Is That A Business Continuity Plan in Your Pocket...Or A Bunch of Jargon?
Is That a Business Continuity Plan in Your Pocket or a Bunch of Jargon?
Technology is full of difficult jargon. To further complicate things, certain terms are often used in a different context between one publication or service provider and the next. An example of this is the usage of backup, disaster recovery, and business continuity. These terms are commonly used interchangeably, often resulting in confusion. In an effort to alleviate some of this confusion, let's describe each physical process. You will see an overlay among all three, although they are each different processes.
Backup – In IT lingo, the most basic description of backup is the act of copying data, as in files or programs, from its original location to another. The purpose of this is to ensure that the original files or programs are retrievable in the event of any accidental deletion, hardware or software failure, or any other type of tampering, corruption and theft.
It's important to remember that the term "backup" refers to data only and doesn't apply to the physical machines, devices, or systems themselves. If there were a system failure, disk crash, or an onsite physical disaster, all systems would still have to be replaced, rebuilt, and properly configured before the backed-up data could be loaded onto them.
Disaster Recovery – Backups are a single, albeit crucial, component of any disaster recovery plan. Disaster recovery refers to the complete recovery of your physical systems, applications, and data in the event of a physical disaster like a fire; hurricane or tornado; flood ; earthquake ; act of terror or theft.
A disaster recovery plan uses pre-determined parameters to define an acceptable recovery period. From there, the most satisfactory recovery point is chosen to get your business up and running with minimal data loss and interruption.
Business Continuity – Although backup and disaster recovery processes make sure that a business can recover its systems and data within a reasonable time, there is still the chance of downtime from a few hours to many days. The point of a business continuity plan is to give businesses continuous access to their technology and data, no matter what. Zero or minimal downtime is the goal.
Critical business data can be backed up with configurable snapshots that are instantly virtualized. This allows files, folders and data to be turned on and restored in seconds. Bare metal restores of hardware, where an image of one machine is overlaid onto a different machine, is also utilized along with cloud replication for instant off-site virtualization.
Many businesses also keep redundant systems and storage at a different physical location than their main site as part of their business continuity process. They may also outline procedures for staff to work remotely off-site. Some businesses or organizations may go as far as to have printed contact lists and other critical data stored off-site to keep their business moving if a disaster wipes out power and their ability to access anything electronically.
This should clarify the differences between backup, disaster recovery, and business continuity solutions. Choosing what works best for your business will come down to your current IT infrastructure, your budget and how much downtime you can reasonably accept.
How the cloud saves smaller firms money OK. You pay someone to store all of your data in the cloud, as opposed to keeping it on your own server and backing it up. And you pay on an ongoing basis. How is that possibly going to be cheaper than just making a one-time investment and keeping it your self? Let’s count the ways: (1) You lose the hardware expense –a capital expenditure cost. (2) If that hardware fails, you are out in the cold. (3) Someone has to maintain that hardware. In house IT labor is expensive. (4) If you need more capacity, you have to ramp up at a tiered level, which means you may need to buy capacity you don’t presently need (5) All of that hardware runs on software, which costs money (6) All of that software needs to be installed, updated, etc. (see # 3) (7) All of that hardware and software has to run 24/7. Are you large enough to pay for in house monitoring and support 24/7? (See again #3) (8) All of that data has to be protected with security software, which…
You can have all the locks on your data center and have all the network security available, but nothing will keep your data safe if your employees are careless with passwords. Change Passwords - Most security experts recommend that companies change out all passwords every 30 to 90 days.Require passwords that mix upper and lowercase, number, and a symbol.Teach employees NOT to use standard dictionary words ( in any language), or personal data that can be known, or can be stolen: addresses, telephone numbers, SSNs, etc.Emphasize that employees should not access anything using another employee's login. To save time or for convenience, employees may leave systems and screens open and let others access them. This is usually done so one person doesn't have to take the time to logout and the next take the effort to log back in. Make a policy regarding this and enforce it. If you see this happening, make sure they are aware of it.These are just a few basic password hints, but they can …
The Cloud: Are there security issues? For many, the idea of offloading their data to another physical/virtual location can seem like a security risk. It seems counter intuitive that moving data away from “ home” is safer. But is that really true? Any server stored at your location is probably more physically vulnerable than one protected in a large server farm. If you had a fire, flood, or other physical damage that included damage to your server, what would be the result? Also, are your backups stored on–site? If a major event damaged your entire physical location, those backups would be also lost. There is a second reason the cloud may be safer: security. All of your data, no matter where it is located, may be vulnerable to cyber attacks and data breaches. However, cloud storage providers probably offer some of the most sophisticated security projection available. It is unlikely that a small or even mid-sized firm has the internal resources and research capacity to maintain an equival…