Worldnet Technology Solutions

Convergence Is Cloud Computing

How to Improve Disaster Recovery Performance

by

shutterstock_52421020As the use of and dependence upon technology grows, network attacks have become more sophisticated. Indeed, perimeter defenses like firewalls and antivirus, no matter how layered, offer little protection against savvy cyber criminals intent on breaching network security. Anticipating an attack has become an inevitability for most companies. Building an effective disaster recovery (DR) strategy is necessary for operating securely in today’s connected marketplace.

An effective DR solution includes comprehensive risk management policies and incident response performances that are designed to mitigate the severity of an attack. By examining some common incident response failures, companies can better orchestrate their DR policies and meet the security challenges of tomorrow.

Poor Network Visibility

Without a clear understanding of the current IT environment, it’s impossible to adequately prepare a DR plan. The most important aspect of security involves knowing exactly what traffic is moving through the business network, where it originated, and which hardware it contacts. Without complete visibility, there’s no way to respond to possible threats.

Many DR plans call for the immediate isolation of an affected machine. However, unless the business is able to clearly identify lateral movement within the network, an eventual data breach could be forthcoming.

In order to proactively prevent an attack from escalating, companies must deploy web proxies and advanced firewalls that are designed to log, collect, analyze, and store interactions. Essentially, these technologies create an audit trail that can be utilized to address the threat and provide long-term actionable information.

Understaffing

Companies need a dedicated IT staff of experienced, competent personnel who can interpret and identify the information generated by these technologies. The advantage of employing IT professionals who understand the specific business network intimately is significant. Disaster response personnel should be able to communicate appropriate incident responses with each business department while keeping their attention solely dedicated to DR.

Budgeting Constraints

In many cases, an underfunded DR plan isn’t the result of a lack of available funding; it’s due to a lack of communication. DR personnel must be able to express their needs in a way that is relevant to the business’s success and profitability, stressing statistical information concerning repercussions created by a massive data breach (including both tangible and intangible consequences).

A business should develop standard IT security reports that can be delivered to various department managers and executives. These reports should include areas that are satisfactory as well as those that represent serious gaps in security that need to be addressed.

Comprehensive Risk Assessment

Any DR plan should address critical aspects first. The best way to ascertain specific business risks is to generate a comprehensive risk assessment and then use it to orchestrate explicit incident response levels. Companies should tailor responder access in relation to the risk management assessment so that key personnel have the ability to make infrastructure alterations without having to wait for authorization.

Companies can improve their DR performances by examining previous incident responses and equipping their internal IT support with the tools required to mitigate threats. Moreover, conducting a complete incident investigation in the wake of a disaster often helps illuminate gaps and provide key intelligence for future responses.

Understanding the Basics of Business Continuity Plans

by

shutterstock_167173277Many businesses understand the need for a disaster recovery (DR) plan. Restoring operations after a disruptive event such as a power outage or a natural disaster is a critical business process required to sustain success. However, DR plans frequently fail to create a comprehensive risk management structure. Gaps leave certain aspects vulnerable after a major business interruption. But businesses can develop heightened protocols by including a business continuity (BC) plan that complements their DR plan, generally referred to as DR/BC.

While DR plans typically address issues related to communication and facilities recovery, BC plans provide more actionable procedures that are designed to sustain revenue-earning activities in the event of a disruption. BC plans provide contingency mitigations for natural disasters as well as problems related to key personnel absences and supply chain issues with vendors or logistics/warehouse providers and other business partners who experience operational difficulties.

Getting Started

Building a comprehensive strategy for BC is much like the process for developing a DR plan. The key is to establish communication as well as backup solutions for physical locations, IT, and human resources. The first step requires conducting a business impact analysis (BIA).

Businesses should identify the systems and resources (including employees) that are critical for generating revenue and the subsequent effects an outage would have on each. For example, an investment company might elect to establish a backup location with complete IT redundancy so that trading could continue immediately in the event of a disruption. A BIA will help establish a restoration sequence that restores operations in order of importance.

Developing a BC Plan

Business continuity plans should cover these critical aspects:

  • contingency personnel plans for executives and the CEO, CIO, and other chief officers;
    emergency training for all staff;
  • off-site emergency management/operations locations that pull power and utilities from an alternate grid source;
  • proper live-action tests to pinpoint weak areas;
  • comprehensive hardware backup that includes data centers (DC), servers, and laptops that store critical information;
  • emergency goods like meals ready to eat (MREs), paper products, and water supplies in case employees are trapped at work; and
  • alternative transportation plans.

A comprehensive DR model that includes BC aspects should outline recovery time objectives for systems and applications, documents, and facilities that will allow the business to continue operations after a disruption.

Utilizing Technology and Risk Assessments

Building BC contingencies is easier with increased virtualization. There are fewer devices to track and a smaller DC footprint so failover capabilities are simplified. Cost feasibility can be determined through the financial portion of the BIA, which allows businesses to make informed implementation decisions for their DR/BC plan.

Record a written form of the BC plan in a secure, redundant data center and ascertain risks in the following areas:

  • information,
  • communication infrastructure,
  • access and authorization,
  • physical operational environment, and
  • internal and external communications.

Many cloud service, telecom, and colocation providers offer evaluations on current DR plans and provide directional measures that help businesses create comprehensive BC supplements. However, the most important factor is preparation. Businesses shouldn’t ignore the need to develop a BC plan; the best time to address emergency tactics is before they are actually needed.

Follow Us

We know the way.