How to have a real-time Grand Prix support crew on hand when a digital disaster occurs

[Inga Goddijn <inga () riskbasedsecurity com>]

http://realbusiness.co.uk/article/31704-how-to-have-a-real-time-grand-prix-support-crew-on-hand-when-a-digital-disaster-occurs

> From recovery plans to technology and the ability to think outside the box,
Marc Goroff, CTO at Quorum, draws on several parallels between business
downtime and the Grand Prix.

Although I’m not a professional race car driver, I have pushed my own Lotus
Elise around numerous race tracks at high speed and I can tell you first
hand that any kind of failure at speed is both scary and very
time-consuming. It’s clear to me that businesses can draw several parallels
with car racing and their disaster recovery (DR) strategy.

Imagine this – you’re zipping down the main straight of Monza at the
Italian Grand Prix, you brake hard, slowing for the first chicane when your
brake disc overheats and explodes, shredding your front tyre and sending
you careening off the track. Up until then you were leading the way by half
a lap with ten more to go. So now what’s next and how do you recover?

Ideally your pit crew instantly appears with a fresh car – and three
seconds later you’re back in the race. In the middle of the Grand Prix
every second counts and the least amount of time you spend out of the race
or in the pit changing tyres, brake pads or refuelling, the better. When
Nico Rosberg is right on the rear wing of Lewis Hamilton he doesn’t have
time to pull into the pit lane and replace a shredded tyre as he will
surely loose the race.

Here are four tips to show it’s possible to have a real-time support crew
on hand the moment something goes wrong. As with the Grand Prix, the key to
winning is the ability to recover as quickly as possible.
(1) Start the recovery engine with a plan

No driver or business can afford the luxury of downtime when they have a
shredded tyre moment – for businesses this is most often in the form of a
failed production server. It’s about getting back up and running again as
soon as possible and minimising the damage this will have on the race or
business.

Any glance at the news will tell you, enterprises of all sizes are at risk
of data loss due to disasters
<http://www.continuitysoftware.com/wp-content/uploads/2013/04/Top10PrivateCloudRisks_0.pdf>.
However, the problem is like exploding brakes and blown tyres; data
disasters are unplanned and unexpected. Although advance planning cannot
eliminate or prevent all unexpected events, it can provide an edge in
overcoming any long-term consequences like lost sales information and
damaged internal records.

Just like any race car, a DR plan must be built for speed, agility and
endurance. It should be designed to protect all of your files and records,
including physical and virtual servers. The plan should provide a framework
with the capability to quickly retrieve information and virtually replicate
your business. This will allow your operations to continue at a new
location, if necessary. However, the infrastructure for DR often sits
underutilised, so in these times of tight budgets and staffing it’s
critical to get more value out of your DR strategy even when you’re not
experiencing downtime.
(2) Use purpose-built technology

Formula One cars use bleeding edge components from Kevlar tyres to carbon
brakes and advanced energy recovery systems to help drivers achieve top
speed whilst staying in control under stressful conditions. Likewise,
businesses must have technology in place that will act as the support crew
in the event of a disaster.

Advances in virtualisation and cloud technology today are making hybrid DR
clouds and DR-as-a-service (DRaaS) an effective choice. Because DRaaS
doesn’t have the physical infrastructure and synchronisation requirements
associated with traditional DR, it’s a flexible option. A hybrid
cloud-based solution combines on-premise hardware, public cloud and
Software as a Service (SaaS) automation software to make continuity
planning easier than ever. The DR cloud provides companies with data
backup, fail-over of servers and the ability to have a secondary data
centre at a different site to allow for regional DR.
(3) Don’t forget to test your recovery capabilities

All recovery plans need to be tested and this is often something businesses
forget to do. After all, you wouldn’t think of starting a Grand Prix season
without first testing every component, would you?

There’s a method to conducting cornering tests and live DR tests. You can
test DR, software updates and other configuration changes to your business
servers every day without missing a beat. Test cases can be performed
against the recovery systems in as little as 15 minutes depending on the
application, often with no incremental costs. Applications and services are
immediately available for other uses, enabling businesses to efficiently
adopt cloud infrastructure or speed time to production for new applications
and initiatives.
(4) Think outside the box

Finishing first in the Grand Prix requires a strategy for managing corners,
pit stops and the drivers themselves. To win in a competitive market, the
smallest to the largest enterprises must plan for recovery using onsite,
offsite and cloud techniques. It’s clear that most CFO’s and IT leaders
understand the multi-faceted need for disaster preparedness but have
previously found it difficult to formulate a DR plan. The main barriers to
implementation are now broken down by DRaaS. It not only addresses recovery
plan goals, it also supports regular testing without the traditional
overhead costs and logistical nightmares.

You can protect your company against data loss and have peace of mind that
whenever you need to implement a new business process or application, it’ll
work the first time, every time. But you must plan well, keeping your
operations running smoothly until you need to recover from a disaster,
without getting boxed in by traditional backup and recovery methods that
just don’t cut it anymore.

Putting your DR solution in the cloud also means there isn’t a redundant
in-house infrastructure that is sitting unused most of the time. You can
prioritise recovery based on the level of protection you require for each
server without wasting time and money on recovering systems that aren’t
critical for competing with the pack.

Another challenging part of a DR plan is to get employees to know what to
do if an outage occurs. Pit crews and employees learn by repetition, so
just like in the pit lane we have to create practice drills, which are
critical to a DR plan. Companies who don’t regularly test should not be
shocked if their employees don’t respond appropriately and panic when a
server goes down. But you will still find more companies with self-hosting
based DR services hoping for the best.

Being smart with your DR plan and following these four simple tips means
that you will be able to recover your data and ensure business continuity
giving yourself a chance to speed past that checkered flag in first place.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!