Story image

Don’t wait till disaster strikes – best practices when implementing DR

13 Dec 2018

As more companies migrate their data to the cloud, disaster recovery becomes critical to ensure their operations are not disrupted by unforeseen events.

Companies are becoming increasingly digital, and with that comes the expectation from customers for them to be “always on”.

Organisations that fail to meet this expectation risk the loss of goodwill and trust from their customers on top of the negative impact on their bottom line. Additionally, organisations can be severely handicapped through the accidental loss of business-critical data, whether through a natural disaster or a malicious cyber attack.

Here are some best practices for companies considering disaster recovery (DR) and compliance strategies.

Differences between data privacy and data protection

It is crucial that privacy and protection are addressed separately with different policies and processes.

If a company doesn’t have security of that data in place to protect personal data, then its privacy policies will be meaningless because it won’t be able to prevent the unauthorised access to data.

Conversely, if a company doesn’t have a clear understanding of what data it collects and how it will use it, then it will be impossible to provide true security.

Evaluate the different industry standards relevant to your business and how they comply to demonstrate commitment to risk management

Different industries are held to different regulations and levels of compliance.

For example, the banking sector is held to a much higher regulatory standard than most other industries.

When implementing a DR strategy, organisations must ensure their strategy is compliant with the industry they operate in and has the relevant certifications.

The banking industry in New Zealand, for example, needs to be especially vigilant about complying with anti-money laundering legislation, or they could be subject to large fines, as Australia’s Commonwealth Bank was last year.  

Does your DR strategy take GDPR compliance into account?

Privacy legislation is different across international borders, with the US, EU and Australia all having different laws that govern the collection and use of private information.

In today’s global economy, it is important to be compliant with the laws of the country in which an organisation is conducting business.

The recent provision of the Australian Privacy Principles and European Privacy Shield demonstrates how serious the lawmakers are about defending privacy.

Companies need to enact a data security policy for the sole purpose of ensuring data privacy of their consumers’ information.

How important is it for your organisation to have a contingency plan?

No one is exempt from disasters.

Being prepared for a major disruption to the business is essential, and establishing processes and plans to limit the impact is the key to success or in some cases, survival.

Interactive has helped Australian companies put business continuity plans in place for the last 12 years, providing services not only for data recovery, but also helping customers with physical business recovery.

Interactive Director of Data Centre & Business Continuity Clint Seagrave says, "The cost of a single hour of downtime has risen between 25 and 30 per cent annually since 2008.

"With many organisations failing to prepare for a disaster with an easily implemented recovery plan, this cost is likely to continue to climb."

To continue operations, organisations need to ensure their critical business functions can continue, and as the first step of preparation, they need to ensure they have a business continuity plan in place.

This helps to define clear business objectives, identify areas of business vulnerability, find the best resources for implementing a plan, find recovery solutions for every potential business threat and outlines the key contact go-to list for when business interruptions arise.

Organisations that do this will be in the best position to implement a successful Business Continuity Plan and to ensure it is effective and relevant in the event of a disaster is regular testing and continuous reviews.

Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Tech community rocked by deaths of Atta Elayyan and Syed Jahandad Ali
Both men were among the 50 killed in the shooting in Christchurch last Friday when a gunman opened fire at two mosques.
NZ ISPs block internet footage of Christchurch shootings
2degrees, Spark, Vodafone and Vocus are now blocking any website that shows footage of the mosque shootings.
How AI is changing the medical industry
With NVIDIA Clara, developers can speed up their medical imaging applications and implement AI.
The Data Literacy Project expands its library of free courses
Upskilling the workforce in data literacy is fundamental to unlocking business growth.
Digital experience managers, get excited for Adobe Summit 2019
“Digital transformation may be a buzzword, but companies are trying to adapt and compete in this changing environment.”
Interview: Cisco on digital transformation and data centres at the edge
"On-premise we speak English, Amazon speaks French, and Amazon and Microsoft speak something else. But someone has to translate all of that and Cisco is involved with normalising those rule sets.”