"Fail to plan – plan to fail" is a phrase that really applies to Disaster Recovery. For many businesses, managing the increasing amount of data that is being collected, processed, transferred and stored both internally and at external data centres represents a major challenge. However, having large and critical amounts of information flows, the risk of consequences in the event of disasters also increases.
Disaster Recovery (DR) means having guidelines, procedures and tools in place which enable businesses to regain the use of critical systems and IT infrastructure as soon as possible following a natural or man-made disaster.
Disaster recovery is often included as part of the business's plan to ensure continuity during crises or serious disruptions (known as Business Continuity Plan).
Examples of types of disasters are:
Cyber attacks through methods such as malware and ransomware attacks
Epidemics or pandemics, such as COVID-19
Terrorist attacks or threats
Hurricanes, earthquakes, etc.
Not having a prepared plan for recovery after a disaster makes it extra challenging since the pressure is naturally extremely high due to the ongoing disaster management. Our unambiguous recommendation, therefore, is that all organizations should prepare for disasters as part of their business strategy.
To prepare for a disaster, one should conduct an inventory and analysis of their information system (information assets) and document procedures to follow in times of crisis - a disaster plan. Preparing for crises before they occur and creating a plan for how to act also provides other benefits. It increases awareness of vulnerabilities, threats, and risks, and can also be a good support for identifying and prioritizing business-critical information systems, people, and processes.
Before the disaster strategy is established, existing information assets need to be analyzed and prioritized. Two differens analysis typically play a role in DR decision making processes:
Risk analysis or risk assessment is an evaluation of the potential risks the company may face, as well as the likelihood and consequence if they occur. This analysis is used as a basis for deciding on measures to reduce the risks.
Business Impact Analysis (BIA) evaluates the effect of the risk identified above on business operations. A BIA can help predict and quantify costs, both financial and non-financial. It also evaluated the effects of various disasters on business security, finances, marketing, reputation, legal compliance and quality assurance.
Recovery of information systems typically includes, among other things:
Data center (servers, applications, databases etc.)
Virtualized disaster recovery
Recovery of cloud services
Processes/information flows (combinations of the above, e.g., validation of logical consistency)
Cegal and Disaster Recovery
Cegal provide support for the establishment, maintenance, and testing of DR plans. Additionally, Cegal can provide services for monitoring various technologies. We specialize in hybrid cloud solutions, setting up and running business critical solutions, as well as monitoring databases.
Cegal has extensive experience with high availability environments, where we assist both small and large customers in finding the right solution at the right price.