disaster recovery plan

Disaster Recovery – Planning for the worst is only the tip of the iceberg

Disaster Recovery – Planning for the worst is only the tip of the iceberg 1000 450 Greenlight Managed IT Support Services | Sydney | Melbourne

Like many small or medium businesses you’ve probably paid some thought to that rare data-loss catastrophe but chances are that when it came to budgeting for that unforeseen scenario the “what are the odds?” attitude ultimately prevailed inevitably resulting in a largely inadequate disaster recovery solution or in some cases, nothing at all.

Whilst these disaster scenarios are indeed relatively infrequent it is extremely important to understand the reality of the threat and the unpredictable nature of their occurrence. One could successfully argue that within Australia the risk to business is noticeably higher than the global average due to our country being particularly prone to weather extremes and associated natural disasters whether they be fires, floods or tropical cyclones. Now planning for that major disaster is one thing, but it is easy to overlook and hence not consider the detrimental effect of many smaller incidents that can have just as large an impact on your business. This is where RTOs and RPOs come in.

When it comes to planning for a disaster every business needs to be able to determine both an acceptable period of production downtime and the limit of acceptable data loss. The Recovery Time Objective (RTO) specifies the maximum duration of loss of or disruption to production systems beyond which the consequences to business are unacceptable. Similarly, the Recovery Point Objective (RPO) specifies the maximum period of time that is considered acceptable for lost data as the result of a disaster.

rto

What is considered acceptable for both data loss and production downtime will vary depending on the type of business and nature of the circumstances however the necessity for considering and planning for the consequences of both major and minor incidents remains the same. What one business considers an event of major disruption to workflow may not be as significant an impact for another but the need to ascertain exactly what is acceptable and what consequences a particular incident will have on your business applies to all.

It must be understood that planning a solution to maintain business continuity, adhere to the defined recovery time and point objectives and mitigate the impact of a disaster is not a trivial matter and more than likely is beyond the capability of a business’s existing internal resources. There are many products and strategies available when it comes to disaster planning but determining which will suit your business’s needs is another matter. Consulting with a service provider that understands your requirements and specialises in backups and disaster recovery is crucial to ensuring a robust and reliable solution.

One of the most significant factors in recent years that has dramatically increased the need and urgency of businesses to implement a disaster recovery solution has been the prevalence of ransomware. Most people would have heard of this type of malicious software by its most common variety – CryptoLocker. For those that are not aware of what makes this type of malware so damaging it is its ability to silently access and encrypt not only the most common types of documents and files on your computer, but also any network shared folders you may also have attached to your computer. The result will be all of your most important business data being in an unreadable state at which point it will prompt you to pay a hefty ransom within 24-72 hours to obtain the decryption key without which your data is useless.

Since 2013 the sophistication and variance of this type of malware has increased massively as has the range of file extensions and genuine-looking emails that are used in attempt to get you to run the malware on your computer. Chances are you know someone that has experienced this either at work or at home or you may have been unfortunate enough to already have had your data held hostage and have had to pay the ransom to regain your important files and documents.

One of the best pieces of advice against encountering this nightmare is as old as email itself. Don’t open attachments from someone you don’t know. If it looks suspicious it probably is. Even if it claims to be from a government department, courier/postal service or a reputable bank or institution, tread cautiously as this is one of the most common guises currently in use all in order to get you to open and run that attachment.

Having said that, not everyone within your company will always be as mindful of such threats whether they be from obvious but rare natural disasters, hardware failure, data theft or ransomware and there will almost certainly come a time when recovery is needed. The best defence will always be to have a comprehensive and well-planned backup and disaster recovery solution in place before the day comes when you regret not having one. The inherent human mindset typically dictates that we don’t act or plan for a scenario until the first time it happens. There can by any number of reasons for this whether it be simply from a lack of consideration or budgetary constraints but regardless the question that needs to be asked is can you afford not to?

Disaster Recovery Plan: Think Before Not After – Monitoring (Part 2 of 3)

Disaster Recovery Plan: Think Before Not After – Monitoring (Part 2 of 3) 150 150 Greenlight Managed IT Support Services | Sydney | Melbourne

disaster-recovery-plan-monitoringMonitoring

Not only does well setup monitoring alert you to impending disaster before it happens, it also provides the peace of mind that all systems are nominal. 

“An ounce of prevention is worth a pound of cure.”

So it’s all well and good to have your servers and backup systems in place but they can’t be expected to cry for help without some form of monitoring and notifications. Knowing your disaster recovery plan will be there when you need it is crucial, and that’s where proactive monitoring and testing comes into it.

There are many reliable, effective and low-cost monitoring solutions available that provide everything from daily email notifications to real-time, comprehensive alerting to an email, SMS and dedicated monitoring screens.

What your business specifically requires again depends on your particular infrastructure setup but there are several vital system components that should always be included in even the most basic of monitoring solutions:

  • Hardware: Notification of failed/failing hard disks (or SSDs) in both your production and backup systems is of utmost importance. Your systems should be designed to cope with one or more drive failures but being notified of the state of the disks ensures you can act on an alert before it leads to a system failure.
  • Software: Alerts/warnings from the backup software itself are just as important so you know whether the jobs are running, whether they succeeded or failed and contain useful error reports in the case of the latter. Assuming backups have been running without incident is never a good idea as you do not want to be presented with the scenario of a system failure and then discover your backups have not been successful for weeks.
  • Operating Systems: In the case of monitoring the production environment itself you can install agents on the servers that will report in real-time if critical services or hardware components experience issues or go offline. In the case of virtual platforms, at the very least you should schedule scripts that interrogate the hypervisor’s hardware sensors and report alerts accordingly.

When it comes to a comprehensive disaster recovery plan the best practice is not to have only one or two sides of the triangle meaning that if you are implementing a well-designed backup solution spend the time and resources to set up adequate monitoring as well. If you disregard monitoring in conjunction with your backup system you are undermining your own efforts in staving off disaster.

This is Part 2 of our 3-part Disaster Recovery Plan feature– check out Part 1 here or Part 3 here.

Disaster Recovery Plan: Think Before Not After – Backups (Part 1 of 3)

Disaster Recovery Plan: Think Before Not After – Backups (Part 1 of 3) 150 150 Greenlight Managed IT Support Services | Sydney | Melbourne

disaster-recovery-plan-avoid-pain When pain is avoidable, it pays to have a plan.

Do You Need a Disaster Recovery Plan?

Data has always been part of the backbone of every successful business. As a 3-part series, we will explore Backups, Monitoring and Redundancy on a high level.

Time and time again we see new clients come to us unaware of the importance of a proper disaster recovery plan for their IT infrastructure. An attitude usually stemming from the assumption that “it will never happen to me” and is therefore not a priority for their business. As David Tozzi-Condivi explained last week, not having a comprehensive disaster recovery plan is a lot riskier than you may think.

In Australia we’re no strangers to natural disasters be it fires, floods or tropical cyclones and these are not the only disasters you should plan for. A “disaster” to your business would be any situation in which your critical hardware/software systems experience failures for any number of reasons resulting in massive loss of data and productivity.

Whilst major disasters requiring extensive hardware replacement and organisation-wide data recovery are rare, properly planning and dedicating time and resources to this scenario not only safeguards against the unlikely but also protects against the likely. Even a small incident can have significant and far-reaching consequences for your business.

Fortunately there are a few easy measures you can take to drastically reduce the impact of these events be they large or small.

Disaster-recovery-plan

A solid disaster recovery plan (broadly speaking) includes well set-up Backups, proactive Monitoring, and solid Redundancy planning.

 

Backups

At the core of any disaster recovery plan are the backups. Having a reliable, up-to-date, easily restorable copy of your production data is critical to any business. If there is data corruption, a hardware failure or even an entire site lost, having these backups will be your lifeline to getting back on your feet as quickly as possible.

Choosing the correct backup solution and configuring it properly is the easiest, quickest and most cost-effective way to protect your business from a disaster of any magnitude. Investing in the right backup software and hardware storage will be one of the wisest decisions you make for your business.

So you might ask, what is the right backup software and hardware for my business? The exact answer will depend on the size and complexity of your IT infrastructure but there are some key recommendations that apply to any business:

  • Software: You want an application than can deliver fast and reliable backup/restore tasks as well as providing customisable, frequent and efficient system snapshots with little to no impact on your production environment.
  • Hardware: Stay away from tapes! Tape drives/cartridges are an old, slow and unreliable backup media. Not to mention expensive. Any hard disk drive solution such as a NAS is without question the best option. Such a device provides large, cost-effective storage with fast read/write times and high reliability.
  • Storage: As with any IT setup, the solution should be designed to be scalable. Implementing a NAS with expansion options for future increased storage will save you a lot of money down the track and gives you the flexibility to adjust the number of days, weeks, months of backup data you want to retain.
  • Data Protection: Having the backup systems protected against hardware failures is just as important as your production environment. What’s the point of having backups if there is still a single point of failure? To avoid this you would always arrange your hard disk storage in an array with redundancy so a single disk failure does not cripple your system.
  • Offsite: Replicating your backup data offsite to a separate geographical location such as another site in your organisation or a data centre protects against large-scale disasters such as fire that can destroy all your infrastructure (including local backup storage) at a particular location. Whilst not essential for all businesses having some form of offsite redundancy is certainly recommended for large multi-site clients.

Greenlight also provide backup and disaster recovery services. From planning, hardware and software provision, right through to monitoring and restoration– we’ve got you covered.

This is Part 1 of our 3-part Disaster Recovery Plan feature. Check out Part 2 and Part 3.