disaster recovery

Disaster Recovery – Planning for the worst is only the tip of the iceberg

Disaster Recovery – Planning for the worst is only the tip of the iceberg 1000 450 Greenlight Managed IT Support Services | Sydney | Melbourne

Like many small or medium businesses you’ve probably paid some thought to that rare data-loss catastrophe but chances are that when it came to budgeting for that unforeseen scenario the “what are the odds?” attitude ultimately prevailed inevitably resulting in a largely inadequate disaster recovery solution or in some cases, nothing at all.

Whilst these disaster scenarios are indeed relatively infrequent it is extremely important to understand the reality of the threat and the unpredictable nature of their occurrence. One could successfully argue that within Australia the risk to business is noticeably higher than the global average due to our country being particularly prone to weather extremes and associated natural disasters whether they be fires, floods or tropical cyclones. Now planning for that major disaster is one thing, but it is easy to overlook and hence not consider the detrimental effect of many smaller incidents that can have just as large an impact on your business. This is where RTOs and RPOs come in.

When it comes to planning for a disaster every business needs to be able to determine both an acceptable period of production downtime and the limit of acceptable data loss. The Recovery Time Objective (RTO) specifies the maximum duration of loss of or disruption to production systems beyond which the consequences to business are unacceptable. Similarly, the Recovery Point Objective (RPO) specifies the maximum period of time that is considered acceptable for lost data as the result of a disaster.

rto

What is considered acceptable for both data loss and production downtime will vary depending on the type of business and nature of the circumstances however the necessity for considering and planning for the consequences of both major and minor incidents remains the same. What one business considers an event of major disruption to workflow may not be as significant an impact for another but the need to ascertain exactly what is acceptable and what consequences a particular incident will have on your business applies to all.

It must be understood that planning a solution to maintain business continuity, adhere to the defined recovery time and point objectives and mitigate the impact of a disaster is not a trivial matter and more than likely is beyond the capability of a business’s existing internal resources. There are many products and strategies available when it comes to disaster planning but determining which will suit your business’s needs is another matter. Consulting with a service provider that understands your requirements and specialises in backups and disaster recovery is crucial to ensuring a robust and reliable solution.

One of the most significant factors in recent years that has dramatically increased the need and urgency of businesses to implement a disaster recovery solution has been the prevalence of ransomware. Most people would have heard of this type of malicious software by its most common variety – CryptoLocker. For those that are not aware of what makes this type of malware so damaging it is its ability to silently access and encrypt not only the most common types of documents and files on your computer, but also any network shared folders you may also have attached to your computer. The result will be all of your most important business data being in an unreadable state at which point it will prompt you to pay a hefty ransom within 24-72 hours to obtain the decryption key without which your data is useless.

Since 2013 the sophistication and variance of this type of malware has increased massively as has the range of file extensions and genuine-looking emails that are used in attempt to get you to run the malware on your computer. Chances are you know someone that has experienced this either at work or at home or you may have been unfortunate enough to already have had your data held hostage and have had to pay the ransom to regain your important files and documents.

One of the best pieces of advice against encountering this nightmare is as old as email itself. Don’t open attachments from someone you don’t know. If it looks suspicious it probably is. Even if it claims to be from a government department, courier/postal service or a reputable bank or institution, tread cautiously as this is one of the most common guises currently in use all in order to get you to open and run that attachment.

Having said that, not everyone within your company will always be as mindful of such threats whether they be from obvious but rare natural disasters, hardware failure, data theft or ransomware and there will almost certainly come a time when recovery is needed. The best defence will always be to have a comprehensive and well-planned backup and disaster recovery solution in place before the day comes when you regret not having one. The inherent human mindset typically dictates that we don’t act or plan for a scenario until the first time it happens. There can by any number of reasons for this whether it be simply from a lack of consideration or budgetary constraints but regardless the question that needs to be asked is can you afford not to?

Disaster Recovery Plan: Think Before Not After – Backups (Part 1 of 3)

Disaster Recovery Plan: Think Before Not After – Backups (Part 1 of 3) 150 150 Greenlight Managed IT Support Services | Sydney | Melbourne

disaster-recovery-plan-avoid-pain When pain is avoidable, it pays to have a plan.

Do You Need a Disaster Recovery Plan?

Data has always been part of the backbone of every successful business. As a 3-part series, we will explore Backups, Monitoring and Redundancy on a high level.

Time and time again we see new clients come to us unaware of the importance of a proper disaster recovery plan for their IT infrastructure. An attitude usually stemming from the assumption that “it will never happen to me” and is therefore not a priority for their business. As David Tozzi-Condivi explained last week, not having a comprehensive disaster recovery plan is a lot riskier than you may think.

In Australia we’re no strangers to natural disasters be it fires, floods or tropical cyclones and these are not the only disasters you should plan for. A “disaster” to your business would be any situation in which your critical hardware/software systems experience failures for any number of reasons resulting in massive loss of data and productivity.

Whilst major disasters requiring extensive hardware replacement and organisation-wide data recovery are rare, properly planning and dedicating time and resources to this scenario not only safeguards against the unlikely but also protects against the likely. Even a small incident can have significant and far-reaching consequences for your business.

Fortunately there are a few easy measures you can take to drastically reduce the impact of these events be they large or small.

Disaster-recovery-plan

A solid disaster recovery plan (broadly speaking) includes well set-up Backups, proactive Monitoring, and solid Redundancy planning.

 

Backups

At the core of any disaster recovery plan are the backups. Having a reliable, up-to-date, easily restorable copy of your production data is critical to any business. If there is data corruption, a hardware failure or even an entire site lost, having these backups will be your lifeline to getting back on your feet as quickly as possible.

Choosing the correct backup solution and configuring it properly is the easiest, quickest and most cost-effective way to protect your business from a disaster of any magnitude. Investing in the right backup software and hardware storage will be one of the wisest decisions you make for your business.

So you might ask, what is the right backup software and hardware for my business? The exact answer will depend on the size and complexity of your IT infrastructure but there are some key recommendations that apply to any business:

  • Software: You want an application than can deliver fast and reliable backup/restore tasks as well as providing customisable, frequent and efficient system snapshots with little to no impact on your production environment.
  • Hardware: Stay away from tapes! Tape drives/cartridges are an old, slow and unreliable backup media. Not to mention expensive. Any hard disk drive solution such as a NAS is without question the best option. Such a device provides large, cost-effective storage with fast read/write times and high reliability.
  • Storage: As with any IT setup, the solution should be designed to be scalable. Implementing a NAS with expansion options for future increased storage will save you a lot of money down the track and gives you the flexibility to adjust the number of days, weeks, months of backup data you want to retain.
  • Data Protection: Having the backup systems protected against hardware failures is just as important as your production environment. What’s the point of having backups if there is still a single point of failure? To avoid this you would always arrange your hard disk storage in an array with redundancy so a single disk failure does not cripple your system.
  • Offsite: Replicating your backup data offsite to a separate geographical location such as another site in your organisation or a data centre protects against large-scale disasters such as fire that can destroy all your infrastructure (including local backup storage) at a particular location. Whilst not essential for all businesses having some form of offsite redundancy is certainly recommended for large multi-site clients.

Greenlight also provide backup and disaster recovery services. From planning, hardware and software provision, right through to monitoring and restoration– we’ve got you covered.

This is Part 1 of our 3-part Disaster Recovery Plan feature. Check out Part 2 and Part 3.

“I know we are backed up so our business is fine”

“I know we are backed up so our business is fine” 150 150 Greenlight Managed IT Support Services | Sydney | Melbourne

Backup and Disaster RecoveryIf I asked you what the balance of your superannuation was right now, would you be able to provide me with an exact figure? I wouldn’t be able to.

You sort of just know your super is there—every now and then you get a statement, and you really only pay attention if your super company is losing you money.

A simple question I often ask clients is “Ok, somebody has just stolen your servers, or there’s a fire that destroys them. What is your disaster recovery plan to get your business up and running, and how long will it take?”

Usually, I’m met with one of three responses:

  • A blank look, and seconds of awkward silence.
  • “It’s all on the offsite copies!”
  • “I’m not sure.”

Once we set something up, it’s very easy to forget the fine details.  Just like your superannuation.

The reality is that without a proper plan, it could be days or even weeks to get that data from the backups back into a working environment to get back to business.

Having backups is great, but it’s only a piece of the puzzle.

How many days could your business could afford to remain closed? One day? Two days? What would happen if you had to close shop for a full week?

If a major disaster were to take place, being inactive for more than a day could start impacting heavily on your business. Think I’m exaggerating?

A recent report found that in the event of a major data loss incident, 4 in 5 businesses either never re-open or close within the next 12 months.  The scary thing is, 33% of Australian SMEs are not employing any means of data redundancy (Source: Acronis’ Global Disaster Recovery Index 2012).

Think about all those years of hard work down the drain, for a staggering 80% of businesses just like yours.

Conclusion

If you have a disaster recovery plan, great. Test it. Regularly. If you haven’t already, check out Mark Farrell’s 3-part disaster recovery plan series here.

If you don’t have one in place, get one. It doesn’t matter whether you’re a tiny start-up or have hundreds of employees. Have that conversation with your team, so that at least you know what is at stake, and how you plan to minimise your risk.

Greenlight ITC specialises in putting in place comprehensive disaster recovery plans, which we test regularly. This ensures that in the event of a disaster, there is no margin for error. But it’s more than just protecting your business. It’s about protecting your livelihood, the livelihood of your staff, and even your customers. Make sure your business is ready.