Prepare for the Worst

Businesses must focus on protecting employees, key assets and inventory

  • By Peter Briggs
  • Nov 01, 2007

Often, when people think of business continuity and disaster recovery, they immediately focus on protecting their employees and organization’s key assets, such as facilities and inventory. However, in more recent years, many have become significantly more reliant on computer infrastructures and the data that is produced with these systems. Processes have become automated and storage systems have become overloaded with critical information to run businesses efficiently and effectively. Because of this reliance on electronic information, data loss can be detrimental to any company and has become a major aspect of business continuity planning.

Data loss can be caused by many different events, from hardware or system malfunctions, human error and software corruption to computer viruses and natural disasters. Surprisingly, the most common cause of data loss is hardware or system malfunctions—with natural disasters, the most publicized cause, only being responsible for approximately 3 percent of lost data.

Statistics show that U.S. businesses lose more than $12 billion per year because of data loss. Most companies believe they are properly protected, but truth be told, a majority of small and mid-sized businesses do not have air-tight backup and recovery plans in place to protect their mission-critical data if a system failure occurs.

For a business to be sustainable, it is critical that companies take data protection seriously and ensure that applications, IT infrastructure and systems are available and can continue to operate—whether a manmade or natural disaster occurs or an employee flips the wrong switch.

Management Steps In
Data backup has traditionally been a concern of the IT department. As a non-revenue generating tool, technology professionals have often had an uphill battle selling the need for disaster recovery solutions to their management. However, today, the tables have turned. With the increase in government and industry regulations, such as HIPAA and Sarbanes Oxley, the concern is often coming from upper management or even the board of directors.

There is a significant disconnect today between what a company requires for its data protection and what its IT department has actually implemented. New regulations are requiring companies to store data for a certain period of time and keep it protected from intruders and system failures. Companies also must back up their data and ensure its availability for continued business operations. For example, SOX requires companies to have systems in place that securely, accurately and reliably manage and report corporate financial data. With so many business applications affecting the company’s financial information, this regulation has an impact on most departments within a company—not just finance.

Because of regulations such as SOX, auditors also are reviewing companies’ technology systems, going back to the boards of directors and advising these executives that their companies need more data and system protection. In turn, management has less tolerance for downtime and lack of availability of their systems and are putting the pressure on their IT departments to put the necessary disaster recovery solutions in place.

How is Your Data Protected?
Over the past several years, most organizations have realized the importance of backing up their data and have made it a common practice. However, most businesses that have implemented some kind of disaster recovery solution think they are 100 percent protected. Most likely, this is not the case. Backup solutions are not foolproof and are resistant to failure themselves.

For example, many companies are still using tape backup solutions, which are known to have high failure rates. They back up their data and systems on magnetic tapes and store them in a safe or at an off-site location. Tapes are vulnerable to getting damaged, lost or stolen, and this approach is difficult to administer. Also, actually accessing information on a tape is extremely time consuming and inefficient. This method typically does not satisfy upper management’s business continuity requirements.

In fact, according to the Gartner Group, 34 percent of companies fail to test their tape backups, and of those that do, 77 percent have found tape backup failures.

Electronic vaulting technology is one of the more popular and reliable approaches that many companies are leveraging today to back up their data. Using the Internet to perform disk-to-disk backup, there are no tapes to transport or store, and data is encrypted and automatically transferred to an off-site data center. Once the company’s data is transferred over the vaulting technology, it then regularly identifies and backs up only incremental changes to the data, making it a much more efficient process.

Backup is Not Enough
Backing up data is critical—there is no doubt. However, data that is backed up but not easily accessible essentially has no value. If a system failure occurs, and data and applications are backed up to another system or location—the recovery of that data is vital for business continuity.

There are now disaster recovery solutions that perform disk-to-disk restoration of data to standby servers, enabling businesses to be operational much more quickly than with traditional methods. With electronic vaulting, data is automatically transferred to an off-site data center, where files can be easily accessed through a standard Web browser. A typical recovery is completed in less than 10 hours, which will satisfy the requirements of most companies. Because electronic vaulting is an Internet technology, there is virtually no capital outlay, and it is easy to set up and straightforward to use.

There also are solutions that provide even more immediate access to data to suit the needs of more fast-paced businesses. High-availability solutions are typically monthly subscription fee programs that create “mirrors” of mission-critical data and systems. If a disaster occurs, the company will be able to access the replicated version of its IT environment via the Internet within a desired recovery time. Several high availability solutions offer this service in less than two hours.

Finding the best solution depends on the business and how reliant it is on its computer systems. A hospital or financial institution needs real-time backup and recovery and cannot survive without its computer systems. If a patient-record system fails, the hospital will not be able to be efficient. If a credit card system fails and customers are unable to make purchases, a financial institution will most likely lose clients, and retailers may experience a reduction in sales.

However, a manufacturer whose payroll system is shut down most likely can continue operations for a reasonable period of time before it begins to affect business. Every business is different—each has its own processes and various industry or government regulations with which it must comply. Therefore, there is no one solution that fits all. Companies need to evaluate their business and determine their own recovery time objectives to ensure sustainability.

Find a Partner
Statistics show that 60 percent of companies that lose their data will shut down within six months of the disaster. Clearly, business continuity and disaster recovery planning is not something to take lightly.

As computer systems have become much more complex, more businesses are hiring IT service providers to keep up with the ever-changing technology marketplace. There are always new and better solutions being sold and new issues that businesses must address. By partnering with IT experts, small and mid-sized businesses can focus energies on business operations that will help them grow and succeed.

There are specific companies that specialize is business continuity planning and others that perform data protection and recovery. These experts can thoroughly evaluate a business, its processes and the industry and government mandates that affect operations. They will help develop a detailed business continuity plan and determine which solutions best fit the business’ needs.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services

  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

Most   Popular

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”