When bad things happen: The new age of disaster recovery

Editor's Note

This article is sponsored by Commvault.

Disaster recovery (DR) is not what it used to be.

Technology has come a long way. What used to be multiple tapes and machines that housed backup data has been replaced with a cloud technology model, which is more efficient and easier to manage.

DR was once something most enterprises considered and implemented – but it’s now easily achievable (and required) for every business. Now more than ever it makes sense for smaller businesses to leverage a cloud data protection model.

It’s not just the technology; the disasters we plan for have also changed. “Disasters” once constituted fires, floods and other natural disasters, and now that list includes things like your website going down, or even being hit with a ransomware attack. Even small- to medium-sized organizations need to consider how a ransomware attack could potentially affect them, given severe Canadian ransomware attacks are on the rise. 

We now also find ourselves dealing with a global pandemic – something none of us could have planned for. As businesses have moved to a remote work model, hackers have taken advantage of this and are targeting organizations through endpoints. During these times, we need to stay hyper-focused on what could happen, its impact and how to plan to keep our businesses running smoothly, efficiently and most importantly, online.

So where should you begin and how should you plan for the unknown or maybe even the inevitable? While this process can be overwhelming, it doesn’t need to be.

Building your plan

There’s no such thing as a one-size-fits-all DR plan – every business is different; every environment is different. With that in mind, plans really must be tailored to the individual organization, taking all requirements and priorities into consideration.

That said, even though technology has changed over time, the basic approach to creating a DR plan generally remains the same, with a few important things to take into account: 

  • What do you consider a disaster? As mentioned previously, every business is different, so for some missing payroll would be considered a disaster, while for others the company website going down might be. Determine what qualifies as a disaster for you so you can make sure your plan includes all the applicable situations.
     
  • Prioritize your business resources, and their risks: What are your business’s resources, and how would you rank each one based on their priority? Consider all of these, as well as the possible risks to each one, so you can ensure they’re included and covered off in your plan.
     
  • Test, test and test again: There’s really no such thing as too much testing. This is a step that simply can’t be skipped, so make sure to plan for it not only initially, but on an ongoing basis. It’s a good idea to create a schedule of tests to follow throughout the year.
     
  • Review and adjust your plan: As things change with your business, make sure you are changing your plan accordingly. Revisit and review it on a set schedule to alter priorities, account for changes and to adjust it as needed to keep your environment safe.
     
  • Get help if you need it: Consider help from a service provider or vendor who specializes in data management and/or security to help make sure you have the best tools for your business in place. They can also provide support and answer questions, so you don’t have to feel like you’re doing this on your own.

Ottawa-based Darren Yablonski is senior director, systems and sales engineering, Canada & LATAM at Commvault. In this role, he’s responsible for leading a team of sales engineers and technical services data experts across Canada and Latin America to help customers secure, protect and use their data to derive true business value from it and in turn, become experts with their data.