SMEs Need A Disaster Recovery Plan

Uploaded on 2019-06-28 in TECHNOLOGY--Resilience, FREE TO VIEW

Most businesses dislike renewing IT equipment but they dislike renewing Disaster Recovery (DR) solutions even more. These aren’t revenue-generating systems after all, and small businesses have other things to spend their money on. Still, DR solutions can fall out of date just as quickly as primary IT infrastructure.

The cost of not updating DR solutions could be far greater in the end. A 2017 SME survey caried out by Forrester Research found that only 55% of businesses surveyed  felt prepared or very prepared to recover their data centres after a disaster.

For many, then, it's time to take a long hard look at their DR solution to see if it still fit for purpose. Here are four signs that you may be among them:

The Law has Changed
Regulatory or legal issues were among the biggest factors driving DR improvements, according to Forrester. 
One of the biggest drivers for revising DR plans is the introduction of the General Data Protection Regulation (GDPR), which came into effect in May 2018.

GDPR’s rules affect DR systems and primary systems equally. They require organisations to restore access to personal data in a timely manner, and mandate regular testing and evaluation for all data processing systems, including DR. 
Now is the time to check the security of your DR system and ensure that any DR service providers understand their own responsibilities as data processors under GDPR.

Your Data loads have Changed
Yesterday's DR solution may have been appropriate for a company half your size, but what about now? 
Data volumes have a habit of growing unchecked in the background, and a deluge of data can have an adverse effect on business resilience.

While many companies focus on planning data capacity for primary systems, it is easy to forget this task on the DR side. 
Check DR hardware and network capacity regularly against current data loads to ensure that they are adequate to handle data transfers.

Your Infrastructure has Changed
Data volumes are not the only things that evolve in an IT environment. Applications change, and hardware infrastructure expands. Organisations also move into private, public or hybrid cloud environments. 

In some cases, backup software appliances may not support this expanded infrastructure, especially if they are vendor-specific and new equipment from other suppliers has been brought on board. As your infrastructure strategy evolves, schedule regular reviews of your DR solution to ensure that it still supports your current server, storage and operating system selection and that it will backup data from your entire application portfolio.

Your Risk Profile has Changed
All DR strategies should be closely aligned with business risk, but this risk profile changes over time. Business teams should be involved in regularly revising Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). 
And these may change as the company builds out new business workflows and commercial imperatives shift.

When reassessing your DR solution, re-examine these metrics and ensure that they can support the necessary backup cadence to handle your company’s RPO needs. Ask yourself whether the DR architecture can cope with current RTOs, especially if backing up from a remote location.

Reviews of your DR needs and capabilities should be as regular as privacy and security assessments, especially now that GDPR has tightened the rules. Keeping your DR solution current brings several benefits, but perhaps the most important is that you’ll be able to sleep soundly at night.

DTX:            Probrand:

You Might Also Read: 

Now Is Definitely Time To Check You Are GDPR Compliant:

 

« US Cyber Attack On Iran
US Hackers Penetrate Russia's Electric Grid »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Logicalis

Logicalis

Logicalis are a leading provider of global IT solutions and managed services.

IPVanish

IPVanish

IPVanish has its roots in over 15 years of network management, IP services, and content delivery services. Now we're bringing these finely honed skills to VPN.

CERT-EU

CERT-EU

CERT-EU is a permanent Computer Emergency Response Team for the EU institutions, agencies and bodies.

Prewen

Prewen

Prewen provide solutions to protect sensitive data across the organisation.

eco

eco

eco, with more than 950 member organizations, is the largest Internet industry association in Europe.

Efecte

Efecte

Efecte is a Nordic SaaS company specialized in IT Service Management, Self-Service, Identity Management and Access Governance solutions.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

Cycura

Cycura

Cycura provide advanced, customized, and confidential cyber security services, cyber investigation services, and digital forensic services to governments, companies, and organizations.

Concentric

Concentric

Concentric Data Risk Monitoring and Protection. Deep Learning to discover, monitor and remediate risks to sensitive data on-premises and in the cloud.

Fastcomcorp

Fastcomcorp

Fastcomcorp offers a world-class proactive cyber security defense and risk management consulting. Including Darkweb monitoring and posture assessments.

ANSEC IA

ANSEC IA

ANSEC is a consultancy practice providing independent Information Assurance and IT Security focussed services to customers throughout the UK, Ireland and internationally.

Pentesec

Pentesec

Pentesec is a security specialist offering professional services, managed security services and expertise within an extensive range of security technologies.

Charles IT

Charles IT

Charles IT is your friendly, no-nonsense IT team focused on helping companies make their technology work for them. We focus on building relationships that deliver results.

Gravitee

Gravitee

Gravitee helps organizations manage and secure their entire API lifecycle with solutions for API design, management, security, productization, real-time observability, and more.

IDVerse

IDVerse

IDVerse is focused on making user verification effortless through technology. We build intelligent tools that protect users from identity fraud while enabling a seamless user experience.

Tausight

Tausight

Tausight is an AI-Powered patient data security startup with a mission of reducing healthcare cyber incidents using a more proactive, risk management philosophy.