Is your business prepared for a natural disaster or power outage? Establishing clearly defined roles, responsibilities and the proper chain of command are critical for an organization to respond to a crisis. While many businesses understand all too well the operational and financial impact of disruption to their business systems and processes, plenty of other companies still consider disaster recovery a low priority project. If your organization can’t simulate a network outage or an IT disruption with a disaster recovery plan, you may have some work to do.
Disaster recovery is when an unforeseen event happens to an organization that threatens business operations and/or revenue generation; the organization can mitigate risks and recover from the event with minimal or no losses.
These disasters can take the form of:
- Computers or other hardware failing
- Internet and application connections failing because the service provider or organization had a massive security breach or DDoS attack
- Loss of productivity due to defective software from a virus
- Power failure at a data center which renders all SaaS, IaaS, or private data inaccessible
- Natural disasters such as earthquakes, flooding, hurricanes, or snowstorms
- Theft of company assets such as personal computers or data
Let’s dive a little deeper into some common disasters.
According to Eaton’s US Blackout Tracker, there were 3,571 total power grid outages in 2015 alone. This is major reason why it is important for data centers to have power redundancy and UPS systems within their facilities; because power outages are common. However, even data centers fail and networks, data backup, and managed services go dark. Looking at the Top Causes of Data Center Outages, a UPS failing accounts for 25% of unplanned data center outages with cybercrime coming in a close second, accounting for 22% of unplanned downtime.
A study from the Ponomon Institute states that the average cost of a lost or stolen laptop averages around $50,000, and that any given laptop has a 7% chance of being lost/stolen within a three year lifespan. The costs associated with a lost or stolen laptop are not only replacing the laptop, but also due to the loss of productivity of the user, the loss of the data on the laptop, and the possible damaging effects of personal data reaching a competitor.
Incapsula performed a survey asking IT employees from 270 varying size companies about DDoS attacks to their organizations and the consequences of those attacks. Of the 270 surveyed, 41% noted that they were hit with an attack within the last 12 months. Interestingly, organizations with 500+ employees were at the greatest risk of an attack, and incur higher costs associated with the attacks. The study also pointed out that roughly 65%+ of attacks last 6+ hours, with an estimated cost of $40,000 per hour.
If your organization currently utilizes any SaaS, IaaS, SECaaS, or another aaS offering, you may want to add another tool to your belt to ensure business continuity; DRaaS.
PC Mag developed a checklist of questions to help companies select a DRaaS provider that will meet their needs:
Backup: (Which backup options/capabilities are offered)
- Will the DRaaS offering protect all line-of-business applications and platforms?
- Does the DRaaS solution create local backups as well as cloud-based backups?
- Does the DRaaS solution incorporate file size management to reduce storage needs?
- What applications, operating systems, and databases are directly supported?
- How frequently is the data backed-up or synchronized?
Recovery: (What happens if there is an onsite failure)
- How long does it take to recover an application? Server? Data?
- Will the DRaaS support a self-service model?
- How complex is it to move from a backup to a live state?
- Does the DRaaS offer a local appliance and address network change issues?
Failure-State: (How does the temporary recovery solution work)
- What level of performance can be expected when failed applications are hosted in the cloud?
- What architecture is used by the host to guarantee availability?
- What is the maximum number of VMs the DRaaS supports?
Failback: (What happens when on-site capabilities return to normal)
- Are there time limits on how long the provider will host the recovery environment?
- Are there additional charges, penalties, or other costs associated with long-term hosting?
- How does the provider manage restoration/failback? Is there a danger of data loss
- Does the failback process introduce downtime?
Preparing for a disaster or disruption of any kind requires a comprehensive approach that encompasses hardware and software, networking equipment, power, connectivity and test procedures that ensure DR and restoration are achievable within recovery time objective (RTO) and recovery point objective (RPO) targets. While implementing a thorough DR and data protection plan isn't a small task, the potential benefits are significant.
If your organization needs an expert to help bring some clarity to all the disaster recovery options on the market, schedule a consultation with one of our experts here.