Data going rogue? No chance
By Matthew Johnston January 18, 2017
- Businesses who want to protect and secure their data assets must know their enemies well, assess the risks, engage the forces of backup and recovery, and prepare to win.
- Before any action can be taken, disaster recovery planning should always begin with a risk analysis.
The brand new year brings exciting opportunities and unseen challenges. While wretched hives of hackers and cyber criminals are expected to continue their villainous acts, I.T. Jedi have the knowledge, skills and means to fight back. Businesses who want to protect and secure their data assets must know their enemies well, assess the risks, engage the forces of backup and recovery, and prepare to win. A powerful ally they must have on their side is a well-designed disaster recovery (DR) plan, after all there are no fool proof plans, there are only well planned ones.
Given that 63 percent of businesses in Asia – the highest percentage globally – are routinely generating value and insights from data, any downtime translates into lost revenue, lowered employee productivity and damage to the corporate brand. And despite the acknowledgement that the value of a company’s data is its core asset, more than 60 percent of companies do not have a fully documented DR plan. It is therefore vital that companies can keep their businesses running in the face of disaster, both man-made and natural.
I’m a Star Wars fan and the recent cinema visits made me think about jotting down a couple pointers on DR planning:
Form an alliance of DR heroes
In times of conflict, a group of ordinary people can band together to achieve extraordinary feats, and create something greater than themselves in the process. Unless your company adopts the same approach, you’re basically gambling with your corporate assets every day. Disaster recovery planning requires deep collaboration between many stakeholders, extending all the way from the leadership, to lines-of-business managers, down to I.T. personnel. No single person will ever have the power to achieve this.
To prepare for risk, you must do, or do not. There is no try.
Before any action can be taken, disaster recovery planning should always begin with a risk analysis. First, understand the potential costs and lost revenue resulting from disruptions to the business. Next, assign a likelihood of occurrence to the risks which have the biggest impact. Finally, define your plan (and cost required) to mitigate these risks.
The ability to centralize is insignificant next to the power of the Cloud
Emperor Palpatine may not have been aware of it, but when he built the powerful Death Star, he created a single point of failure. With many of his key personnel, information and resources located in one battle station, the Empire practically collapsed when the Death Star was blown away (twice).
In the same way, CIOs need to ensure that their company’s vital information resources are not concentrated in one or two physical locations. They can take advantage of public cloud services that provide an optimal balance of cost and flexibility, while allowing them to extend DR to a broader array of tested systems, applications and data, thereby making their operations more robust. Security in the cloud has also reached enterprise-ready levels with many global companies entrusting their data to established providers; all that is required is to evaluate potential cloud partners with the same rigor and discipline as you would any third-party service provider.
When it comes to DR, there’s no such thing as luck.
Despite disaster recovery planning being critical to business continuity, it rarely appears high on the list of business or budgetary priorities, unless mandated by regulators or government. Instead, many companies prefer to rely on blind hope; without going through the rigor and training required to be fully proficient in the ways of the Force.
Major disruptions, disaster or even IT outages continue to strike organizations as they experience at least an hour of data loss, or even more alarmingly, causing a data centre loss for up to five hours. With losses ranging from US$50,000 to over US$5 million, it is a business imperative to implement a disaster recovery plan to protect your data as you would your assets.
Always keep in mind, disasters do happen and not always to the other guy. Best practice organizations have robust DR capabilities that are vigorously tested. If you want to rise from being an information Padawan to becoming a fully-realized Master, disaster recovery and business continuity planning must become part of the fabric of running your business.
May your data be with you. Always.
Matthew Johnston is the Area Vice President, ASEAN & Korea, Commvault