Disaster Recovery (DR) planning: don't just prepare to recover – prepare to be resilient
How would your business cope in the event of an incident that resulted in significant data loss? Of course, it depends on the nature of your business, the type of data and the amount of time elapsed before you're able to resume normal service. The loss of email for a few hours might lead to some administrative disruption, inconvenience and lost productivity, not to mention a bit of customer frustration. But the loss of transactional or production data for a similar duration is more likely have a direct impact on your operations and customer satisfaction - and your profitability.
In fact, significant loss of data could be enough to put you out of business for good. Consider how rapidly the situation could escalate if proprietary or confidential information were to be lost forever. Not only could this adversely affect your ability to remain competitive, but as of next year, there will implications for compliance with the forthcoming General Data Protection Regulation (GDPR), which will affect any business that holds customer data on EU citizens.
We'll spare you the ordeal of reading and deciphering the opaquely-worded article 32(1) of the GDPR, but suffice to say it covers the requirement to have adequate disaster recovery provisions in place in order to comply. So, with less than a year to go, not only will you need an adequate disaster recovery solution that can restore both the availability of and access to personal data, but if you outsource your disaster recovery provision, you'll need to make sure your provider (as a 'data processor') is compliant, too.
Failure to comply could lead to punitive fines of 4% of net sales or €20million, whichever is greater, plus there's the spectre of reputational damage stemming from any sort of data theft. So, it’s now even more critical than ever to your survival that your business has a disaster recovery plan in place.