BreachExchange mailing list archives
How to have a real-time Grand Prix support crew on hand when a digital disaster occurs
From: Inga Goddijn <inga () riskbasedsecurity com>
Date: Wed, 7 Oct 2015 20:22:56 -0500
http://realbusiness.co.uk/article/31704-how-to-have-a-real-time-grand-prix-support-crew-on-hand-when-a-digital-disaster-occurs
From recovery plans to technology and the ability to think outside the box,
Marc Goroff, CTO at Quorum, draws on several parallels between business downtime and the Grand Prix. Although I’m not a professional race car driver, I have pushed my own Lotus Elise around numerous race tracks at high speed and I can tell you first hand that any kind of failure at speed is both scary and very time-consuming. It’s clear to me that businesses can draw several parallels with car racing and their disaster recovery (DR) strategy. Imagine this – you’re zipping down the main straight of Monza at the Italian Grand Prix, you brake hard, slowing for the first chicane when your brake disc overheats and explodes, shredding your front tyre and sending you careening off the track. Up until then you were leading the way by half a lap with ten more to go. So now what’s next and how do you recover? Ideally your pit crew instantly appears with a fresh car – and three seconds later you’re back in the race. In the middle of the Grand Prix every second counts and the least amount of time you spend out of the race or in the pit changing tyres, brake pads or refuelling, the better. When Nico Rosberg is right on the rear wing of Lewis Hamilton he doesn’t have time to pull into the pit lane and replace a shredded tyre as he will surely loose the race. Here are four tips to show it’s possible to have a real-time support crew on hand the moment something goes wrong. As with the Grand Prix, the key to winning is the ability to recover as quickly as possible. (1) Start the recovery engine with a plan No driver or business can afford the luxury of downtime when they have a shredded tyre moment – for businesses this is most often in the form of a failed production server. It’s about getting back up and running again as soon as possible and minimising the damage this will have on the race or business. Any glance at the news will tell you, enterprises of all sizes are at risk of data loss due to disasters <http://www.continuitysoftware.com/wp-content/uploads/2013/04/Top10PrivateCloudRisks_0.pdf>. However, the problem is like exploding brakes and blown tyres; data disasters are unplanned and unexpected. Although advance planning cannot eliminate or prevent all unexpected events, it can provide an edge in overcoming any long-term consequences like lost sales information and damaged internal records. Just like any race car, a DR plan must be built for speed, agility and endurance. It should be designed to protect all of your files and records, including physical and virtual servers. The plan should provide a framework with the capability to quickly retrieve information and virtually replicate your business. This will allow your operations to continue at a new location, if necessary. However, the infrastructure for DR often sits underutilised, so in these times of tight budgets and staffing it’s critical to get more value out of your DR strategy even when you’re not experiencing downtime. (2) Use purpose-built technology Formula One cars use bleeding edge components from Kevlar tyres to carbon brakes and advanced energy recovery systems to help drivers achieve top speed whilst staying in control under stressful conditions. Likewise, businesses must have technology in place that will act as the support crew in the event of a disaster. Advances in virtualisation and cloud technology today are making hybrid DR clouds and DR-as-a-service (DRaaS) an effective choice. Because DRaaS doesn’t have the physical infrastructure and synchronisation requirements associated with traditional DR, it’s a flexible option. A hybrid cloud-based solution combines on-premise hardware, public cloud and Software as a Service (SaaS) automation software to make continuity planning easier than ever. The DR cloud provides companies with data backup, fail-over of servers and the ability to have a secondary data centre at a different site to allow for regional DR. (3) Don’t forget to test your recovery capabilities All recovery plans need to be tested and this is often something businesses forget to do. After all, you wouldn’t think of starting a Grand Prix season without first testing every component, would you? There’s a method to conducting cornering tests and live DR tests. You can test DR, software updates and other configuration changes to your business servers every day without missing a beat. Test cases can be performed against the recovery systems in as little as 15 minutes depending on the application, often with no incremental costs. Applications and services are immediately available for other uses, enabling businesses to efficiently adopt cloud infrastructure or speed time to production for new applications and initiatives. (4) Think outside the box Finishing first in the Grand Prix requires a strategy for managing corners, pit stops and the drivers themselves. To win in a competitive market, the smallest to the largest enterprises must plan for recovery using onsite, offsite and cloud techniques. It’s clear that most CFO’s and IT leaders understand the multi-faceted need for disaster preparedness but have previously found it difficult to formulate a DR plan. The main barriers to implementation are now broken down by DRaaS. It not only addresses recovery plan goals, it also supports regular testing without the traditional overhead costs and logistical nightmares. You can protect your company against data loss and have peace of mind that whenever you need to implement a new business process or application, it’ll work the first time, every time. But you must plan well, keeping your operations running smoothly until you need to recover from a disaster, without getting boxed in by traditional backup and recovery methods that just don’t cut it anymore. Putting your DR solution in the cloud also means there isn’t a redundant in-house infrastructure that is sitting unused most of the time. You can prioritise recovery based on the level of protection you require for each server without wasting time and money on recovering systems that aren’t critical for competing with the pack. Another challenging part of a DR plan is to get employees to know what to do if an outage occurs. Pit crews and employees learn by repetition, so just like in the pit lane we have to create practice drills, which are critical to a DR plan. Companies who don’t regularly test should not be shocked if their employees don’t respond appropriately and panic when a server goes down. But you will still find more companies with self-hosting based DR services hoping for the best. Being smart with your DR plan and following these four simple tips means that you will be able to recover your data and ensure business continuity giving yourself a chance to speed past that checkered flag in first place.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus on the right security. If you need security help or want to provide real risk reduction for your clients contact us!
Current thread:
- How to have a real-time Grand Prix support crew on hand when a digital disaster occurs Inga Goddijn (Oct 08)