Back-up and disaster recovery systems often do not get the respect or budget that they deserve, and despite its potentially dire dangers, the coronavirus COVID-19 could actually help change that.
Most things IT professionals would do to prepare for the disease are no different than what they should normally be doing, but concerns about the virus might help accelerate existing plans or to reconsider some long-standing policies.
Prepare for a mobile workforce
Most employees are already very mobile and do most of their work on laptops and mobile devices, so it's perfectly reasonable to think that a company is prepared for a mobile workforce.
However, just because employees can work from virtually anywhere doesn't necessarily mean that IT departments are prepared for all or most of them to be mobile all of the time. Don’t underestimate the degree to which face-to-face interaction is at the core of how you do business.
If a company strongly encourages workers to stay home in response to the virus a significant portion of this company might be working from home for extended periods of time. From a data protection standpoint; this significantly increases the chances that important intellectual property will be created outside of the data centre.
If the company currently relies on storing such data on file servers or similar systems, remote employees will probably not be able to use such systems easily. As a result, they will create and store important data directly on their laptops, leaving centralised company storage out of the picture.
This means that CIOs should probably examine their company's policy regarding data protection of laptops and mobile devices. Many companies don’t provide back-up and recovery for mobile devices, despite the fact that most experts feel they should. Now might be a good time to do so.
The main reason early attempts at laptop back-up failed was users would kill the back-up process because it slowed them down, and it cost too much. The good news is several providers can back up laptops and mobile devices in such a way that users never realise back-ups are running.
A common alternative to mobile device back-up is a centralised communication and collaboration system, such as Office 365 or G-Suite. Employees should be trained in the ways to best use these them so intellectual property is stored there versus on the laptop only.
Protect SaaS data
The more IT executives rely on software-as-a-service (SaaS) products like Office 365 or G-Suite, the more they will want to ensure that the data stored there is properly protected. Be sure to examine the service agreement each vendor provides to see what, if any, back-up and recovery services they provide. Most SaaS providers don’t offer any.
Do not confuse features like the ability to restore a deleted email within the service itself with actual back-up and recovery (that would conform with 3-2-1 Rule, which calls for baking up three copies on two different media, one of them off-site).
Most of these features use versioning, not back-ups, to provide this functionality. If something catastrophic were to happen to an account, most SaaS vendors have no ability to restore it, and have nothing in their service agreement that says they will even attempt to do so.
Consider cloud-based back-up and DR
If the worst happens and IT staff are unable to physically manage the data centre, a company might have trouble responding to a disaster. Most traditional systems require physical presence and the moving around of physical media.
Cloud-based, fully automated disaster recovery services are available. If a company used one, CIOs could fail-over their entire IT infrastructure without ever having to be physically present anywhere. All of the data and services would be automatically migrated and run from the cloud, which could free IT executives up to handle other issues. A fully automated DR system is also a great way to prepare for ransomware attacks – something else that’s happening way too much these days.
Design and implement a back-up and DR system that can handle the worst, and CIOs will be able to ride out any doomsday scenario with ease. Then they can focus on the truly important asset – keeping their people safe.