This browser is no longer supported.

For a better viewing experience, please consider using one of our supported browsers below.

Well, a Disaster Happened. Now What?

Disasters. They can mean different things to different companies. One company might be scrambling without any sense of direction during a malware attack; another company might be as cool as a cucumber. The difference is having a plan in place and the right personnel to help fulfill it. Franz Kafka, a major figure in 20th-century literature, stated, “Better to have and not need than to need and not have.”

In our last blog post, we discussed the importance of having a Business Continuity Plan as part of a comprehensive set of plans to protect the critical assets that your company depends on for continued success. One of the key components of a Business Continuity Plan is the ability to create, implement, and execute a Disaster Recovery Plan. A Disaster Recovery Plan allows a company to respond accordingly to a disaster in all its forms. So, the question is: What’s a disaster? Does it mean that you just lost the ability to do business? If so, how do you recover? How do you ensure that your clients can continue doing business with you? The initial key is understanding what constitutes a disaster to your business. This could be:

  • Server outage issues
  • Human user error
  • Power outages
  • Malware attacks
  • Ransomware attacks
  • Updates that have gone wrong
  • Weather anomalies
  • Fire damage

Once you have created a Business Continuity Plan and know what critical assets you must protect, you can also become more attuned to what disasters are most likely to affect your business. Perhaps your company is not in a flood zone or earthquake area, or you have power backup. However, you may be more susceptible to malware attacks due to the data you are housing. Or perhaps you have a high turnover of personnel due to contracting, and there is a possibility of human errors. All these considerations will lead to you understanding what scenarios you need to prepare for. These scenarios will be key in Disaster Recovery documentation and preparation.

Now you might be ready to create a Disaster Recovery Plan. Let’s look at the steps you should consider:

  • Start the plan by determining which assets are most critical and what scenarios are most likely to affect you.
  • Identify the potential scope of the disaster. How far could it spread?
  • Designate a team of different business unit leaders who can make the hard decisions.
  • Appoint contacts (both internally and externally) for emergency purposes.
  • Ensure roles and responsibilities are understood.
  • Designate proper backup sites, whether they be in a different state, country, or perhaps in the cloud.
  • Perform scenario testing (tabletop) with the proper personnel to understand actions to be taken during a disaster.
  • Test the backups to ensure that when a disaster happens, data will be available within your expected timeframe.
  • Probably most important of all: Maintain the plan to reflect your organizational changes. Don’t leave it on a shelf, never testing or adapting it to your evolving ecosystem.

At ConvergeOne, we have helped many clients create, implement, test, and maintain Disaster Recovery and backup solutions specific to their risk levels and security requirements. Contact us to discuss how we can help you succeed during some of the most stressful times in the life of a business. Remember, as Kafka stated: When you need a plan, will you have one? Ultimately, it’s all about availability—on all fronts.

Complimentary Ransomware Readiness Workshop

The ConvergeOne Ransomware Readiness Workshop focuses on your organization’s readiness to withstand a ransomware attack. During this workshop, ConvergeOne experts will analyze your environment in areas like user awareness training, network security and segmentation, testing and monitoring, incident response plans, and disaster recovery. Schedule your complimentary Ransomware Readiness Workshop today. Schedule your workshop
About the author:
Vito Nozza's career spans 20+ years in Enterprise Architecture, with 15 years specific to Cyber Security. He has held roles as a CTO, Director, Principal Architect and Global Security Advisor, which have all led to establishing guidance and consultative measures to SME and Enterprise-grade entities. Vito has been paramount in establishing cloud security, guided frameworks and disaster/incident response plans, with overall GRC and ERM goals.