Disaster Recovery Planning: A successful framework for strategy and execution
 
							
						
The rise in cyber incidents is set to continue on its meteoric trajectory over the next decade. Ransomware attacks on a business, consumer, or a device are anticipated to take place every two seconds by 2031 -- a worrying escalation from every 11 seconds in 2021. And by 2025, damages are projected to reach a staggering $15 trillion annually, up from $3 trillion in 2015, according to Cybersecurity Ventures.
At the same time, users demand better performance and user experience year-after-year, and the subsequently increased threat landscape poses real challenges in connectivity and data security. 'Insider threat' also poses a considerable risk, with 80 percent of breaches involving privileged credentials misuse or abuse and malicious insider activity from recent employees.
In light of this, IT security professionals should aim to test their data protection solutions on a frequent basis to ensure they have the confidence required to successfully recover their apps and data should the need arise. But few are maintaining this level of prudence. In fact, in a recent survey of 150 IT decision makers from organizations across the US, just 50 percent were testing their disaster recovery (DR) capability annually or at less frequent intervals, while 7 percent did not test at all.
Given the considerable losses and criticality of resources at stake, how can IT security professionals put their best foot forward to ensure robust support systems for security monitoring, a solid back-end infrastructure, protection of essential data, and effective business continuity?
The key elements of a disaster recovery framework
In terms of best practice, complete DR planning extends well beyond infrastructure. A clear framework for goals, ongoing strategy, and execution are a critical part of the path forwards.
Planning -- "Practice how you perform"
DR planning should be a team effort and not the sole responsibility of the systems administrator. Businesses should identify critical systems as a foundation for its DR plan and establish a chronology for bringing data and applications back online. Therefore, organizations should fit their DR plan to what they need in the business and make sure everyone knows the recovery plan.
Testing
No matter the threat -- ransomware, human error, natural disaster -- in terms of DR best practice, undertaking testing and periodic test failovers is critical.
DR testing includes bringing applications into the cloud and ensuring that data and services are in a consistent state. It is also critical to ensure that test plans & documentation is continually updated -- with change being a constant within the IT space -- this is essential for success.
The more the IT team can ensure that documentation is accurate, the faster the organization's data and network can be restored.
Connectivity
Once data is actively restored, it is important to establish how the business is going to connect to essential applications and data. Whether it be via a site to site VPN solution, Client SSL VPN, or point-to-point connectivity, this is a critical part of the process of re-establishing access to critical systems.
Managed Disaster Recovery (DRaaS)
Incorporating a Managed Disaster Recovery solution into the plan ensures a backbone of solid assistance and expertise throughout the design, planning, implementation and recovery process. In terms of restoring data safely -- ensuring that the data is consistent, with no ransomware present -- primary environments may be infected but with cloud data protection, there is the capability to utilize checkpoints with extensive historical retention of data to ensure you can recover to time prior to the security incident. With self service testing capabilities, you can ensure that your IT and Security team validate the right point in time to recover to -- to ensure successful recovery of valid uninfected data.
DRaaS managed providers can also provide real time replication capabilities to ensure data loss is limited upon recovery, right down to the very second before initiating a failover. With a live cloud environment, networking configurations can be pre-defined to ensure seamless connectivity and end-user access. They can deliver the most up to date and clean restore, ensuring there are no lingering traces of ransomware remaining within the operating system.
They can also advise on the right technology and support to use for security monitoring, alerting and response.
The benefits of a comprehensive, well-tested DR solution
In summary, when a company has been infected with ransomware, has a natural disaster looming or is facing large-scale human error, a managed DRaaS company with considerable experience in DR strategies can advise on best practice and deliver a comprehensive and well-tested DR solution with wide reaching commercial benefits including offering complete protection of the entire site (not just business-critical applications), eliminating the costs of in-house resources and management, and ensuring the business is focused on revenue-generating activities.
Photo Credit: faithie/Shutterstock
Sam Woodcock is Senior Director of Cloud Strategy, iland, an 11:11 Systems Company.