Currently, the threats to data and infrastructure security are varied and increasingly sophisticated. It is essential for companies to provide adequate solutions to avoid, or at least minimize, the consequences of a possible attack. One of the tools most needed in organizations is disaster recovery. A disaster recovery solution is a very complete process that guarantees data protection and recovery in case of failure. Backup is a part of disaster recovery, but it is only one of its components. Disaster recovery is a very complete solution since in addition to copying the data also ensures its restoration efficiently in case of natural disasters or infrastructure failures. This type of solution has as a great objective to eliminate (or at least to minimize in large scale) the downtime of a company due to failures. In today’s article, we will know how to set priorities in drafting a disaster recovery plan.
Analyze the organization’s real recovery capacity
It is necessary to check how tolerant the business is in terms of data loss and shutdown of normal activities. The company should start by answering two fundamental questions:
- How much will it cost to recover the data?
- How long will it take to recover the data?
So with the answer to these two questions, it is possible to define the recovery point and the recovery time, which will be the starting points for the correct definition of a disaster recovery plan. The recovery point can be measured through the amount of information that can be lost until the company has to stop its normal operation. This point indicates when the information needs to be retrieved so there is no business downtime. The recovery time defines the moment, after the computer attack or disaster, for normal operations to resume.
Survey of data that needs to be retrieved
Next, the priority is to define which data we need to retrieve. This step involves much more than databases. It is important to take into account the following elements:
- Volume of data that needs to be restored
- Mapping information according to its importance and sensitivity
- Number of users who have access to data during the recovery process
- Time to restore existing backups
- Sigil of information I
- IT resources needed for recovery
Have a strict backup policy
Backups must be daily, because only then will you be able to guarantee that none of your most important information is lost. Performing backups only at the end of the work day can jeopardize all the work done on that day. Thus, more and more companies are working on their documents in online solutions like Office 365, which stores all information automatically. Backups exist to be used in case of data loss, so a backup that does not work is of no use. It is important to manually test the backups you have made, so that potential break-up of files during the making of the copies is timely. Ensuring that backups are up and running is one of the most important practices, but also one of the most underestimated.