SECURITY MANAGEMENT

disaster recovery

to be the best
you have to be able to handle
the worst

It’s going to happen, sometime…

Could your business-critical applications be vulnerable to an extended outage or disaster at your primary infrastructure location?

There is one thing that is as certain as death and taxes – at some point in time your business systems will go down.

When it happens… knowing there is a plan in place, that it has been well-tested, and that specialists will swing into action to implement it… that’s priceless.

What is ‘Disaster Recovery as a Service’?

In an age of SaaS, Disaster Recovery-as-a-Service [DRaaS] is a practical option for businesses who don’t have the resources – staffing or technology – to have disaster recovery, inhouse.

DRaaS has many benefits that include reduced disaster recovery cost, increased simplicity, reduced IT resources required, and maximum efficiency provided.

Tech analyst house, Gartner, release an annual Magic Quadrant for Disaster Recovery as a Service.

Gartner describes DRaaS solutions as “offering a productised service for which the provider manages server image and data replication to the cloud, disaster recovery run book creation, automated failover and failback between on-premises and the cloud, and network element and functionality configuration as needed during and for recovery operations”.

MobileCorp Disaster Recovery as a Service (DRaaS)

MobileCorp partners with market-leading vendors to provide a comprehensive ‘Disaster Recovery as a Service’ module.

Disaster Recovery involves a set of policies, tools and procedures that ensure the recovery or continuation of all vital technology infrastructure and systems following a natural or human-induced disaster.

However, before recommending any specific solution, MobileCorp will need to spend the time to understand the customer’s IT environment, business drivers, current capabilities, limitations and budget.

MobileCorp Disaster Recovery Planning

A MobileCorp DR plan will include seven key elements:

  1.  Disaster Recovery Goals
  2.  Redundancy
  3.  Business Continuity
  4.  Documentation
  5.  Prioritised Business Functions
  6.  Internal Communications
  7.  Testing and Optimisation

When drafting a disaster recovery plan, it’s important to first assess the goals the plan will aim to accomplish. These will include:

  • Risk Reduction
    A primary goal of a good disaster recovery plan is to reduce an enterprise’s overall risk. Companies should conduct a current risk assessment before forming the plan to understand where vulnerabilities exist that need to be addressed. You can use a number scale to measure each risk level.
  • Resumption of Operations in an Emergency
    When a disaster occurs, a DR plan should be ready to go pushing out information and solutions to internal and external customers, resuming operations as quickly as possible.
  • Address Owner/Investor Concerns
    For enterprise businesses, a disaster recovery plan should communicate to whoever is at the top of the organisation – be it owners, investors, a board of directors or shareholders.
  • Regular Maintenance
    A disaster plan should be updated regularly. A DRaaS will run routine risk assessments on a schedule and ensure the disaster recovery plan addresses all risks at any given time. As the organisation changes, new technologies must be added into the plan.  
  • Narrow Disaster Response Times
    A key piece of any disaster recovery plan is ensuring that the DR team and other disaster recovery stakeholders can mobilise quickly and in a coordinated way. To narrow disaster response time, enterprise businesses should routinely test their plan at least once per year.
  • Industry Compliance
    Creating an effective DRP will reduce the risk of incurring penalties for failure to meet regulatory compliance obligations.

Server virtualisation has removed the need for duplicate server hardware, making redundancy more cost effective. It is now easier to shift key servers for additional capacity and maintain operations if primary systems fail.

Many hosting providers offer highly scalable platforms on which companies of all sizes can build DR environments. If a disaster occurs at the main business premises, key systems can be redirected to the hosted environment and the business can resume operations as quickly as possible.

It’s important to methodically document the IT infrastructure environment including related support and technical contacts, and server and application configurations. Developing recovery time objectives (RTO) and recovery point objectives (RPOs) is also key.

It will be critical to detail each IT function and the likely impact should it be interrupted. Mapping out internal dependencies and potential alternative suppliers or staff that can be brought on if necessary, can also help businesses function in the face of a disaster.

What are the lines of communication to be followed in the face of an emergency? These need to be clearly defined prior to an event to ensure chain of command and clarity of roles is acknowledged by all stakeholders.

It is vital to test a business recovery plan in real-world scenarios and use the insights that emerge to continually optimise the DR plan. At a minimum, the DR plan should be tested annually.

unified security management