SMEs Need A Disaster Recovery Plan

Uploaded on 2019-06-28 in TECHNOLOGY--Resilience, FREE TO VIEW

Most businesses dislike renewing IT equipment but they dislike renewing Disaster Recovery (DR) solutions even more. These aren’t revenue-generating systems after all, and small businesses have other things to spend their money on. Still, DR solutions can fall out of date just as quickly as primary IT infrastructure.

The cost of not updating DR solutions could be far greater in the end. A 2017 SME survey caried out by Forrester Research found that only 55% of businesses surveyed  felt prepared or very prepared to recover their data centres after a disaster.

For many, then, it's time to take a long hard look at their DR solution to see if it still fit for purpose. Here are four signs that you may be among them:

The Law has Changed
Regulatory or legal issues were among the biggest factors driving DR improvements, according to Forrester. 
One of the biggest drivers for revising DR plans is the introduction of the General Data Protection Regulation (GDPR), which came into effect in May 2018.

GDPR’s rules affect DR systems and primary systems equally. They require organisations to restore access to personal data in a timely manner, and mandate regular testing and evaluation for all data processing systems, including DR. 
Now is the time to check the security of your DR system and ensure that any DR service providers understand their own responsibilities as data processors under GDPR.

Your Data loads have Changed
Yesterday's DR solution may have been appropriate for a company half your size, but what about now? 
Data volumes have a habit of growing unchecked in the background, and a deluge of data can have an adverse effect on business resilience.

While many companies focus on planning data capacity for primary systems, it is easy to forget this task on the DR side. 
Check DR hardware and network capacity regularly against current data loads to ensure that they are adequate to handle data transfers.

Your Infrastructure has Changed
Data volumes are not the only things that evolve in an IT environment. Applications change, and hardware infrastructure expands. Organisations also move into private, public or hybrid cloud environments. 

In some cases, backup software appliances may not support this expanded infrastructure, especially if they are vendor-specific and new equipment from other suppliers has been brought on board. As your infrastructure strategy evolves, schedule regular reviews of your DR solution to ensure that it still supports your current server, storage and operating system selection and that it will backup data from your entire application portfolio.

Your Risk Profile has Changed
All DR strategies should be closely aligned with business risk, but this risk profile changes over time. Business teams should be involved in regularly revising Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). 
And these may change as the company builds out new business workflows and commercial imperatives shift.

When reassessing your DR solution, re-examine these metrics and ensure that they can support the necessary backup cadence to handle your company’s RPO needs. Ask yourself whether the DR architecture can cope with current RTOs, especially if backing up from a remote location.

Reviews of your DR needs and capabilities should be as regular as privacy and security assessments, especially now that GDPR has tightened the rules. Keeping your DR solution current brings several benefits, but perhaps the most important is that you’ll be able to sleep soundly at night.

DTX:            Probrand:

You Might Also Read: 

Now Is Definitely Time To Check You Are GDPR Compliant:

 

« US Cyber Attack On Iran
US Hackers Penetrate Russia's Electric Grid »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Vanguard Integrity Professionals

Vanguard Integrity Professionals

Vanguard Integrity Professionals is an independent provider of enterprise security software solutions that address complex security and regulatory compliance challenges.

WatchGuard

WatchGuard

WatchGuard is a leader in network security, secure Wi-Fi, and network intelligence products and services for SMBs and Enterprises worldwide.

FAMOC

FAMOC

FAMOC is an enterprise mobile management solution that delivers comprehensive security and management for applications, documents, email, and mobile devices.

Acalvio Technologies

Acalvio Technologies

Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter.

DisruptOps

DisruptOps

Built for today’s cloud-scale enterprises, DisruptOps’ Cloud Detection and Response platform automates assessment and remediation procedures of critical cloud security issues.

spriteCloud

spriteCloud

spriteCloud is an independent software testing, test automation and cybersecurity services provider.

ImpactQA

ImpactQA

ImpactQA is a global leading software testing & QA consulting company. Ten years of excellence. Delivering unmatched services & digital transformation to SMEs & Fortune 500 companies.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

doIT Solutions

doIT Solutions

doIT solutions specialize in IT security and infrastructure, security automation, data center, and cybersecurity.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

Normalyze

Normalyze

Normalyze are solving some of the most painful problems enterprise IT security teams face in the cloud and data security space. We help enterprises protect all the data they run in the cloud.

GO Business

GO Business

GO Business are a specialised B2B team within GO that caters to the communication needs of the local business community in Malta.

Teal Technology Consulting

Teal Technology Consulting

TEAL Technology Consulting is your trusted advisor for all your information security needs.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.

NetAlly

NetAlly

NetAlly network test solutions help engineers and technicians better deploy, manage, maintain, and secure today’s complex wired and wireless networks.

ZeroThreat

ZeroThreat

ZeroThreat, a vulnerability scanning and automated pentesting tool, accelerates vulnerability detection 5x faster with unprecedented accuracy and efficiency in real-time.