There has been a big push to elevate the maturity of disaster recovery in 2018. With the news filled with so many...
system outages, data breaches, cyberattacks and more, it's evident that DR needs to play a front-and-center role in the operations of every organization today.
So, where is DR in 2018 missing the mark?
In short, the biggest overarching observation is that organizations aren't completely prepared for three primary disaster recovery challenges: security, compliance and cloud. I'd like to spend the remainder of this article discussing these angles and where I think DR teams haven't quite made the cut in 2018.
Security: DR teams don't know enough about cyberattacks
When an organization is hit with ransomware, which still ranks in the top two attack vectors in 2018, DR teams don't have an understanding of what's been affected and what needs to be recovered. The same can be said for an attack that involves a cybercriminal moving laterally across your network. One of the major disaster recovery challenges today is that DR teams don't have a proper incident response plan that identifies what data can potentially be affected, making it necessary to recover to a time before the attack.
Take, for example, the attack on the Matanuska-Susitna Borough government in Alaska. This is a study on how not to be protected from cyberattack. Back in July, the organization took a hit to the tune of over 500 workstations and 120 servers. The worst was email; it had to be reinstalled with zero backups. So, users lost literally everything.
Many organizations think about cyberattacks as if they're going to affect just a few systems and minimal server data, but that's rarely the case. With attacks becoming more targeted on specific industries, organizations and geographies, the assumption should be that, if the bad guys want to take down everything, they can.
Compliance: DR teams aren't involved in compliance plans
Released in May of this year, the GDPR presents one of the more recent disaster recovery challenges. GDPR shed some renewed light on the need for organizations to not only protect specified data sets -- as defined by the compliance mandate -- but also the security that surrounds the data. This includes file-, application- and directory-level permissions.
Basically, if your organization does any business with citizens of the European Union, you are subject to GDPR. That means you must know where all of your EU personally identifiable information -- as defined by GDPR -- resides, have a recovery plan in place so that information is available and have a plan to protect the data, application and system security controls so the data remains appropriately used.
And that's just GDPR. DR teams need to begin doing their homework on different compliance mandates if they aren't being pulled into meetings with a compliance team.
Cloud: DR teams don't realize cloud data is their responsibility
DR teams can often forget that, if they use, say, Office 365 for email and storing company documents, the data is still theirs. Most cloud vendors are coming out with a shared responsibility model -- and even entering this language into their service-level agreements -- where they outline, in essence, "We own the service, but you own the data."
The reason I mention it's forgotten is that DR teams seems to be thinking that, since the cloud vendor does its own backups and replication or has simply deleted item retention and recovery, the data must be protected. The reality is: These are typically user-level measures, not organization-level data protection.
It's important, moving forward, that you begin to formulate a plan to protect against disasters such as data loss, manipulation and corruption.
2019: Better, faster, stronger DR
None of this article should be taken as proposing that 2018 was a bad year for DR. In fact, it's quite the opposite. Thanks to these prominent disaster recovery challenges, vendors have improved their offerings, and cloud service providers are stepping up their game to compete with the mega cloud vendors around DR. The trends and changes outlined above provide solid context on how DR teams need to change their planning and execution moving forward.
Take note of disaster recovery challenges you've faced, make changes to your strategy and you'll find your DR team in 2019 is in a far better position to face whatever the upcoming year brings.