Backup, disaster recovery, and business continuity. These terms are often used interchangeably in the technology sphere, though they all have different meanings. All three terms are about risk and risk mitigation. Understanding your business and what level of risk you are prepared to accept will help you decide the most appropriate level of protection.
We all know we should back up our data, whether it’s your holiday snaps, school assignments or financial systems, get them backed up! The risk to your data comes from hundreds of sources such as data corruption, hardware failure, cybersecurity incident, malicious staff, accidental deletion to name a few. Deciding on which software or method to back your data upon depends on the type of data you have.
Key Backup Considerations:
Frequency: How often do you need to backup? For critical data that changes frequently, you may need to backup every 15 minutes. For some other data, daily, weekly or even monthly might suffice.
Location: Where is your backup? If you have a building fire, having the backup stored onsite is no help. Always have a copy of your data offsite at a remote location.
Retention: How long do you need to store your backups? Consideration should be given to your own requirements as well as any potential legal compliance.
Disaster Recovery is not only about backup, but it’s also about understanding under what circumstances your business might be interrupted and planning accordingly. If all your data is lost due to a cybercriminal or hardware failure, how long would it take to recover? What hardware would you recover onto? Also consider other events such as an Internet outage, or core equipment failure. Consider the three or four most likely scenarios and develop a recovery plan for each. By understanding what circumstances could disrupt your business you plan for these and make effective risk management decisions.
Key Disaster Recovery Considerations
Recovery Point Objective (RPO): What is the maximum age of files that you can restore to resume normal business operations. I.e. if your latest backup was a week old, is that too old?
Recovery Time Objective (RTO): What is the maximum time you can sustain the business to be down while your systems are being recovered?
How do you prevent your business from being impacted at all? Business Continuity looks at putting systems and processes in place that would allow your business to continue uninterrupted even when a failure occurs. As an example, with the prevalent use of online Cloud-based technologies, Internet access has become a key Business Continuity discussion. If an Internet outage would severely impact your business, look at redundant firewalls and dual Internet feeds. Keeping your business running is what’s important.
Backup, disaster recovery and business continuity work together to keep your business running at a functional level in the event of a disaster. With a simple backup or disaster recovery solution, your return to operations could be measured in weeks or days. As you progress towards business continuity, that time should reduce to minutes or seconds. Understand your business's data and operations in order to implement a complete and effective business continuity plan.