SMEs Need A Disaster Recovery Plan

Uploaded on 2019-06-28 in TECHNOLOGY--Resilience, FREE TO VIEW

Most businesses dislike renewing IT equipment but they dislike renewing Disaster Recovery (DR) solutions even more. These aren’t revenue-generating systems after all, and small businesses have other things to spend their money on. Still, DR solutions can fall out of date just as quickly as primary IT infrastructure.

The cost of not updating DR solutions could be far greater in the end. A 2017 SME survey caried out by Forrester Research found that only 55% of businesses surveyed  felt prepared or very prepared to recover their data centres after a disaster.

For many, then, it's time to take a long hard look at their DR solution to see if it still fit for purpose. Here are four signs that you may be among them:

The Law has Changed
Regulatory or legal issues were among the biggest factors driving DR improvements, according to Forrester. 
One of the biggest drivers for revising DR plans is the introduction of the General Data Protection Regulation (GDPR), which came into effect in May 2018.

GDPR’s rules affect DR systems and primary systems equally. They require organisations to restore access to personal data in a timely manner, and mandate regular testing and evaluation for all data processing systems, including DR. 
Now is the time to check the security of your DR system and ensure that any DR service providers understand their own responsibilities as data processors under GDPR.

Your Data loads have Changed
Yesterday's DR solution may have been appropriate for a company half your size, but what about now? 
Data volumes have a habit of growing unchecked in the background, and a deluge of data can have an adverse effect on business resilience.

While many companies focus on planning data capacity for primary systems, it is easy to forget this task on the DR side. 
Check DR hardware and network capacity regularly against current data loads to ensure that they are adequate to handle data transfers.

Your Infrastructure has Changed
Data volumes are not the only things that evolve in an IT environment. Applications change, and hardware infrastructure expands. Organisations also move into private, public or hybrid cloud environments. 

In some cases, backup software appliances may not support this expanded infrastructure, especially if they are vendor-specific and new equipment from other suppliers has been brought on board. As your infrastructure strategy evolves, schedule regular reviews of your DR solution to ensure that it still supports your current server, storage and operating system selection and that it will backup data from your entire application portfolio.

Your Risk Profile has Changed
All DR strategies should be closely aligned with business risk, but this risk profile changes over time. Business teams should be involved in regularly revising Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs). 
And these may change as the company builds out new business workflows and commercial imperatives shift.

When reassessing your DR solution, re-examine these metrics and ensure that they can support the necessary backup cadence to handle your company’s RPO needs. Ask yourself whether the DR architecture can cope with current RTOs, especially if backing up from a remote location.

Reviews of your DR needs and capabilities should be as regular as privacy and security assessments, especially now that GDPR has tightened the rules. Keeping your DR solution current brings several benefits, but perhaps the most important is that you’ll be able to sleep soundly at night.

DTX:            Probrand:

You Might Also Read: 

Now Is Definitely Time To Check You Are GDPR Compliant:

 

« US Cyber Attack On Iran
US Hackers Penetrate Russia's Electric Grid »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Canadian Centre for Cyber Security (CCCS)

Canadian Centre for Cyber Security (CCCS)

The Cyber Centre is the single unified source of expert advice, guidance, services and support on cyber security for government, critical infrastructure, the private sector and the public.

BeOne Development

BeOne Development

BeOne Development provide innovative training and learning solutions for information security and compliance.

Greenbone Networks

Greenbone Networks

Greenbone Networks delivers a vulnerability analysis solution for enterprise IT which includes reporting and security change management.

Open Systems International (OSI)

Open Systems International (OSI)

Our innovative Operations Technology (OT) solutions are highly scalable and can be deployed by various utility companies to monitor, control and optimize their real-time operations.

CyberTech Network

CyberTech Network

CyberTECH is a global cybersecurity, Internet of Things (IoT) and Smart City network ecosystem and incubator operator.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

Zecurion

Zecurion

Zecurion data loss prevention (DLP) solution is an easy-to-use solution for securing confidential data at rest and in motion.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

Navaio IT Security

Navaio IT Security

Navaio helps clients with IT Security related challenges with a primary focus on Identity and Access Management, Data Governance, User Awareness and Cyber Resilience Services.

SimSpace

SimSpace

SimSpace is the visionary yet practical platform for measuring how your security system responds under actual, sustained attack.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

CyberArmor

CyberArmor

Cyber Armor defend everyday IT and OT systems, from government agencies to critical infrastructure, from system integrators to small industries.

Canonic Security

Canonic Security

Canonic streamlines app review, continuously monitors apps, and reduces the risks involved in third-party access to your data.

NetApp

NetApp

The NetApp portfolio includes intelligent cloud services, data services, and storage infrastructure that helps organizations manage applications and data everywhere across hybrid cloud environments.

Flow Security

Flow Security

Enterprises run on data, Flow secures it at runtime. With a runtime-first approach, Flow is a game-changer in the data security space, securing data itself, beyond the infrastructure it resides in.

XONA Systems

XONA Systems

XONA is The Zero Trust user access platform for the OT enterprise. Secure operational access to critical systems - from anywhere.