Disasters take many forms. Fire or floods make headlines and have enormous impact - however it's the common, everyday actions that are the most likely to strike at the heart of your business. Accidental (or malicious) data deletion, accidents to hardware and poor security are the daily disasters just waiting to happen.
It's indoors, not outdoors, that the biggest threat to your business continuity lies.
Catastrophe has struck. If you're one of the 60% of today's businesses who ship backup tapes offsite, you're now scrambling to retrieve those copies. Once back in the building, you'll need to ingest the data to your backup server…. restore data and applications to your primary servers… and you're up and running again. Sometimes, after considerable downtime.
Alternatives to tape backups include replicating data to a secondary site, mirroring the data centre. It's a pricey option, requiring not just a secondary data centre facility, but also additional sets of identical servers, storage, switches and software etc.
The advent of hybrid cloud solutions offers a combination of on-prem and off-prem disaster recovery-as-a-service models. Data is deduplicated and compressed, and backed up locally. The off-prem element is provided on a subscription basis, often eliminating many operational responsibilities.
Being prepared means having a solid business continuity and disaster recovery plan. Fundamental issues to consider include how quickly your business would need to recover from an incident, and how much data loss is acceptable. This dictates what preparations are needed, and how much budget needs to be set aside.
One Size Doesn’t Fit All
Which are the applications that are driving your business, generating revenue or are key to staying operational? Mission-critical, business-critical and non-critical applications will vary across your organisation, you'll have applications with differing service level agreements and potentially different requirements for their recovery objectives. Ranking your applications and services helps identify the impact of relevant incidents, so a suitable solution can be designed, addressing two key criteria:
- Recovery Time Objective (RTO). This is the target time you set for normal operations to be restored after an incident occurs
- Recovery Point Objective (RPO). This focuses on the data your business could lose after an incident, and setting a limit, measured in time.
In an ideal world, both RTO and RPO would be as little as possible - but this could incur a cost that's outweighed by the potential benefit. .
You'll be used to regular fire drills, so should there be a real event, everyone knows where they go, what they do (and what they do not do), and what they are responsible for. A disaster recovery strategy requires the same approach. Regular testing of each of the processes and procedures ensures the plan is fit for purpose, and highlights any updates required as the business environment changes.
Backup & DR Knowledge
Home Working - Can You Collaborate?
#3 Connectivity and Support at Home
Working from home is now an everyday reality for many of our customers and network issues can be a challenge
As schools have now closed and other businesses have also sent people home, many home workers are struggling with ensuring they can run their real-time work apps such as Voice and Video conferencing without interference from other people, who are also working from home or using other online content
A Hackers Guide to Remote Working
Remote working for a hacker is brilliant, and not in the sense that they can work from home in a dark room wearing a hoodie. But because remote working means that a business is intentionally giving a path into the internal network that could potentially be accessed by anyone on the internet. This blog post covers some of the things that we have encountered across the team over the years.
#2 Your Cyber Security
If you are allowing devices to connect from people’s houses – it's possible that these networks have already been compromised by hackers or will be in the future. Implementing two-factor authentication, where another device like a mobile phone is used for extra security is the most important security measure that can be applied to systems.
#1 Your Telephony
As the Covid-19 situation looks set to escalate, there's a lot to think about to keep your business running. Last week we shared the Top 10 areas we've focused on to ensure our own business continuity.
From today, we'll be going into these in more detail, setting out what we've learnt and offering specific guidance and support. Let's start with telephony.
About six months ago, with the slow death rattles of the exquisite Empire C2 drawing near, not going to lie I'm still in mourning – that and python2, I was on the hunt for a new platform to sink my teeth into. While playing around with various frameworks on offer such as SilentTrinity, Faction, Merlin (all of which have their positives), I started looking at Cobbr's Covenant framework....