Businesses are fragile things. They can be affected in their success by a whole host of factors including market forces, consumer habits, and changes in attitudes.
But many aspects of your business success are firmly held in your own hands. You can develop an agile approach allowing you to change your model based on market forces, you can adapt your products or services to take into account consumer demands, and you can keep track of people's opinions to ensure you keep with current thinking and attitudes.
But how would you cope with a major incident that occurred to or in your business?
Business continuity and disaster recovery are essential tools designed to protect your business should the worst happen.
If you make use of technology in your business, and particularly if it forms the backbone of your operations, you need to make sure you have a Disaster Recovery Plan.
Disaster Recovery is the process of recovering your technical systems, data and applications to a level which allows you to continue operating your business.
Sometimes a DR solution will only recover key systems - just enough to keep you going in the short term until a full recovery can be performed.
A technical disaster or incident can be caused by a number of internal factors including technical faults, accidental damage caused by errors, or malicious activity.
Disasters can also be caused by external factors such as power cuts, floods or property damage.
The key to an effective DR plan is to evaluate which systems, applications and data are key to your operations and ensuring these are recovered first. There is no point spending time and effort recovering your marketing database when your customers aren't getting the products they've ordered or the services they've bought.
Getting your DR plan right can mean the difference between having a business in serious trouble and your customers not even knowing there was a problem.
A Business Continuity Plan is similar in many ways to a Disaster Recovery Plan. The main difference is that the BCP deals with more than just technology.
Your BCP covers all aspects of your business, from offices and desk space, communications, and operations, to incident response, staff safety and public relations.
Whether you decide your business needs a full BCP or merely a DRP you should be aware that having one and making sure it is up to date and tested can be the difference between your business surviving and growing and it's complete failure.
There are many statistics out there about business survival following an incident, but the general consensus is that businesses experiencing a major incident and who don't have an effective BCP will go out of business within 6-24 months of the incident.
You have insurance to cover you should the worst happen. A Business Continuity Plan or at the least a Disaster Recovery Plan should help protect you in the same way - by ensuring your business survives whatever is thrown at it!
Sabtu, 30 September 2017
Rabu, 13 September 2017
Business Continuity and Disaster Recovery - Don't Focus on the Wrong Areas When Making Your Plans
Sure, planning for catastrophic failures such as tornados, hurricanes, and earthquakes can make your day more interesting. But the fact of the matter is most Business Continuity and Disaster Recovery incidents involve situations far more mundane.
According to Strategic Research Corp., the leading causes of Business Continuity and Disaster Recovery incidents are:
o 44% Hardware Failure-Servers, disk drives, switches or other core infrastructure components.
o 32% Human Error-The primary mode of human error is either a mistake in a configuration setting or issuing the wrong command on a production system. Human error happens more frequently after hardware replacements and upgrades.
o 14% Software and Firmware Errors-These failures are often related to operating systems errors, driver incompatibilities, and the introduction of new applications to servers that contend for resources.
o 7% Virus/Security Breach-In today's world malicious attacks do happen. Therefore a solid security plan must be part of any credible BCDR initiative. This type of BCDR incident has been increasing and it is vitally important your BCDR solution be able to provide a Recovery Point Objective (RPO) prior to the time of attack.
o 3% Natural Disaster-Natural disasters are often cited as a leading reason for Business Continuity and Disaster Recovery planning but they represent a relatively small percentage of actual BCDR events.
Perhaps even less exciting is that studies show that planned downtime accounts for 70-90 percent of all system outages!
This suggests that we need to look at the concept of business continuity and disaster recovery from the other end of the telescope, effectively inverting the common view to yield a new set of priorities for "disaster" prevention.
Proposed Emphasis for BCDR Planning:
70-90% of planning focused on minimizing planned downtime
7-25% of planning focused on preventing un-planned downtime
3-5% of planning focused on natural disaster recovery
When viewed in this context and with the overall goal of supporting business process functionality, it becomes clear that we must build the case for business continuity and disaster recovery into the foundation of our infrastructure, not consider it something optional to be looked at separately.
According to Strategic Research Corp., the leading causes of Business Continuity and Disaster Recovery incidents are:
o 44% Hardware Failure-Servers, disk drives, switches or other core infrastructure components.
o 32% Human Error-The primary mode of human error is either a mistake in a configuration setting or issuing the wrong command on a production system. Human error happens more frequently after hardware replacements and upgrades.
o 14% Software and Firmware Errors-These failures are often related to operating systems errors, driver incompatibilities, and the introduction of new applications to servers that contend for resources.
o 7% Virus/Security Breach-In today's world malicious attacks do happen. Therefore a solid security plan must be part of any credible BCDR initiative. This type of BCDR incident has been increasing and it is vitally important your BCDR solution be able to provide a Recovery Point Objective (RPO) prior to the time of attack.
o 3% Natural Disaster-Natural disasters are often cited as a leading reason for Business Continuity and Disaster Recovery planning but they represent a relatively small percentage of actual BCDR events.
Perhaps even less exciting is that studies show that planned downtime accounts for 70-90 percent of all system outages!
This suggests that we need to look at the concept of business continuity and disaster recovery from the other end of the telescope, effectively inverting the common view to yield a new set of priorities for "disaster" prevention.
Proposed Emphasis for BCDR Planning:
70-90% of planning focused on minimizing planned downtime
7-25% of planning focused on preventing un-planned downtime
3-5% of planning focused on natural disaster recovery
When viewed in this context and with the overall goal of supporting business process functionality, it becomes clear that we must build the case for business continuity and disaster recovery into the foundation of our infrastructure, not consider it something optional to be looked at separately.
Selasa, 22 Agustus 2017
How A Disaster Recovery Service Provides Business Continuity During Critical Server Failure
Computers are paramount to every successful business and the need to have a contingency plan in place should anything happen to your precious data is a necessity.
One of the worst possible incidents for a company is a server failure. Unfortunately such a disastrous thing can occur with just a little bit of bad luck. Smooth running computer systems are crucial to the everyday running of our business and on a larger scale our economies. Though there are a number of ways you can protect your precious data should your computer system fail and continue smooth running of your business.
Statistics suggest large companies put between 2-4 percent of IT budgets into disaster recovery planning in the hope of avoiding larger long term losses. How you plan for such an occurrence can have a crucial say in how you come out of it. Many of the best companies that offer a disaster recovery service will provide a disaster recovery assessment and disaster planning to show you how prepared you are and how you can be better organised if a server fails - remember prevention is the best form of cure.
Mirroring data to an offsite location or just backups onto a cloud service, another server or hard drive can be a saving grace if you suffer server failure, and will allow you to continue unharmed. The uses of simple items such as surge protectors are also a necessity and are a straightforward but vital aspect of protecting your data.
If the worse should happen there are a number of ways in which you can get back your data. Doing so is very important, companies who lose their data and end up with information find it very hard to compete and many suffer huge consequences.
Disaster recovery solutions such as data recovery will mean you can be sure you retrieve most or all of the lost data; this is a last resort but is crucial if you've lost all of your data. Emails and work place data can also be retrieved by similar methods, as can recovery of client's networks with little hassle and virtually complete continuity.
Should you fear being or be the unfortunate victim of such a failure, then many companies also offer disaster recovery validation and testing afterwards. This will help you test your recovery plans and ensure they're up to scratch before or after a nightmare scenario such as the aforementioned.
One of the worst possible incidents for a company is a server failure. Unfortunately such a disastrous thing can occur with just a little bit of bad luck. Smooth running computer systems are crucial to the everyday running of our business and on a larger scale our economies. Though there are a number of ways you can protect your precious data should your computer system fail and continue smooth running of your business.
Statistics suggest large companies put between 2-4 percent of IT budgets into disaster recovery planning in the hope of avoiding larger long term losses. How you plan for such an occurrence can have a crucial say in how you come out of it. Many of the best companies that offer a disaster recovery service will provide a disaster recovery assessment and disaster planning to show you how prepared you are and how you can be better organised if a server fails - remember prevention is the best form of cure.
Mirroring data to an offsite location or just backups onto a cloud service, another server or hard drive can be a saving grace if you suffer server failure, and will allow you to continue unharmed. The uses of simple items such as surge protectors are also a necessity and are a straightforward but vital aspect of protecting your data.
If the worse should happen there are a number of ways in which you can get back your data. Doing so is very important, companies who lose their data and end up with information find it very hard to compete and many suffer huge consequences.
Disaster recovery solutions such as data recovery will mean you can be sure you retrieve most or all of the lost data; this is a last resort but is crucial if you've lost all of your data. Emails and work place data can also be retrieved by similar methods, as can recovery of client's networks with little hassle and virtually complete continuity.
Should you fear being or be the unfortunate victim of such a failure, then many companies also offer disaster recovery validation and testing afterwards. This will help you test your recovery plans and ensure they're up to scratch before or after a nightmare scenario such as the aforementioned.
Minggu, 13 Agustus 2017
Disaster Recovery Plan Template - Avoid This Mistake When Using a Disaster Recovery Plan Template
What is the mistake? Focusing your disaster recovery plan template on technology first and business process priorities second.
This might sound like a strange statement coming from network infrastructure experts. But focusing on appliances and software solutions can lead to the development of incomplete or inadequate solutions and this can be an expensive and humbling mistake! IT Business Continuity and Disaster Recovery (BCDR) is not about appliances, power supplies, routers, switches and servers, it's about supporting business processes.
Business Continuity and Disaster Recovery (BCDR) are two separate and related concepts that are often lumped together when developing recovery plans. Let's start with some quick definitions.
IT Business Continuity
Business Continuity refers to an organization's ability to keep vital business operations running at or near normal capacities in the event of infrastructure failure. These failures can be caused by human errors, power failures, application errors and a host of others that impact the ability of the infrastructure to properly support the organization. When speaking of Business Continuity the majority of the infrastructure remains in place and functional which is in contrast to Disaster Recovery.
IT Disaster Recovery
Disaster Recovery refers to incidents that significantly impact or make unavailable critical infrastructure. The most common examples are natural disasters and other "acts of God." Planning for data protection and recovery are fundamental to disaster recovery principles.
So the idea of BCDR really is to ensure that your company or organization continues to function at or near normal capacity levels under even the most challenging conditions.
Sounds pretty straightforward, right? Well, wrapped up in that deceptively simple concept are dozens, hundreds, perhaps even thousands of business processes, most, if not all of which are dependent upon your IT infrastructure for successful execution.
So the place to begin defining your disaster recovery plan is not in the server room but rather out among the business units.
For example, maybe you work for a financial institution that has to comply with Sarbanes-Oxley, HIPAA or PATRIOT Act regulations. Information availability is required under all conditions, including routine back-up. Fines for non-compliance and damage to reputation for failure to comply are huge.
Or
Your organization manufactures precision electronic components and your ERP and inventory management systems must be operational during the week. Downtime costs you $3500/hour. However, routine maintenance can be performed during the week.
Or
Your company processes a high volume of data entry, fulfillment processing and shipping operations around the clock. Downtime has been calculated to be $12,700 per hour.
3 different scenarios with 3 entirely different sets of requirements.
Hopefully you see that before you can develop or use a recovery plan template for your organization you must identify, understand, and prioritize the requirements of each of the most critical processes.
To learn more about developing or using disaster recovery plan templates more effectively I highly recommend you read the white paper titled The Disaster Waiting to Happen: The 4 Biggest BCDR Mistakes People Make And Why They Cost So Much. You can get your copy while supplies last here Disaster Recovery Plan Template and you'll discover why Business Continuity and Disaster Recovery Planning remains such a hot topic in the IT infrastructure world today.
This might sound like a strange statement coming from network infrastructure experts. But focusing on appliances and software solutions can lead to the development of incomplete or inadequate solutions and this can be an expensive and humbling mistake! IT Business Continuity and Disaster Recovery (BCDR) is not about appliances, power supplies, routers, switches and servers, it's about supporting business processes.
Business Continuity and Disaster Recovery (BCDR) are two separate and related concepts that are often lumped together when developing recovery plans. Let's start with some quick definitions.
IT Business Continuity
Business Continuity refers to an organization's ability to keep vital business operations running at or near normal capacities in the event of infrastructure failure. These failures can be caused by human errors, power failures, application errors and a host of others that impact the ability of the infrastructure to properly support the organization. When speaking of Business Continuity the majority of the infrastructure remains in place and functional which is in contrast to Disaster Recovery.
IT Disaster Recovery
Disaster Recovery refers to incidents that significantly impact or make unavailable critical infrastructure. The most common examples are natural disasters and other "acts of God." Planning for data protection and recovery are fundamental to disaster recovery principles.
So the idea of BCDR really is to ensure that your company or organization continues to function at or near normal capacity levels under even the most challenging conditions.
Sounds pretty straightforward, right? Well, wrapped up in that deceptively simple concept are dozens, hundreds, perhaps even thousands of business processes, most, if not all of which are dependent upon your IT infrastructure for successful execution.
So the place to begin defining your disaster recovery plan is not in the server room but rather out among the business units.
For example, maybe you work for a financial institution that has to comply with Sarbanes-Oxley, HIPAA or PATRIOT Act regulations. Information availability is required under all conditions, including routine back-up. Fines for non-compliance and damage to reputation for failure to comply are huge.
Or
Your organization manufactures precision electronic components and your ERP and inventory management systems must be operational during the week. Downtime costs you $3500/hour. However, routine maintenance can be performed during the week.
Or
Your company processes a high volume of data entry, fulfillment processing and shipping operations around the clock. Downtime has been calculated to be $12,700 per hour.
3 different scenarios with 3 entirely different sets of requirements.
Hopefully you see that before you can develop or use a recovery plan template for your organization you must identify, understand, and prioritize the requirements of each of the most critical processes.
To learn more about developing or using disaster recovery plan templates more effectively I highly recommend you read the white paper titled The Disaster Waiting to Happen: The 4 Biggest BCDR Mistakes People Make And Why They Cost So Much. You can get your copy while supplies last here Disaster Recovery Plan Template and you'll discover why Business Continuity and Disaster Recovery Planning remains such a hot topic in the IT infrastructure world today.
Kamis, 27 Juli 2017
When Do I Need A Disaster Recovery Plan For My Company?
There are many questions that may arise when an individual embarks on a new business venture. Whether the individual is starting a new business or revamping an old business, there are certain steps that should be taken to protect the individual's investment in their company and ensure that business can continue as usual in the event that something adverse happens to affect the business. Many individuals have turned to using a disaster recovery plan to ensure the fast implementation of procedures that will help a business recover and continue to satisfy clients if anything happens to affect the business. So when is a disaster recovery plan needed for a company? Preferably, the company should have a disaster recovery plan in place before a disaster strikes.
A disaster recovery plan is an outline created by the principals of a company, or those they choose to hire, to detail how a business will deal with any potential disaster that may occur. This may include any adverse events from server failure to an earthquake leveling the building. Because a true disaster is typically unforeseen, it is best for the company to have a disaster recovery plan in place prior to a disaster occurring within the company. The disaster recovery plan will outline the steps that need to be taken to ensure that the customers will be taken care of in a timely manner and return the business to operation as quickly as possible.
A proper disaster recovery plan will need to be formed only after an intense review of business practices has been conducted. Any business procedures that are found to be ineffective or unneeded can be corrected at this time. By focusing on the business methods that bring results and including them in the disaster recovery plan, the business will be focused on completing the steps that will bring the best results if any type of adverse event affects the course of business. The disaster recovery plan may cover several different types of disasters and the steps that may be needed to recover from each.
There are many types of businesses that could benefit from having a disaster recovery plan, but many business owners either believe that a disaster recovery plan is not necessary or they put off creating, implementing, and testing a plan for so long that a disaster strikes and disrupts their business before they have a plan put into place. This is the catalyst that many business owners need before they decide to create a disaster recovery plan, but unfortunately much damage could be done and much revenue lost because a disaster recovery plan was not in place before the disaster occurred.
A disaster recovery plan is an outline created by the principals of a company, or those they choose to hire, to detail how a business will deal with any potential disaster that may occur. This may include any adverse events from server failure to an earthquake leveling the building. Because a true disaster is typically unforeseen, it is best for the company to have a disaster recovery plan in place prior to a disaster occurring within the company. The disaster recovery plan will outline the steps that need to be taken to ensure that the customers will be taken care of in a timely manner and return the business to operation as quickly as possible.
A proper disaster recovery plan will need to be formed only after an intense review of business practices has been conducted. Any business procedures that are found to be ineffective or unneeded can be corrected at this time. By focusing on the business methods that bring results and including them in the disaster recovery plan, the business will be focused on completing the steps that will bring the best results if any type of adverse event affects the course of business. The disaster recovery plan may cover several different types of disasters and the steps that may be needed to recover from each.
There are many types of businesses that could benefit from having a disaster recovery plan, but many business owners either believe that a disaster recovery plan is not necessary or they put off creating, implementing, and testing a plan for so long that a disaster strikes and disrupts their business before they have a plan put into place. This is the catalyst that many business owners need before they decide to create a disaster recovery plan, but unfortunately much damage could be done and much revenue lost because a disaster recovery plan was not in place before the disaster occurred.
Sabtu, 15 Juli 2017
Disaster Recovery Planning - Mitigating Data Loss in Small and Medium Sized Businesses
Disaster recovery planning; also commonly referred to as 'business continuity planning' involves planning for the possibility of an event that causes the loss or destruction of data. It also involves ensuring that a recovery plan is in place so that the business can recover and continue should the disastrous event occur. When it comes to disaster recovery planning more than half of all small and medium-sized businesses lack a comprehensive disaster recovery plan. While almost everyone understands the need to have insurance policies to protect their assets there is often a certain disconnect when it comes to planning for the protection of the data that resides on their computer systems. After all, what good is having the insurance company buy you a new computer if the data that you need to run your business is gone? Many also focus on the word 'disaster' and assume that it refers to an act of god or some other rare occurrence and count themselves safe; after all, what are the chances that the earth is going to open up and swallow their computer systems, right? This however is badly misguided in that the 'disaster' we are referring to in the disaster recovery plan can be any of the following occurrences:
Hard drive failure
Operator error leading to the corruption or deletion of data
Theft
Sabotage by current or former employees
Software errors leading to the corruption of data
Flood or Fire
Electrical damage
Now that we have established some of the many different ways that data loss events can occur we need to cover the steps that can be taken to ensure that the data can be recovered so that business operations can continue in the event that data is damaged, deleted or otherwise destroyed. One also needs to be careful not to assume that simply subscribing to one of the many online backup solutions (Carbonite, Dr. Backup, etc) amounts to a disaster recovery plan. It's worth noting that doing something is better than nothing so if you are not committed or otherwise able to develop a disaster recovery plan then an online backup system is still going to be better than nothing, but one should be careful not to develop a false sense of security since an online backup program is by no means a full disaster recovery plan. Creating a comprehensive disaster recovery plan involves the following:
Documenting business processes. It is important to fully document all important business processes and determine where and how the data for each is stored.
Planning the right backup solution. Simply running backups is often not enough- are databases involved? Most databases can't be recovered from the simple copy of files that is included in a normal backup procedure so databases need to be looked at separately and individually to ensure the backup system that is implemented is actually going to be able to recover them.
Implementing the backup solution. Once a backup plan is created the hardware and/or software involved needs to be acquired and set up accordingly.
Testing. Tests will need to be done to ensure that the backups being made work and are able to restore the data.
Monitoring of the backup solution. Monitoring essentially a never-ending process since there is near 100% certainty that the something will cause the backups to fail at some point and require a human intervention to get them running again.
Hard drive failure
Operator error leading to the corruption or deletion of data
Theft
Sabotage by current or former employees
Software errors leading to the corruption of data
Flood or Fire
Electrical damage
Now that we have established some of the many different ways that data loss events can occur we need to cover the steps that can be taken to ensure that the data can be recovered so that business operations can continue in the event that data is damaged, deleted or otherwise destroyed. One also needs to be careful not to assume that simply subscribing to one of the many online backup solutions (Carbonite, Dr. Backup, etc) amounts to a disaster recovery plan. It's worth noting that doing something is better than nothing so if you are not committed or otherwise able to develop a disaster recovery plan then an online backup system is still going to be better than nothing, but one should be careful not to develop a false sense of security since an online backup program is by no means a full disaster recovery plan. Creating a comprehensive disaster recovery plan involves the following:
Documenting business processes. It is important to fully document all important business processes and determine where and how the data for each is stored.
Planning the right backup solution. Simply running backups is often not enough- are databases involved? Most databases can't be recovered from the simple copy of files that is included in a normal backup procedure so databases need to be looked at separately and individually to ensure the backup system that is implemented is actually going to be able to recover them.
Implementing the backup solution. Once a backup plan is created the hardware and/or software involved needs to be acquired and set up accordingly.
Testing. Tests will need to be done to ensure that the backups being made work and are able to restore the data.
Monitoring of the backup solution. Monitoring essentially a never-ending process since there is near 100% certainty that the something will cause the backups to fail at some point and require a human intervention to get them running again.
Langganan:
Postingan (Atom)