Superstorm Sandy’s wake-up call: Is your data protected from Mother Nature?

Published: November 7, 2012 by bkrenek

As Superstorm Sandy demonstrated to the East Coast during the last week of National Cyber Security Awareness Month; life happens so do you know where your data is?

Data breach protection is of such national critical importance, the effects of Sandy prompted Homeland Security chief Janet Napolitano to emphasize the need for more national cyber security protection at an event in Washington.  During her speech, Napolitano spoke about how Sandy’s devastation left many financial institutions vulnerable to business data breaches due to lack of electricity and other utilities.  She also highlighted the exorbitant costs of a data breach which total billions of dollars annually and are generally paid for by consumers and companies.  From Washington to Wall Street, Superstorm Sandy was a forceful reminder the best thing businesses can do to mitigate natural disasters is to have a data protection and security plan in place to not only protect their business data but to ensure that their disaster recovery time is brief, enabling their business to return to functioning as quickly as possible.

In developing an IT disaster recovery plan, companies need to first address the potential threats to hardware and data caused by natural disasters. Earthquakes can destroy physical infrastructures and floods can prevent offices from being accessed for days until the water subsides, creating a need for long term business data breach protection.  And hurricanes such as Sandy create both problems, potentially destroying hardware and software.  Therefore, the most effective way a business can protect itself from a breach of data in the event of a natural disaster is to implement a strategy that combines data protection solutions with a disaster recovery plan.

Since IT systems are comprised of hardware, software, data and connectivity, without one component, business recovery will be halted.  An IT recovery plan needs to address how to deal with the loss of each of these parts.  First, every recovery strategy needs to create an inventory list of hardware, software applications and data.  Then there must be a plan as to how to replicate and reimage hardware if the hardware is destroyed.  Next, copies of software programs need to be accessible for re-installation with multiple copies kept in more than one place.  The final piece of a data recovery plan is to reclaim the actual data so it is crucial that all business data is constantly backed up and protected using data protection solutions that are reliable and accessible.  Companies then should periodically test their recovery plan to make sure that it works.

Recovering from a disaster is not all about technology; a company’s disaster recovery strategy needs resources such as people, processes and a plan.  However, if a company is well prepared and their recovery plan is well-executed, their disaster recovery time will be less and hopefully, less painful.