This year, global ransomware damage costs are predicted to exceed $5 billion and IBM CEO Ginni Rometty has said that "cyber crime is the greatest threat to every company in the world." Alongside potential hardware damage, cyber crime represents the kind of disaster that every business now needs to prepare for. A Disaster Recovery Plan (DRP) is an essential tool to have, whether the issue is a security breach or equipment loss or damage. Creating a bespoke DRP requires a few key components.
Every DRP begins with an inventory of hardware, software applications and data. Critical applications, as well as the hardware and the data required to run them should be identified and prioritised. It is important to identify the route back to business continuity so that if the worst does happen the business is ready to re-install applications, re-access data and restore the hardware that will bring downtime to an end.
Legal compliance issues
The General Data Protection Regulation (GDPR) comes into force in the UK in May 2018, bringing with it severe penalties for poor handling of data or data breach. Integrating these increased data protection requirements is essential for a DRP in the light of the GDPR. How can data be protected, recovered and restored? Alongside fines for lack of compliance with the GDPR, businesses without a DRP that focuses on data could also face serious reputational damage.
Data recovery and back up
Both in terms of legal compliance, and also to protect essential or sensitive company information, disaster recovery planning necessarily includes measures for data recovery and back up. Data may be lost as a result of any number of “disasters,’ from human error to hardware failure, loss or corruption, as well as malware or a security breach. Using a cloud back up as part of every day IT infrastructure will provide a starting point for a DRP. Data is quickly recoverable and data loss can be minimised where there is a regular back up plan in place.
Disaster recovery planning includes delineating clear accountability for certain tasks in the event of a situation arising. Training and consultation will play a crucial role in helping to prepare your staff so that a DRP can be quickly implemented. In a situation where the worst happens, if everyone knows what their role is and how recovery can be instigated then downtime and damage can be minimised.
Part of the process of designing a bespoke DRP may be looking into preventative measures that could protect your business from the worst. This could include encrypting files and implementing new policies on passwords and how regularly they are changed. Firewalls, restricting access to data, device management and permissions will all play a part in helping to limit the potential damage that can be done and ensuring that your business can continue.
Extended downtime is not an option for the alternative investment sector where time is always of the essence. A bespoke DRP enables a business to prepare for, and manage, a critical situation based on individual needs and requirements. If you would like to find out more about a DRP for your business contact the netConsult team today.
Author: Laura Zverko - Follow us on Google+