There’s this thing about disasters, they don’t come with a warning. Unlike in a cyber attack, businesses don’t get to analyze their shortcomings that led to the situation in order to prepare them for similar attacks in the future.
When a disaster strikes, a business is either prepared to tackle the aftermath or they simply face the consequences. According to a report by RedCross, as many as 40% of businesses never reopen after major disasters like floods, earthquakes or tornados.
In 2011, the Joplin tornado killed 24 people and destroyed around 5000 buildings. Among the affected was also John Motazedi’s IT company named SNC. Close to 50 local physicians were tied to SNC for its services. However, the systems had also been destroyed and Mr. Motazedi had to call for outside help to get new computer parts and have the systems running again.
A business shutting down affects employees as much as it affects employers, perhaps more. Besides the company and its employees, customers are also indirectly affected as they lose their personal information, information of the dealings they have had with the company and more.
While there is no way to prevent a disaster from striking, there are, fortunately, ways a company can protect its data and be prepared in case they ever face such a situation.
5 ways to protect your data from disasters
1. Create scenarios and test a Disaster recovery Plan
Create different scenarios and different plans. An actual written plan. You obviously cannot replicate the natural disaster but you can create a drill on how you will actually follow the procedure. There is a world of difference between planning, writing and actually executing while treating it as a real scenario.
You may need to run several tests before you finally get a handle on it. When you run the tests, it is possible you may think of or experience obstacles which were not thought of when creating the plan.
2. The 3-2-1 rule
The 3-2-1 rule is an ideal backup strategy and should be a de facto method for every enterprise. Here’s how 3-2-1 strategy works; you make 3 copies of your backup, 2 of which are local but stored on different devices, and 1 copy is stored off-site.
The US-CERT (United States Computer Emergency Readiness Team) paper for Data Backup Options released in 2012 recommended the 3-2-1 approach.
While it is true that this approach requires more capital in terms of backing up data compared to other simpler methods, it really should be seen as an important investment for businesses.
3. Decide upon an acceptable recovery time
The amount of downtime you face will affect your business’ reputation, regardless of how famous and big it was before the disaster.
While you can always go for options that take days to restore the data, restoring in the shortest possible amount of time assures your customers and clients of your serious intent in dealing with the crisis and your dedication towards serving them.
4. Encrypt Data
It is necessary to ensure all data backed up is encrypted. Applying proper encryption algorithms to data in every mode, the one stored and the one in transit, prevents unauthorized access and security breaches. It is important to make sure the encryption keys are not accessible.
5. Data assessment & documentation
Conduct assessments regularly and document all findings. A company should know which data is of the highest value, where is it stored, which department accesses this data and who are its authorized users.
Similarly, assess the rest of the data and identify which data is a high-value asset and requires to be more closely guarded than others.
Conclusion
Disaster recovery is about data backup, data security, and business continuity planning. However, business continuity requires the data to be intact and always available, along with an efficient disaster recovery service provider to be able to get you up and running as soon as possible.
Author: CloudSecureTech
We are the information resource on all things Cloud, Disaster Recovery and Information Security.
