To BCDR or not to BCDR
Did you know it takes an average of 146 days to detect that an attacker resides within a business’s network? Or that cyber crime has cost the global community around $500 billion and the average cost of a data breach to a company costs $3.8 million?
When speaking to customers, I always ask if they make use of threat assessment tools and what their business continuity and disaster recovery (BCDR) strategies are. Sometimes I get good information from customers around their understanding of BCDR, but in most cases, it seems that customers have given up on BCDR. Some of the feedback is that it is too costly, they don’t need it, they have backups (most of the times it is to tape).
Threat assessment is a process businesses should use to help you identify potential attacks, vulnerabilities and countermeasures as it plays an important role in business continuity.
There are five major threat assessment steps:
● Defining security requirements;
● Creating an application diagram;
● Identifying threats;
● Mitigating threats; and
● Validating that threats have been mitigated.
Threat assessment should be part of your business’s routine development life cycle, enabling you to progressively refine your threat model and further reduce risk.
What is BCDR?
There are some misconceptions when it comes to BCDR. Most organisations use the term interchangeably, but we do need to break this down. To understand BCDR, we need to quickly define business continuity and disaster recovery. In the simplest terms, business continuity is the proactive component of BCDR. This has to do with the processes and procedures that organisations need to implement so that mission-critical servers and applications can function after a disaster. Disaster recovery is the reactive side of BCDR. Disaster recovery is invoked when an organisation needs to resume operations after a major incident or outage. The timeframe here can range from hours to days.
BCDR in the pre-cloud era
Before the advent of cloud services (private or public cloud) most organisations had to spend a lot of money to make sure that their BCDR strategies were in place. This meant there had to be a second data centre, extra hardware (including networking) and a lot of people investment to make sure that an organisation can recover from a disaster. The planning for a DR test could take months to plan.
In some instances, these plans would be project managed to make sure that all milestones are achieved. Typically, the DR test would happen over a weekend with an army of people to make sure it happens smoothly and, of course, a lot of testing to make sure the DR test is a success. Most organisations would only be able to do a test once or maybe twice a year. For some organisations, this cost of doing BCDR was/is just too much and this then never happens. Some of the key issues of BCDR in the pre-cloud era has been the workload if an organisation has two or more data centres, the lack of centralised management as most of the resources were maintained and managed separately, the multitude of management platforms – vCD, SCVMM or vRealize – and the most troubling of them all, data mobility. The amount and effort needed to make sure the data is available for the DR test can only be termed as “organised chaos”.
BCDR in the cloud era
With the advent of hyper-scale cloud service providers like Microsoft now available in South Africa, most organisations are re-looking and rethinking their BCDR strategies. The importance here is that organisations can do as many BCDR tests as needed, without the need and cost of an army of resources to make this happen. BCDR in the cloud has the following advantages:
1. Protection of all major IT systems – and doing so more affordably. This means that RTOs can be achieved in minutes instead of hours or days. Cloud BCDR also eliminates the extra cost for data centres. Organisations can now tap into near infinite cloud resources to assist with their BCDR.
2. Unification of data management, security and protection – continuity and compliance throughout the application life cycle is now possible. With cloud services, it is now possible to secure data at rest and in transit. Add to the fact that Microsoft provides industry-leading security and protection solutions at a very cost-effective price point.
3. Applications work in disaster recovery – organisations can now fail over their applications or full on-premises data centres with automated recovery plans in a matter of minutes, instead of days, weeks or months.
4. Perform BCDR tests at any time – with cloud BCDR, organisations can now test their continuity plans any time, whenever they need to, without having to affect their user community.