Not only can disaster strike at any time, it likely will, and your business’s very survival could depend on its disaster recovery (DR) capabilities. The evidence is clear: The National Oceanic and Atmospheric Administration (NOAA) predicts an above-normal hurricane season, and much of the West is in extreme drought and prone to devastating fires that in the past have destroyed businesses and critical infrastructure. In one recent survey of 5,600 IT pros, 66% said disaster struck their organization in another form having been hit by ransomware in 2021. The pace and sophistication of cyberattacks continue to grow, as I pointed out in my blog describing the variety of attack vectors coming at you.
Regardless of the type of disaster, you need to put a comprehensive DR plan in place today, but what goes into a sound DR plan, and where do you begin?
DR starts with an assessment
Your first step in developing your DR plan is a disaster recovery assessment that takes a close look at your current situation. The assessment should identify the most critical elements of your organization’s infrastructure, including your applications, network, and sensitive data. It should also include reviewing your existing disaster recovery plan and processes, application and database backup and restore plans, and DR testing procedures and results.
The outcome of the assessment should establish a clear set of priorities and recommendations, including your recovery time objective (RTO)—the amount of time your business can tolerate having its systems down—and recovery point objective (RPO)—the amount of data you can afford to lose in a disaster. You will want to ensure that your critical applications and data can be recovered quickly. You will also want your secondary applications and data to be recoverable, but you should base your decision on time to recovery weighed against costs.
A sound DR plan also goes beyond your data and technology infrastructure. It needs to consider the critical dependencies that keep your business running. That includes your network and internet connectivity, physical security and AV communications, telecom infrastructure, and HVAC systems.
Given the time, effort, and specialized expertise required, it’s worth looking to outside help for your DR plan assessment. DR specialists with a respected firm can conduct a discovery session for you to help identify technical and business process gaps, define stakeholders, recovery teams, and operational requirements, and address compliance and industry standards.
Back up everything (and leverage the cloud)
You will want to make sure you have redundant systems for power, heating and cooling, and network connectivity for your physical infrastructure. Given that your data is priceless, you’ll need to pay special attention to data backup and recovery. Today’s cloud backup and disaster recovery solutions are among your best bets for quickly getting your business back up and running.
The cloud helps you adhere to the new 3-2-1-1-Q backup rule—the foundation for guaranteed recovery—by giving you cost-effective off-site storage for your data. Working with a cloud backup and disaster recovery provider eliminates the costs and complexities of building and maintaining your own infrastructure.
Check out disaster recovery as a service
Cloud-based Disaster Recovery as a Service (DRaaS) solutions may be your best approach for gaining confidence that your business can recover. Your selected DRaaS solution should include fully integrated backup, replication, and restoration from the cloud, with failover and failback capabilities that can meet your workload demands.
It should also feature flexible repositories, end-to-end encryption, WAN acceleration, configurable failover options, and recovery assurance. A service that replicates to a Microsoft Hyper-V or VMware vSphere multi-hypervisor can offer you a proven approach for recovery, with sub-15-minute RTOs and RPOs for all your applications and data.
Regardless of your strategy, make sure you’ve got backup plans in place and that they are tested quarterly, so you know everything will go as planned when needed.
Backup your Microsoft 365 data
While 60% of sensitive cloud data is stored in Microsoft 365 documents, 75% of that data is not backed up, and you’re responsible for that data if it is lost or encrypted by ransomware. That’s why you need to be sure your sensitive cloud data stored in Exchange, SharePoint, and OneDrive for Business is securely backed up.
A Veeam Backup service for Microsoft 365 efficiently protects your data from accidental deletion and lets you make granular recoveries, including quickly restoring individual files. It also helps you meet legal and compliance requirements, including efficient eDiscovery of backup archives.
Monitor your network (and keep it secure)
Monitoring and alerting is another area worth looking into as part of your DR planning process. In addition to disasters, plenty of other problems can bring your business to a standstill. Some ransomware and cyberattacks aren’t discovered until months after gaining entry to their victim’s systems.
This is another place where outsourcing makes sense because you don’t have to spend the money on the required technologies—or waste your IT team’s time that could be better spent on moving your business forward. Monitoring services give you continual updates, analysis, and real-time alerts regarding the digital health of your business and any suspicious events. They should always include expert resources and sophisticated tools.
I hope you found this information helpful. As always, contact us anytime about your technology needs.
Until next time,