Understanding Your Current Risk
Malicious digital attacks are on the rise. Cybercrime is expected to cost business over $6 trillion per annum by the year 2021. You do not have to be a fortune 500 company in to face this risk. Hackers attack randomly. If you do business online, then you are at risk. You may be at higher risk if your company is in a highly targeted industry such as finance or medical or if your customer data is stored online. Our Disaster Recovery Best Practices Whitepaper can help you better calculate your current risk.
Determine the Current State of Your Disaster Recovery and Backup
Examine your data and be honest with yourself. Do you know where all your data is housed? Is your data protected in an outage? Can you easily get back up and running again? If the answer is no to any of these questions, you may need to start with a DRaaS Assessment to help you identify the gaps and determine where you need more information.
Alternatively, if you don’t currently have a disaster recovery plan in place, then you risk losing your sensitive business data. A few years ago, this wouldn’t have been a big deal as companies didn’t run EVERYTHING online. Today the paradigm has changed, you need to weigh the cost of disaster recovery with the cost of downtime and data loss. Disaster recovery as a service is making DR available without the large infrastructure cost that used to be required.
Be Prepared to Discuss the Financial Impacts of an Outage for Support of Your Plan
The financial Impact of having DR and the appropriate backups is substantial. Not only do you avoid the potential downtime that might slow down your operations, you also relieve yourself of the potential legal ramifications of losing sensitive information.
It can be difficult to determine just how much money you can lose if your company goes down. Quantifying the immediate impact of downtime and lost information is just the first step. You must also consider the longer term impact of lost goodwill, fines and other costs to bring the company back up to speed. Compiling this information is paramount to understanding your risk and being able to relay this risk to your key decision makers.
There may also be a substantial impact on your resources. When malicious users attack, you need to have expertise to help you get rid of the problem and get your data back. You need to determine if you have the inhouse expertise to both run the business and get any affected areas back online. DRaaS can help you keep your business running by providing expert advice in your time of need and helping you return to status much faster.
Understand What Your Customer Impact Is
What will happen to your customers if something happens to your business? The modern business environment is one of instant gratification. You cannot be sure that your clients will remain loyal if you experience any substantial amount of downtime. Is it really worth the risk to find out?
What do you need going forward?
Put your applications on in the forefront, determine which applications that affect your clients most and which applications you can prioritize for later? Have you determined your RTO’s and RPO’s and weighed them against your customer’s patience in your current industry?
The disaster recovery plan of one company will never fully match another. Larger companies may need to organize their applications into recovery tiers that require different levels of resources. In order to truly understand how to implement a full scale DR strategy, you must understand the additional cloud options that are available over on-premise protection.
- BaaS – Backup as a Service automates all aspects of your backup in the cloud. Backing up your information virtually allows you to have a copy offsite protected by best in class technology, supported by experts.
- DRaaS – Disaster Recovery as a Service provides your company with protection and stability, minus the price tag that comes with an on-premise solution.
- BaaS and DRaaS – The hybrid solution combining both backup and DR gives a company an offsite copy of their data with business continuity and experts at your fingertips.
It is important to note the major difference between BaaS and DRaaS. DRaaS focuses on backing up your apps and services, not your data. BaaS is a focus on your data backups, but a BaaS provider is not necessarily responsible for restoring your critical infrastructure after a malicious event.
Gaining Stakeholder Acceptance
To be successful with any disaster recovery strategy, you not only need a plan, you also need support from your business leaders. Are your stakeholders at all levels invested in your disaster recovery strategy? Your business leaders will need to be ready to support your DR plan. Do you know which systems to get back online first? Do you have the executive support so you won’t be scrambling to get other systems up that are not as important to the business? Here are some ways to gain stakeholder acceptance and support of your DR plan?
- Involve key leaders in your plan. In the beginning reach out to ask what their most important applications are and what they believe is an acceptable downtime. Understand that you will need to weigh their measurements against other applications and opinions.
- Once a DRaaS plan has been created, ask for feedback from all departments. This feedback does not have to be followed to the letter, but the mere act of involvement will ensure that everyone sees the bigger picture and feels as though they are a part of the discussion.
- When talking to the executive team, quantifying the real benefits of DRaaS including cost of downtime, cost per customer lost, and possible fines for NOT having their data protected. Business benefits and numbers translate to all C-level employees when technical jargon does not.
Choosing the Right Provider
Scale is an important aspect of choosing a DRaaS provider. You need a partner that is big enough to provide full scale operations for all contingencies. However, your partner should not be so big that you become lost in the mix during a pivotal moment in a recovery or an unexpected event.
In addition, determine your compliance needs and understand how your potential vendor can help with those needs. Consider the support system, recovery speeds, compliance guarantees and location of any provider that you vet.
Technology and Service is also very important. Understand where your data is housed, what redundancy measures they have in plans and how your data is secured. Understand what their SLA’s are and if they will actually provide a service to help you throughout your entire process. Ask them to detail out an outage scenario.
Testing & Communication
No DRaaS strategy is full proof from the beginning. Your partner company should show you the planned strategy and make changes as you go along. Being proactive in testing and strategy changes is imperative when it comes to disaster recovery strategies.
If you have not seriously considered DRaaS for your company now, it is time. You simply cannot afford to leave your valuable client data and proprietary information open to malicious attack or an unexpected event.
Reach out to Comport to help you create a successful disaster recovery strategy.