Why should businesses prioritize having a disaster recovery solution?
Do you have some real life examples of cases where disaster recovery was not in place, and what the ramifications were to the business? And vice-versa - what are some examples of cases where disaster recovery proved vital and mitigated loss?
I’ve been working for big agro-company and multi-site for our different kinds of production. We put in place a BCP first to identify, in terms of revenues, which site were critical from that weren’t and construct our BCP accordingly. The BCP consisted on defining all actors and services mandatory to ensure production and delivery of our products (supply chain, ordering, delivering, third part and of course IT associated). We found out that before putting BCP in place some of our factories would have been totally unproductive for more than 3 weeks in case of major incidents.
so then after identifying all needed components, we came for some from 3 weeks outage to 4 hours.
We had a very good commitment from our third-party suppliers too while coming to the analysis—and helped some to understand as well their own gap in the case of the same.
So in the end, it was a win-win deal and today we do have clear visibility on all the chains needed to continue the most possible our business.
And of course, i could be hired to help in putting in place such process (no matter it is IBM SP or any other tool, this is just a small part of the journey of BCP)
I am in the business of Disaster Recovery and have been providing DRAAS with one of the renowned vendor equipment. I have come across quite a few cases where there had been many cases here in Nepal where ransomware attacks happen and all the data is encrypted of some reputed corporate houses. It had a lot of business impacts.
Although they had some traditional backup mechanisms, the backup system copied all the ransomware files too so we devised new recovery mechanisms and help the client restore some files too.
Additionally, we implemented and designed a new system and the client is contempt and everything is fine.
disaster recovery plan (DPR) is a set of “action to be taken before during and after a disaster”, and is made to help protect businesses in such an event. Although disasters may not always be avoidable, having a plan helps to reduce the potential damage and quickly restore operations.
Disaster recovery plans and the preventative measures they include are essential for stopping disasters from occurring in the first place. Organizations can’t always avoid disasters, but having a plan helps to minimize the potential damage and get operations back up and running quickly
here an example of a real case :
>>> A DDoS attack:
In this disaster recovery scenario, imagine that a group of malicious hackers executes a Distributed-Denial-of-Service (DDoS) attack against your company. The DDoS attack focuses on overwhelming your network with illegitimate requests so that legitimate data cannot get through.
As a result, your business can no longer connect to databases that it accesses via the network – which, in today’s age of cloud-native everything, means most databases. It’s rare nowadays to have a database that does not require a working network connection to do its job.
In this scenario, disaster recovery means being able to restore data availability even as the DDoS attack is underway. (Ending the DDoS attack would be helpful, too, but anti-DDoS strategies are beyond the scope of this article; moreover, the reality is that your ability to stop DDoS attacks once they are in progress is often limited.) Having backup copies of your data would be critical in this situation. That’s obvious.
What may be less obvious, however, is the importance of having a plan in place for making the backup data available by bringing new servers online to host it. You could do this by simply keeping backup data servers running all the time, ready to switch into production mode at a moment’s notice. But that would be costly, because it would mean keeping backup servers running at full capacity all the time.
A more efficient approach would be to keep backup data server images on hand, then spin up new virtual servers in the cloud based on those images when you need them. This process would not be instantaneous, but it should not take more than a few minutes, provided that you have the images and data already in place and ready to spin up.
having no disaster recovery plan is equal to an unlimited downtime .
In the Disaster Recovery Preparedness Benchmark Survey, the cost of outages added up to more than $50,000 in losses, on average, with bigger companies citing losses up to $5 million.
It’s these kind of eye-popping figures that bring companies down without any hope of recovery. It doesn’t matter what size your company is, downtime is clearly the enemy you want to avoid
Hi,
Disaster recovery is a critical step, especially if there is no redundancy. Typically, the scenario is a site with a single computer room, running a single computer with a service. If the server data and backup data are hosted in the same data center, it can be a risk to lose not only the server data but also the backup data.
I have been involved in several cases, where they had just RAID protection, where duplicate disk failures caused the server data to be unusable. That client (no name which) thoughts that there is no reason for having a backup.
We were able to fix the problem by recovering a part of the critical data manually. This didn't happen just one time but several times.
The customer purchased a backup system from IBM (Spectrum Protect); using our solutions to coop with the open-source data.
Another scenario was a customer in Russia who had all the server data and the backup data in the same data center. A gang of criminals entered the building and took the server data and the backup data, as it was hosted on the same data center building.
In Canada, we have a client that has the server data inside the factory plant, where there was a leakage causing the server data to become broken. The backup was hosted offsite so we were able to restore the data using IBM Spectrum Protect.
In Belgium we had a fire taking out the data center, which caused damage to the server data. We were able to restore the server data as the backup data was hosted on another site. The backup system we used was IBM Spectrum Protect.
In Chile we had an earthquake, causing problems for us. Luckily the client didn't lose any data, but they took immediate action to purchase one.
In Japan, we also had an earthquake, where a whole data center was taken out of action. We were able to restore the data using IBM Spectrum Protect.
So yes, disaster recovery is important.
And now we are entering a new type of scenario where it can also be critical to wipe out data remotely.
Regards,
Tomas Dalebjörk
CEO at spictera.com
In short, DR is a way to recover your Data Center (services & Data) from a disaster [anything that can cause an outage] in a timely manner.
Whether it is important or not it is your decision.
How to decide?
1. Is your data important to your business? if yes, then you need an offsite copy of your data.
2. How much time can you survive without your data/service or you can lose it?
- If we are talking days/weeks, then an offsite recoverable backup copy is good for you.
- if we are talking hours/minutes/seconds, then you need a DR site with a good DR solution.
I think now you can imagine all real-life DR important stories.
I would fully agree that in the present stage of Cyber & Email preparedness one has to be always be prepared in terms of a disaster recovery. This will need to be prepared with the latest backup & recovery system which will pertain to the needs of the current needs & requirements prevalent in the sites.
A disaster recovery plan describes scenarios for resuming work quickly and reducing interruptions in the aftermath of a disaster. It is an important part of the business continuity plan and it allows for sufficient IT recovery and the prevention of data loss
I haven’t seen a business that is immune from a disaster. It could come from several factors like an event from a natural disaster, hardware failure, human errors, or cyber-attacks. Every business relies on data and applications to function properly. What would happen if you suddenly lost access to your data? For many businesses, this would lead to a loss of profit and a negative effect on the reputation of the company. This can even cause the business to shut down.
With a disaster recovery plan or a business continuity plan, you can reduce the risks involved in the total loss of your data and also reduce the downtime to get your business operational again.
Setting up a DRP and a BCP would give an assurance that in the event of a disaster, the negative effects will be minimal, and business can spring back up quickly.
This should be a priority.
The Healthcare industry seems to be the new target for hackers and ransomware.
With our DR plan in place, we were able to recover 80% of the files and 100% of the database data (by having a plan that had been based on best practices): most of the lost files were due to users not following guidelines for storing files on their network drives instead of their personal desktops and laptops. The data and files were back up within 24 hours with the biggest headache being the corrupted files on the single point of failure - Domain controllers are several buildings.
Lessons learned for the estimated cost in lost revenue was easy to show to management (that by not updating to the latest software and application versions and requiring DR on a separate subnet with different system password protection) how much it cost to be down for the four days.
Luckily, it happened on Thursday and we were back up on Monday morning.
It is not a matter of if we will ever need the DR... It is can you afford to not have it WHEN you need the DR!