Sorry, the language specified is not available for this page

    Cartoon: Why using a DR plan for compromised data recovery is like using water to put out a grease fire

    October 28, 2020


    Hackers and cybercriminals view COVID-19 as an opportunity.

    Since the beginning of the pandemic, companies have seen a surge in hacking attempts, and the FBI’s Internet Crime Complaint Center (IC3) has received between 3,000 and 4,000 cybersecurity complaints each day, up from 1,000 daily complaints before COVID-19.

    While your organization may have safeguards and protections in place to keep your data out of the hands of bad actors, that’s not enough. You also need a way to recover your data if it’s compromised during a cyberattack. And unfortunately, your traditional disaster recovery (DR) plan won’t work for this unique recovery case.

    Using your traditional DR plan to recover compromised data following a successful cyberattack is like throwing water on a grease fire – it might be your first instinct, but it can make the situation worse.

    Traditional DR plans concentrate on physical infrastructure that’s not usually impacted by a cyberattack, thus making it an entirely different “recovery case” than data recovery.

    Data recovery differs from DR in four areas:

    1. DR plans are triggered by a failure in your physical data center, and focus on recovering infrastructure, applications, and network services. In contrast, data recovery is triggered instead by a data compromising event, such as a cyberattack.
    2. Rather than transitioning data to a recovery environment like you do in DR, data recovery usually recovers data in the original production environment.
    3. Backup data might be compromised in a cyberattack, so the DR approach of using recently backed up data could backfire. Instead you must look for the latest available “clean” data to use in the data recovery process.
    4. In DR, it’s much more likely, and expected, that you’ll meet your recovery time objectives (RTOs) and recovery point objectives (RPOs). However, for data recovery, it’s much harder to hit your RTOs and RPOs, since you need more time to understand the nature of the attack.

    Because it’s such a different situation than DR, recovering data after a successful cyberattack demands a different approach.

    Each data recovery scenario is unique to the company, the data and the attack. Before reacting, you need to understand what happened to determine the best way to proceed. You also need a plan in place before you’re hit with a cyberattack so you have recovery options available.

    Determine your vital data assets and keep them safe using a 3-2-1-1 protect and recovery architecture: three areas of resource separation, two defined recovery strategies (DR and data recovery), one off-network or immutable data copy, and one secured recovery environment.

    Establish a multi-faceted team to direct your cyber-compromised data recovery and, to ensure they’re ready to respond quickly and effectively, consistently test your plan for various scenarios.

    Recovering data after a successful cyberattack is different than the typical DR process, but with the right preparations, successful data recovery shouldn’t be a problem. If you plan for the differences, implement the right strategies and regularly test your plan, you’ll be better prepared to recover compromised data, rather than just making things worse.

    Other Posts You Might Be Interested In

    How To Choose Between Public, Private, or Hybrid Clouds

    Choosing the right cloud solution for your business is crucial to ensuring you have the right level of computing support and security to meet the needs of your company. Learn More

    AWS Elastic Block Storage GP3: Fewer Trips Around The World at a Lower Cost

    Four years ago, IDC issued a report on the soaring growth of the world’s total amount of data, estimating that by 2025 the collective sum would skyrocket from 33 zettabytes... Learn More

    How Big Is Your Bucket? Use The AWS Cost Calculator To Find Out

    There’s a metaphor that has been applied to everything from the human body to rotational motion (in physics) to customer relationship management. It’s the humble bucket, that... Learn More