Businesses have had to be nimble in recent weeks. The current global coronavirus pandemic has seen companies forced to migrate sometimes thousands of workers to remote-working set-ups, with all the inherent security risks that involves.
IT managers through to CTOs throughout the land have had to come to terms with new ways of working. A series of process refinements have no doubt been in effect from plugging gaps in provisioning, increasing bandwidth through to ensuring internal firewall and VPN protections are as robust as possible. These changes and process will have been all encompassing over the last few weeks, but now that teams are set up successfully remotely – what happens next?
The next major challenge is ensuring business continuity now remote working has been established. For example, maintaining services that are going to be delivered remotely for the foreseeable future, when it isn’t necessarily possible for you to maintain hardware on-site. Furthermore, social distancing means it’s not possible to be perform manual updates and security checks on now-disparate devices across the network, and providing maintenance remotely comes with all sorts of challenges.
So as the process of metaphorically dusting off business continuity and disaster recovery (DR) strategies unfolds, businesses are getting to grips with just how robust their strategies actually are – as previous ‘in the event of’ considerations which were never deemed a reality, come true.
Increased exposure to attacks
The recent COVID-19 outbreak has given cyber criminals and hacker groups an inconceivable amount of ammunition, and at a time when networks are more open than they have ever been. Individual users are accessing potentially harmful emails from personal devices one minute and uploading data to business networks the next. What’s more, the power to control what’s happening on the end user’s device is severely limited. IT teams try to keep networks as safe as possible remotely, yet the ability to implement corporate levels of anti-virus and malware protection are nil.
Factor in the threat to firewalls driven by multiple VPNs all accessing a network simultaneously and the security headache for IT managers has rarely been so severe.
Social distancing – from your data centre
Alongside the increased threat of myriad end-user devices accessing the network, it doesn’t help that it may be impossible to access your data centre due to the lockdown. In this instance, what happens if hardware fails, there is a power cut or if all connectivity drops out across your network? It may not even be possible to carry out patching requirements because a restart would be needed on-site, or would at least require eyes on your failover in should things go wrong.
So what can you do to ensure your network is as safe as possible, and that you’ve got an adequate DR solution?
How’s your disaster recovery plan looking?
Data security is a core business concern these days but being able to ensure operational continuity when disaster strikes requires more than simply backing everything up in the Cloud. Of course cloud backup is a vital element of a healthy disaster recovery plan, but there’s a lot more you’ll need to think about before you can consider your business safe from an IT perspective. If you can’t tell someone exactly what your company would do if all your systems were to shut down simultaneously, you’re nowhere near to being prepared for a disaster.
Businesses these days are in a blessed position when it comes to implementing a solid DR plan. Thanks to cloud computing services, outsourced and hybrid solutions, disaster planning is no longer the preserve of the deep-pocketed, multi-national corporations. Software-based infrastructure and wider virtualisation means even the smallest of businesses are able to provision their applications, servers – and all their attendant security measures – as software, even if the only physical server they possess is sat in a store cupboard somewhere. By implementing servers virtually in this way, IT managers have the ability to protect those workloads using the same methods they would for data. And herein lies the true power: because not only can you back your virtual servers up on a physical disk, you can also replicate offsite and into many clouds.
Disaster Recovery as a Service (DRaaS)
Running a virtual server in the Cloud means your servers can be restored easily and quickly, with little outward signs to suggest there’s been a malfunction. Instead of paying for another expensive building to host another expensive bit of kit that’s only there ‘just in case’, you’ll be able to configure a cloud account that continually protects your server and, in the event that your local server fails, switches them on and as if that wasn’t already increased peace of mind at a fraction of the cost, most cloud vendors offer DRaaS on a pay-as-you-use basis, giving you a sophisticated DR plan for an often–minimal charge.
What do you want from DRaaS?
DRaaS providers differ in their interpretations of DR, and therefore what they offer as standard, so you’ll want to fully research and compare vendors before you commit. Some will offer SQL Server backups; others will offer complete server and data centre replication and restoration in the Cloud. So be clear on what you want. As a very minimum, you’ll want a DR solution that includes the following:
- Automatic protection of critical systems and data.
- The ability to quickly recover from a disaster, with minimal user input.
- Flexible recovery, such as restoring a single file / server / application or the whole infrastructure.
- Backup/Replication target options.
- Transparent billing structure.
Alongside these very basic solutions, there are several other capabilities you might want to explore. Will you want the DR or backup service to create local as well as cloud-based backups? How complex would it be to move from a backup to a live state? What is the maximum number of virtual machines the service would support? These are all questions you’ll want the answers to before deciding which vendor can best meet your needs.
After the disaster…
IT managers can’t afford to concern themselves with just the ins and outs of what happens in the midst of a disaster. Getting your business’s IT operations back up to speed following the reinstatement of on-site capabilities is every bit as critical. After all, what’s the point in averting a complete shutdown of your infrastructure if, in doing so, you’re going to lose all your data? So before you choose your vendor, you’re going to want to get answers to a few post-disaster questions. For example:
- Does the failback process introduce downtime of your network? If so, how long?
- Is there a limit on how long the provider will host the recovery environment for?
- How does the DRaaS provider manage recovery?
- Are there additional charges or penalties associated with long-term usage?
Really think about what your company needs. Determine the processes and infrastructure that are absolutely vital for ensuring business continuity and write them into your disaster recovery plan. Then make sure you find a service provider who can offer everything you need.
Here at M247, for example, we provide system failover and workload recovery with our Disaster Recovery as a Service solution. We provide full system and application replication as standard, and work with businesses to tailor the right service or solution to ensure they are protected whenever, however and wherever they need it most. And right now, for a limited time, we are offering enterprise grade DRaaS for FREE for up to 3 months.
If you’re ready to discuss the next step in your disaster recovery plan, give us a call today to find out how we can help.