By Patrick Doherty, Chief Revenue Officer, Flexential
In today’s new remote normal, employees work across the globe on different networks, with different bandwidths. Depending on their location, they could be susceptible to natural disasters, including hurricanes, tornados, floods and wildfires. Today more than ever, organizations cannot risk downtime or lost data. So let’s take a moment to examine how organizations are planning for disaster recovery while in the work-from-home era.
Patrick Doherty, Flexential’s Chief Revenue Officer, shares tips to keep your workforce’s data protected during the hurricane season and whatever Mother Nature throws at us.
Testing & Planning
Q: With teams offsite and only necessary personnel at data center locations, how has disaster recovery testing and planning changed?
A: The need for comprehensive disaster recovery has not changed. What has changed is how COVID has impacted organizations’ DR posture and the importance of DR. Many organizations have an out-of-the-box disaster recovery policy that will ensure data stays safe in the event of a natural disaster or any harmful event. But, organizations don’t often test this or verify their plan will work until they need it. Organizations need to consider their new remote workforce when looking at a disaster recovery plan to determine whether their IT infrastructure will withstand a disaster event or if there needs to be a second option.
Moving DRaaS to a secondary site cloud environment will ensure data is safe and secure and that organizations can operate as normal even when employees are not on site. DRaaS is an ideal option for disaster recovery planning during the pandemic because it offers more flexibility and is more cost effective.
Q: How does remote work impact this planning, especially during inclement weather when employees are in different regions facing varying levels of potential impact?
A: When implementing a cloud environment, it isn’t an issue that employees are remote: you have the flexibility to manage your environment wherever you are. Otherwise, leaving disaster recovery management to a third-party company that offers fail-safe will allow you to ensure the IT environment is always protected.
Fast data recovery
Q: Why is it important for today’s businesses to ensure they operate with little to no downtime? How is current economic uncertainty contributing to this?
A: It’s not news we live in an “always on” world. Everyone – customers, partners and employees expects 24-hour access to everything. Picture shopping online: if the website you’re viewing takes a while to load, you’ll move to a competitor. There’s no time for downtime and COVID has only exacerbated this by raising expectations to an all-time high, reinforcing how much we rely on the digital world. Because data is the blood of any organization, if a disaster puts a company’s systems down even for a short time this creates a vast impact. For example, if an online retailer loses transactional data for just a minute, it would have huge implications for customers and employees alike.
Employee training and awareness
Q: What are the steps organizations need to take to ensure their employees feel confident and prepared to get their systems back up and running in a disaster and IT teams are unreachable?
A: Training is key. At Flexential we take a proactive approach when it comes to disaster recovery. It’s crucial to prepare your environment for any situation before it happens. COVID highlighted how many organizations did not prepare for a crisis, but this is just one example of disruption. Many types of disasters can happen in the future, including other scenarios where businesses will need to send their workforce home.
The first step is building the plan and bringing in a Professional Services team for support, which will allow a business to understand where they need improvements across the organization to develop and implement a comprehensive, safe DR plan. That Professional Services team should have experience and expertise working with businesses of all sizes, industries and verticals. Start small and tackle each task one by one, prioritizing the most critical first, to expand the DR environment. Tabletop exercises are a good way to present different scenarios that could happen to the collective organization.
It’s also important to focus on your DR budget. Aligning business with IT will extend DR investments by highlighting the potential IT and business impacts if a disaster strikes.
Q: Where does the cloud come in? How can cloud-based platforms help to ensure that collaborative projects remain accessible and protected in this instance?
A: The digital shift is here to stay, and is changing the way we operate – there’s no going back. All organizations should have some type of cloud strategy as it offers the flexibility and scalability necessary for delivering access in any location. However, it’s important to also understand the vulnerabilities within cloud environments and ensure collaborative projects remain protected.
Q: Why is network encryption so important for disaster recovery planning in 2020, as employees work on different WiFi networks? What steps can IT teams take to avoid employees risking data over shared networks in the event of a disaster?
A: Network encryption is always important, but it is even more vital with everyone working from home this year. With increased work from home, employees may start from their personal devices, use their home network, and not always use the VPN. These instances open vulnerabilities within a remote workforce. This year alone has seen a surge in ransomware and cyberattacks so it’s important to prepare. If a cyberattacker hits your organization and steals data, they can’t do anything with it if it is encrypted.
IT teams should educate users to keep their environment protected, include updating passwords regularly, backing up data, and ensuring a secure router. It’s also important to educate employees about phishing emails and inform them about the risks of accessing public networks. IT teams should also have a breach response plan in place and be sure to centralize antivirus firewalls.
Everyone should be working together to map the applications by criticality, build the plan, implement and test regularly, then pass along learnings to the team to continue the improvement process.