We have many conversations about Disaster Recovery at our clients’ Technology Alignment Review meetings. When we update the Technology Action Plan a typical outcome is that someone has to decide which systems are most important for the best business resilience.
The easy answer to this is “it all needs backed up” and that’s quite correct, because everything has to be preserved from the risks of ransomware or hardware failure. That’s all the business’s data, and also the operating systems on which the data is stored and processed.
However, it’s usually easier to back up systems than restore them because the backups can be trickled off to storage a little at a time as files change over the working day. The problem comes with the recovery because the accumulated data volume is probably too big to be recovered as easily as it was backed up.
So we need to prioritise – what do you need to recover, how quickly, and what do you need recovered first?
Putting system recovery into priority order is difficult, and it’s a question for someone who knows the business systems and procedures very well.
It’s especially important for backups sent to the cloud because the recovery bottleneck is usually the speed of the internet connection. When all of the systems and data have to come back to the business in a hurry is not the time to find it’s going to take a week to get it all downloaded.
In the next few blogs we’ll explore some things to consider when setting these priorities. We’ll also suggest a way to avoid having to download all of your systems and data in that pressured time just after an incident.
And just to clarify, we’ll be talking about the traditional sorts of data disaster – loss of access, loss of data, and loss of people. We’ll include the direct problems the business might face after a ransomware attack, for example, but not the reputational issues from the theft and exposure of data. Maybe we’ll get to that in due course!