Business Continuity & Disaster Recovery Planning

Business continuity planning and disaster recovery are more than having a backup solution in place.   The organization must identify critical assets and applications.   The organization must understand the impact of not only downtime but how long it will take to recover.   We help your organization plan for these events natural and man-made.

 

Having an effective backup and disaster recovery plan and solutions are essential to business continuity. Ideally, these plans and solutions are aligned to critical business processes and operations.

Bad Things Happen Every Day

The news reports on bad things happening with businesses every day, whether accidental or intentional. You business not immune to these events.

The following sections include a realistic and limited list of bad things that could negatively impact business operation where having an effective backup or disaster recovery plan can reduce or mitigate the risks to your business.

Ransomware

Ransomware is a form of malware where an organization’s data is encrypted by a bad actor.  The data encryption renders the data useless. The bad actor then requests a payment to provide a key to unencrypt the data.   Ransomware is often distributed via targeted phishing attempts to get the malware installed on an organization’s device.

Examples include:  WannaCry, CryptoLocker, NetPetya, BadRabbit

Natural Disasters

Natural disasters are occurring more frequently, and are increasing in severity due to climate change.  Wild fires, hurricanes, inland and coastal flooding, tornadoes, and earthquakes can impact SMBs in the form of power outages, supply chain disruption, loss of personnel, and facility availability.

Examples include:  2018 California fires, Hurricane Harvey, Irma, Jose, & Marie of 2017

Insider Threat

Wikipedia defines an insider threat as a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization’s security practices, data and computer systems.  Insider threats can be accidental or intentional activities.

Examples include:  A disgruntled privileged user (maybe a system administrator) changing a system password upon termination or a low level employee sharing confidential company information.