Issue link: https://insights.oneneck.com/i/1457616
Test and refine disaster recovery on a regular basis Testing recovery solutions is a crucial step to make sure the plan you created works in real time. A deeper analysis can pinpoint why the solution works and why it doesn't for further refinement of overall processes. Disaster recovery plans are not just a one-and-done solution. Instead, organizations should take the approach that they are dealing with a living, breathing strategy that must be continually updated if it is to fare well against unforeseen disasters and cyber threats that are constantly evolving. This means setting up a regular testing schedule to determine whether or not all of the various aspects of a comprehensive and robust disaster recovery plan are still useful to the business. In the process of testing your disaster recovery plan, answering a few questions can help guide this process: ▪ What is the purpose of the test? ▪ How do you measure each test? ▪ Was it a success? ▪ Why or why was it not a success? ▪ What are the implications of a successful result? While this isn't a comprehensive list of what an organization should be asking, it is an effective starting point for having a specific test that points the plan towards a desired outcome. Determine if you need a backup or true DR solution Taking stock of your goals as an organization can help determine whether you need to focus on investing in data backup tools or true DR solutions. "Backups" include the process of creating an extra copy of data for a multitude of reasons ― from encountering an accidental deletion to finding an issue with a software upgrade. On the other hand, "disaster recovery" refers to the complete infrastructure, plan, and processes behind quickly reestablishing the application, data, IT resources, and activity after an outage. The terms "backup" and "disaster recovery" are typically used interchangeably. Unfortunately, this can be a bit confusing as they are far from being the same thing. When it comes to RTO and RPO, backups can take a long time whereas DR completely replicates virtual machines with the aim of getting the entire infrastructure back up and running before the organization experiences severe revenue blowback. DR requires much more bandwidth and comprises a grander strategy that implements backups as part of the greater operational IT infrastructure needed to respond to a disaster. In the case of a cyberattack, DR helps organizations proactively respond to worst case scenario situations. This means having the capacity and bandwidth to restart operations after shutting down the entire operating system in order to prevent attackers from absconding with credit card numbers, social security numbers, driver license information, and other personally identifiable information that can lead to identity theft and fraud. While a backup might be beneficial in the short term, it does not have the bandwidth to proactively protect against a cyberattack. 95% of companies have a disaster recovery plan, but 23% NEVER TEST THEIR PLAN. 27% of companies that have experienced an outage lost revenue because of it. 5 4 5 5 Tsai, Peter. "Data Snapshot: How well equipped are businesses to bounce back from disaster?" Spiceworks. October 23rd, 2018. 10 oneneck.com 03 10 oneneck.com