critical for generating revenue and the subsequent effects an outage would have on each. For example, an investment company might elect to establish a backup location with complete IT redundancy so that trading could continue immediately in the event of a disruption. A BIA will help establish a restoration sequence that restores operations in order of importance.

Developing a BC Plan

Business continuity plans should cover these critical aspects:

  • contingency personnel plans for executives and the CEO, CIO, and other chief officers;
    emergency training for all staff;
  • off-site emergency management/operations locations that pull power and utilities from an alternate grid source;
  • proper live-action tests to pinpoint weak areas;
  • comprehensive hardware backup that includes data centers (DC), servers, and laptops that store critical information;
  • emergency goods like meals ready to eat (MREs), paper products, and water supplies in case employees are trapped at work; and
  • alternative transportation plans.

A comprehensive DR model that includes BC aspects should outline recovery time objectives for systems and applications, documents, and facilities that will allow the business to continue operations after a disruption.

Utilizing Technology and Risk Assessments

Building BC contingencies is easier with increased virtualization. There are fewer devices to track and a smaller DC footprint so failover capabilities are simplified. Cost feasibility can be determined through the financial portion of the BIA, which allows businesses to make informed implementation decisions for their DR/BC plan.

Record a written form of the BC plan in a secure, redundant data center and ascertain risks in the following areas:

  • information,
  • communication infrastructure,
  • access and authorization,
  • physical operational environment, and
  • internal and external communications.

Many cloud service, telecom, and colocation providers offer evaluations on current DR plans and provide directional measures that help businesses create comprehensive BC supplements. However, the most important factor is preparation. Businesses shouldn’t ignore the need to develop a BC plan; the best time to address emergency tactics is before they are actually needed.

The Importance of Business Continuity in the Face of Extreme Weather

by

shutterstock_166554770Given the recent spate of extreme weather throughout the country, now is as good a time as any for IT professionals to reflect on data protection. Unpredictability is Mother Nature’s status quo, but it’s up to the IT personnel to anticipate and address severe weather events and how they’ll affect business continuity.

The Keys to Swift Recovery

Even in areas that rarely suffer from severe weather patterns, it’s important to maintain a means for protecting and recovering critical data under extreme weather circumstances. By having a comprehensive business continuity plan in place, IT teams can confidently face bouts of extreme weather that would otherwise disrupt business operations and leave the unprepared scrambling.

Comprehensive disaster planning and testing are two important factors for maintaining business continuity. The following describes the basic steps necessary for assuring a successful and swift recovery from weather-related data losses:

  • Identify potential storms that could impact operations (winter snowstorms, tornadoes, hurricanes, etc.)
  • Estimate the time required for a full data restoration
  • Prioritize critical recovery tasks
  • Choose between file restoration, local virtualization, or off-site virtualization for disaster recovery (DR)

When choosing between file restoration, local virtualization, or off-site virtualization, IT professionals should consider the pros and cons of each DR option. It’s also important to know whether reinstating certain priority files or applications would take precedence over other restoration tasks.

Redundancy is also a key part of the recovery process. Ideally, businesses should invest in DR plans that offer multiple layers of redundancy. The purpose-built DR environments offered by managed service providers (MSPs) feature robust redundancy measures, reducing the level of risk and uncertainty that often comes with the data recovery process.

Small- and medium-sized businesses that rely on third-party cloud apps for collaborative efforts may want to rethink the security and continuity of their data. Organizations that rely heavily on these apps must also accept the risk of accidental deletion or data corruption. In addition, some apps may be lacking in protective redundancy.

Post-Recovery Tasks

For IT teams, the post-recovery period should be a time for checking and double-checking the user experience prior to bringing everything back online. IT personnel should check in with users to verify that they can properly access resources and applications from the virtual environment. Certain data protection technologies also utilize screenshot verification to ensure everything interacts in a safe and secure manner.

Businesses should also consider what conditions may be like on the following day and even several days afterwards. For example, severe snowstorms can leave both major and minor roads impassable, making it nearly impossible for off-site staff to facilitate recovery efforts. As part of a comprehensive business continuity plan, businesses may arrange for key staff to remain on location overnight, arrange for remote staff access, and/or verify 24-hour vendor support availability.

Having a business continuity plan in place could mean the difference between a minor inconvenience and a major event that could cost thousands of dollars in downtime costs. IT teams should also run drills to keep everyone up to speed on their roles in the DR process.

Follow Us

We know the way.