SMEs Need A Disaster Recovery Plan

Uploaded on 2019-06-28 in TECHNOLOGY--Resilience, FREE TO VIEW

Most businesses dislike renewing IT equipment but they dislike renewing Disaster Recovery (DR) solutions even more. These aren’t revenue-generating systems after all, and small businesses have other things to spend their money on. Still, DR solutions can fall out of date just as quickly as primary IT infrastructure.

The cost of not updating DR solutions could be far greater in the end. A 2017 SME survey caried out by Forrester Research found that only 55% of businesses surveyed  felt prepared or very prepared to recover their data centres after a disaster.

For many, then, it's time to take a long hard look at their DR solution to see if it still fit for purpose. Here are four signs that you may be among them:

The Law has Changed
Regulatory or legal issues were among the biggest factors driving DR improvements, according to Forrester. 
One of the biggest drivers for revising DR plans is the introduction of the General Data Protection Regulation (GDPR), which came into effect in May 2018.

GDPR’s rules affect DR systems and primary systems equally. They require organisations to restore access to personal data in a timely manner, and mandate regular testing and evaluation for all data processing systems, including DR. 
Now is the time to check the security of your DR system and ensure that any DR service providers understand their own responsibilities as data processors under GDPR.

Your Data loads have Changed
Yesterday's DR solution may have been appropriate for a company half your size, but what about now? 
Data volumes have a habit of growing unchecked in the background, and a deluge of data can have an adverse effect on business resilience.

While many companies focus on planning data capacity for primary systems, it is easy to forget this task on the DR side. 
Check DR hardware and network capacity regularly against current data loads to ensure that they are adequate to handle data transfers.

Your Infrastructure has Changed
Data volumes are not the only things that evolve in an IT environment. Applications change, and hardware infrastructure expands. Organisations also move into private, public or hybrid cloud environments. 

In some cases, backup software appliances may not support this expanded infrastructure, especially if they are vendor-specific and new equipment from other suppliers has been brought on board. As your infrastructure strategy evolves, schedule regular reviews of your DR solution to ensure that it still supports your current server, storage and operating system selection and that it will backup data from your entire application portfolio.

Your Risk Profile has Changed
All DR strategies should be closely aligned with business risk, but this risk profile changes over time. Business teams should be involved in regularly revising Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). 
And these may change as the company builds out new business workflows and commercial imperatives shift.

When reassessing your DR solution, re-examine these metrics and ensure that they can support the necessary backup cadence to handle your company’s RPO needs. Ask yourself whether the DR architecture can cope with current RTOs, especially if backing up from a remote location.

Reviews of your DR needs and capabilities should be as regular as privacy and security assessments, especially now that GDPR has tightened the rules. Keeping your DR solution current brings several benefits, but perhaps the most important is that you’ll be able to sleep soundly at night.

DTX:            Probrand:

You Might Also Read: 

Now Is Definitely Time To Check You Are GDPR Compliant:

 

« US Cyber Attack On Iran
US Hackers Penetrate Russia's Electric Grid »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IberLayer

IberLayer

IberLayer is the company behind the Email Guardian service, a cloud based Email Total Protection system that filters and blocks email threats.

Intrinsyc Technologies

Intrinsyc Technologies

Intrinsyc provides product development services and Edge Computing modules that are helping to take the Internet of Things products to the next level.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

ECHO Project

ECHO Project

The main objective of ECHO is to strengthen the cyber defence of the European Union, enhancing Europe’s technological sovereignty through effective and efficient multi-sector collaboration.

Thistle Technologies

Thistle Technologies

Thistle Technologies is building tools that help connected device manufacturers build security resiliency into devices.

RedHunt Labs

RedHunt Labs

RedHunt Labs is a premier Cybersecurity Solutions provider, offering Attack Surface Management solution 'NVADR' and Penetration Testing services.

du

du

du is a telecommunications service provider providing UAE businesses with a vast range of ICT and managed services.

Information Services Group (ISG)

Information Services Group (ISG)

As a leading global research and advisory firm, ISG partners with our clients to determine a future vision, lead rapid change and realize the value of your digital investments at scale.

Hayes Connor Solicitors

Hayes Connor Solicitors

Hayes Connor Solicitors is a specialist data breach and cybercrime law firm. We act for clients on individual data breaches and also where a group has been compromised as part of a targeted attack.

Bugv

Bugv

Bugv is a crowdsourcing cybersecurity platform powered by human intelligence where we connect businesses with cyber security experts, ethical hackers, bug bounty hunters from all around the world.

ThreatNix

ThreatNix

ThreatNix is a tight knit group of experienced security professionals who are committed to providing competent cybersecurity solutions that adhere to international standards.

Huntr

Huntr

Huntr provides a single place for security researchers to submit vulnerabilities, to ensure the security and stability of AI/ML applications.

Technoware Solutions

Technoware Solutions

Technoware Solutions is a global company committed to helping entities navigate the digital waters of modernizing their system processes in an ever changing cybersecurity landscape.

C/side (cside)

C/side (cside)

At c/side, we're creating the ultimate delivery, performance and detection mechanism for browser-side fetched 3rd party Javascript.

MergeBase

MergeBase

Reduce software supply chain risk with MergeBase proven Software Composition Analysis (SCA).

Nyx Security Solutions

Nyx Security Solutions

Nyx is committed to excellence in embedded cybersecurity, delivering top-tier secure design, development, and penetration testing services that meet and exceed industry standards.