Business continuity (BC) and disaster recovery (DR) efforts go hand in hand in this digitized world of ours. The former is focused on maintaining business operations rolling despite various problems, the latter is focused keeping the IT side of things running: the network, the servers, the data.
In this interview with Help Net Security, Joe Noonan, a product executive that oversees the full backup and disaster recovery suite at Kaseya, which includes Unitrends, Spanning and all Kaseya-branded backup solutions, talks about the present and future of BCDR.
How has BCDR evolved in recent years? What things have become the norm?
The shift toward remote working has changed the way organizations protect and store their data, with a greater focus on protecting data no matter where it lives – on-prem, on the laptops of remote employees, in clouds and in SaaS applications. Additionally, recovery time objectives (RTOs) are increasingly shrinking in today’s always-on world, with goals being set in hours (if not minutes).
More organizations are turning to vendors that provide unified BCDR, which includes backup and disaster recovery and ransomware safeguards as well as disaster recovery as a service (DRaaS), due to the growing amount of data as well as the increasing number of highly sophisticated cyber-attacks taking place against businesses of all sizes.
What are the key elements of an effective DR strategy?
Businesses should consider the following questions as part of their disaster recovery strategy:
- What data and applications are critical to ensure business productivity?
- How much downtime and data loss can be sustained?
- How will they test their solution for completeness and performance?
- What immutability safeguards are in place to eliminate ransomware risks?
- What is the process to failback to the production environment once the disaster is averted?
Backup and disaster recovery solutions with offsite immutable storage and DR services tend to be a good fit because the environment can be quickly spun up in the case of a critical system failure or cyber-attack. Additionally, the services are built with the failback process in mind to eliminate the challenge of getting the data back to the original – or new – location when it’s all over.
What successful techniques have organizations implemented to thwart modern ransomware threat actors and make DR effective and quicker? Similarly, which approaches and techniques have not withstood the test of time and what mistakes should DR experts avoid?
More organizations are turning to vendors that provide dark web monitoring to reduce the risk of account takeover attacks before they happen, immutable cloud storage to make backups untouchable, and disaster recovery as a service (DRaaS) to eliminate downtime.
DRaaS providers have cloud data centers specifically tuned for backup and DR use cases that are well-provisioned to safeguard backups, run recovery tests and host failed over instances.
Organizations that roll their own solution – especially those that are Windows-based – often find themselves at the most risk when it comes to a major data loss incident. Though it may be cost-effective, it exposes the organization to more risk—especially if a ransomware infection spreads to impact the Windows-based backups themselves.
Organizations also need to go beyond simple screenshot verification. IT professionals need complete DR testing to ensure their data and applications are truly recoverable, and recoverable in their required RTOs and RPOs.
What new challenges have technological changes brought upon organizations’ DR plans?
Cybercriminals have taken advantage of the remote and hybrid work world to conduct increasingly sophisticated attacks—making it even more critical for organizations to test their DR plans frequently.
Additionally, the data recovery process after a cyberattack has become more complex due to new requirements put in place by cyber insurance companies. These new requirements include critical audits and tests that businesses must comply with in order to restore their data and receive a payout after an attack—which can slow down the recovery process.
What things have BCDR vendors had to contend with? Share some best practices for adaptation to recent changes.
BCDR vendors have needed to evolve their solutions to ensure that they are providing the necessary features to protect their customers against ever-evolving cyber threats and data loss incidents, including aspects like immutable storage, ransomware detection, automated testing and auto-remediation of common backup issues.
Additionally, BCDR vendors will need to provide unified solutions that integrate seamlessly with the customer’s existing IT solutions. IT professionals have become overwhelmed with notifications, and BCDR solutions that auto-remediate issues and cut through the noise will succeed in the current market.