At Interscale, we love our technology and we also love data! However, it goes without saying that we don’t love it when data is lost, and worse still, cannot be recovered due to an ineffective backup strategy!
In today’s modern businesses landscape, it is imperative to ensure that digital data is secure and can be easily recovered. In some instances, if data cannot be restored, it may have dire consequences to a business, causing grief and financial distress.
With this in mind, it is imperative to ensure that every business – whether small, medium or large, has adequate systems in place to back up data. Further to this, it is equally important that you have detailed plans outlining those activities will occur in the event of a disaster, or mass data loss.
So, what are we talking about, when we talk about DR, BCP and CDP? In summary, these terms outline the procedures and systems that ensure that adequate measures are in place with respect to data and business continuity. Combined, these capabilities will protect the business interests, as well as document the methods and systems used to recover services in a timely manner.
When disaster strikes, it’s essential to know what to do.
Disaster Recovery is best described as the method and strategy a business implements to ensure that data and IT systems are protected, adequately backed up, and are recoverable in the event of a disaster. DR is more than just having backups running overnight. The Disaster Recovery Plan (DRP) also includes the processes to follow in the event where physical hardware is damaged, networks are unavailable, or an event where data is corrupted or unrecoverable.
Think about a true disaster situation, such as a fire, flooding, or a cyber-attack – having a Disaster Recovery Plan helps to outline these scenarios, providing a strategy for the organisation and its’ workers to respond to such scenarios.
The first step to maintaining data integrity is ensuring that backups are performed regularly. Secondly, consider the need to send this backup data offsite. It will be almost impossible to invoke a successful DRP, if your servers and data are in the same building as your backups, and the building has burned down.
A good DRP will detail potential incident types, responses and recovery options. Each DR scenario is different, requiring a different response, be it a datacentre loss, cyber-attack, environmental disaster, network failure, etc.
In reality, the best advice for any backup and DR strategy and plan, is to actually have one, and adhere to it.
In its simplest form, the Business Continuity Plan details the steps and resources required to continue business operations, while not dealing directly with the recovery of IT systems. The DRP details directly with the IT systems, including the protection and recovery of these systems. The BCP details the ‘where’ and ‘how’ to recover the business, ensuring the business can continue.
For example, Sugary-Drink Company has multiple departments, ranging from Finance, HR, Marketing, Sales, to IT, and more. The BCP’s goal is to ensure that all these departments remain operational after an incident.
The goal of a suitable BCP would be to outline communication and contact channels to customers, vendors and suppliers. It should also detail alternate sites or offices, in the event a site is no longer accessible or functional.
Because the BCP and DRP work hand-in-hand, information gathered for each document and process will feed into the other. Additionally, the aim of developing the BCP and DRP together is to ensure that neither contradicts the outcomes or processes detailed in the other. The BCP will also dictate acceptable data loss and acceptable recovery times, working directly with the DRP.
Continuous data protection (CDP) is a type of ‘continuous backup’. Data is replicated, with continuous copies of data being written from one place to another. Unlike traditional backup models which are set to backup data at pre-determined times, CDP is always backing up. True CDP replicates all the delta changes, allowing for restoration of data from any point in time.
Because traditional backups are set to backup data at specific times, i.e. Nightly Backups, restoration points are limited to the last successful backup. Although this sounds satisfactory in practice, the loss of a full day’s data could have significant impact to any business.
CDP can be configured to protect data by copying changes to a destination target. This might be based at the same site, one or more remote sites, or on the cloud. The destination targets are a determining factor to how quickly this data can be restored. As such, multiple destination targets could be configured, linking in to the Disaster Recovery solutions that are in place.
So, in summary, implementing these solutions will aid in the protection and recovery of your business in the event of data loss or a disaster. Conversely, failing to consider these will place your business at risk if a worst-case scenario were to unfold.
It is critically important to remember that above all else, once these plans and processes are in place it is vital to rehearse them on a routine basis. Schedule annual DR tests and regularly test your backups. If you do not have the skills or bandwidth to manage these processes, engage an IT partner such as Interscale to complete these processes on your behalf. There is no point having processes in place if there are no guarantees that they will work when the unfortunate and unplanned events do finally eventuate.