7 Rules on How to Protect your Business and your Customers with IT Business Continuity and Disaster Recovery (BCDR)
The fire occurred a couple of days ago at OVH’s Datacenter in France, caused hundreds of thousands of websites going offline with a huge impact on businesses, IT service providers, cloud & hosting companies, and of course thousands of consumers.
In light of that event, online businesses are now in search for new Data Centers to get their websites back online and for the right technology partner to provide them with a solid Business Continuity and Disaster Recovery plan.
The concept of IT Business Continuity and Disaster Recovery
(BCDR) is not new; however actual implementation varies across
solutions, vendors, and industries. Let’s take a look.
Why Do You Need a Business Continuity and Disaster Recovery Plan?
1. Surviving unplanned events
Many kinds of events can cause interruption or degradation of IT service: natural disaster, technology failures, user errors, etc. While natural disasters, terrorist acts, or malicious data breaches certainly are more known, operational events — not disasters — are the leading cause of IT outages. According to Forrester Research, a simple loss of power is still the leading cause of downtime, closely followed by IT hardware, software,
and network failures.2 It’s important to understand the difference in consequences. While natural disasters and fires can potentially take an entire site out of commission for a significant time, technical failures or HR issues are usually localized and solved quickly.
2. Assuring IT continuity through regular operations
Beyond unplanned IT outages, the need for much higher IT service stability and agility drives modern BCDR. Planned operational procedures like software and hardware upgrades, facilities maintenance, and data center migrations, as well as organizational changes and M&A activities, require IT to be highly adaptive and agnostic of its physical infrastructure and
location. IT service continuity is a critical requirement, so organizations are looking at BCDR as the means to assure IT’s continuous operation through any unplanned operational events.
The 7 Rules for the Best Disaster Recovery and Business Continuity Plan
1. Plan ahead and document
Well-documented action plans in cases of planned or unplanned service interruption must be available so your IT personnel can respond efficiently. The plans should include detailed recovery procedures, BCDR vendor engagement rules, and means of communication and transportation options. When do you declare a disaster? Where are the copies of data, software, and licenses stored? What’s the acceptable data loss, and how fast do you need to recover? At a minimum, detailed plans must be available in paper or hard copy form, but it’s much better if they are also accessible to your distributed staff in digital format.
2. Replicate Applications
Data backup is fundamental to BCDR, but by itself cannot ensure continuity of your operations. Without functioning servers, data is useless. Rebuilding hardware or software and loading the data can take a while. Having a secondary site with all applications and data replicated is one possible solution, but it may not be financially viable for small to midsize businesses. With the power of the cloud, disaster recovery can be offered as a service (Disaster Recovery as a Service, or DRaaS), based on multi-tenant remote replication. Leading vendors can guarantee the SLA-based availability of your applications and data from DRaaS data centers through a secure internet connection. Your restored IT service can be available within the promised timeframe — often as little as 15 minutes — until your primary site is back online.
3. Establish on- and off-site protection
Modern BCDR technology offers both on-site and remote protection. Each option has its advantages. Protecting locally allows easier access to your data and a generally faster recovery rate. Local replication, however, only works when your primary environment is still accessible. In cases of major disasters or for long-term data retention, you need to protect your data and applications off-site, preferably in a geographically distant location that will be unaffected by any local event. Today, best of breed BCDR technologies offer hybrid solutions that give you the best of both worlds: an on-site appliance for fast access, plus efficient replication of your environment in the cloud for ultimate protection.
4. Automate recovery procedures
Your IT staff may be the best in the world, but in case of disaster, you may not want to rely on their flawless execution of complex processes; the probability of human error is especially high under the pressure and uncertainty of a disaster. Imagine your personnel manually starting multiple servers, recovering and validating data, testing network connectivity, and executing many other critical tasks when every mistake
can cause lost data or prolonged service outage — and them weighing that against the safety of their families. In addition, your key personnel may not even be available as they take care of their own families. A “flip-of-a-switch,” process-driven disaster recovery approach offers higher ROI, especially in environments with limited IT resources and expertise. Modern BCDR automation includes conditional dependency tests, parallel threads, manual workflows with notifications, and other elements that make your recovery reliable, repeatable, and testable.
5. Test regularly
Experience tells us: test well, test often. A disaster recovery solution is only worth the cost if you know that it will actually work; otherwise, it is a wasted investment. Even if your plan was perfectly designed and tested
on deployment, your environment will change over time. Hardware and software upgrades, network tweaks, personnel training, and turnover issues can all affect the success of your BCDR procedures, even in a fully
automated environment. That is why it is so important to test your DR plans — as often as logically feasible. Advanced BCDR solutions provide built-in testing facilities, a separate virtual network for testing, and test
6. Secure your backed-up environment
Security is always a concern, and BCDR is not an exception. For locally-hosted BCDR solutions, the security is the same as what you’ve already established for your primary data and applications. Trusting the cloud with
your BCDR needs, however, has its challenges. Especially for highly regulated industries, keeping data in the cloud private and secure is a major requirement. Many standards and directives require that organizations
protect their data and provide defenses against threats. Ultimately, the data centers used by the DRaaS providers must demonstrate the highest levels of security by themselves. Additionally, a data encryption option should be available to protect data locally, in transmission, and at rest in remote storage facilities, with the proper key management and administration.
7. Choose your BCDR partner wisely
It is essential to stick to someone who understands and has a deep installed base in your industry. That way, you know your questions and issues will not be new to them and will not require a lot of research in a situation requiring a quick response.
NetShop ISP can help you with both planning and implementing your company’s Business Continuity & Disaster Recovery plan. With the help of Acronis, world’s leading cyber protection software, you can have your websites, online data and critical applications protected from cyber threats, unplanned incidents and achieve an uptime as high as 100%.
Contact our Acronis Cyber Protection professionals today for a free consultation.