In today’s article, we will explain some of the basic concepts that are important to understand about Jotelulu’s Disaster Recovery service.
First of all, what is disaster recovery? In basic terms, it’s a set of policies, tools and procedures designed to allow you to either maintain business continuity or recover services quickly following a disaster.
You can find many articles on security, backups and disaster recovery on our blog, such as Disaster Recovery: What Is It and Why Do We Need It?. However, to summarise the main justification for having a disaster recovery plan, I’m going to quote our CEO, David Amorín. At a recent attended by many of our Partners, he said the following: “An IT failure, human error or cyberattack can be devastating for any company, including SMEs, and it can have serious consequences for their finances, reputation, customer trust and data integrity. This new product [Jotetelu’s Disaster Recovery service] allows our Partners to replicate all of their resources and those of their customers, thereby helping to maintain business continuity or, at the very least, recover services in a matter of minutes with minimal impact on operations.”
Why is it so important?
Now, this all sounds very useful, but is it that big a deal? Well, according to IBM’s 2023 Cost of a Data Breach Report, average investments in IT security have increased by 15. 3% and 51% of organisations are planning to increase investments in IT security as a consequence of growing cyber threats.
NOTE: This is just one such study on this topic. However, while other studies may vary slightly in their figures, the trend is very much the same across the board.
So, what is it that disaster recovery planning provides which is deemed so essential to businesses and organisations?
Well, firstly, Disaster Recovery will help to minimise the impact of a security breach. Depending on your resources and planning, it will either help you to maintain business continuity in the event of a catastrophe, or allow you to recover your services quickly to ensure minimal disruption for your users.
Furthermore, Disaster Recovery planning is the perfect exercise to study your resources and define your most critical processes. It will also help you identify your weak points and determine what your IT infrastructure is capable of withstanding. If you’d like to learn more about Disaster Recovery planning, check out Disaster Recovery: What Are RPO, RTO, WRT and MTD, and Why Are They Important?. There, you’ll find a break down of the different areas you need study when putting together a DR Plan.
Basic Concepts when Creating a Disaster Recovery Plan
Understanding your business’s infrastructure is not just about IT. It might be hard to believe, but the IT department is not the centre of the universe. Not only that, but many departments may offer services that have little to do with IT but nonetheless use it in some capacity. This is why DR Planning should involve all departments and management teams. Including all stakeholders is ultimately the best way to ensure that you have a complete picture. Individual departments or managers will be able to tell you what is most important to them. They will also know what services absolutely must not stop and what the priorities should be when responding to a systems failure.
Once you understand how the business, its assets and services work, you can then carry out a risk analysis to help compile a disaster recovery plan and protect your most critical points.
Another aspect that should be considered when developing a DR Plan is your relationship with providers and customers. Particularly in the case of providers, it’s vital to make sure that they have their own recovery plans. In fact, this should be a key part of the provider selection process. That way, you can be sure that they will deliver a reliable service with certain guarantees.
Having reliable service providers with robust recovery plans will also mean that you can more diligently manage your SLAs (Service Level Agreements) and other contracts. Once these agreements have been defined with your providers, you will have the reassurance that all recovery time objectives will be met in the event of a disaster.
Implementation
Another key part of creating a DR plan is to make sure you have a continuous monitoring system in place. It’s vital to detect problems or potential issues as soon as they arise, not just once they’ve brought down a server. Similarly, on the flip-side of the coin, once all systems have been recovered, it’s important to reflect on your response. What went wrong? How could things be improved? What needs to be changed? This Lessons Learnt process should form a key part of your continuous improvement efforts throughout the business, but it becomes especially key for an area like Disaster Recovery.
As with any security measure, it will only be as effective as your training programme. It’s all good and well developing carefully thought-out plans but they will be next to useless if your staff are unsure how to implement them. Any training activity should have a two-pronged approach. On the one hand, you need to delivery practical, technical training to any staff who work with or administrate systems. This will ensure that they valuable practical experience when the unthinkable happens. Secondly, you should also carry out an awareness-raising programme for all other employees, so that everyone fully understands the risks that the business is exposed to every day.
One way of making sure that your technical staff are well trained is by defining a testing programme. This could involve drills, similar to a fire drill, to make sure that everyone knows what their roles and responsibilities are in the event of a disaster. These drills could be total or partial simulations of a disaster according to what is most convenient for the business. This way, you can be sure that everyone knows what to do and that the processes you have developed are actually effective.
Additional Benefits
Another important one of these basic Disaster Recovery concepts is that of regulatory compliance. Disaster Recovery is a key part of Business Continuity Planning, something which is covered by standards like ISO27001 and ISO22301. These standards enable companies to obtain certification accrediting that they have an effective backup solution in a remote location, allowing them to transfer services quickly and reduce disruption to the end user.
If you would like to find out how to activate Disaster Recovery on the Jotelulu platform, take a look at the tutorial How to Activate Disaster Recovery on Jotelulu. You can also find details on how to change your DR settings in the tutorial How to Reconfigure Your DR Replication Policy.
Along with the other security measures offered on the Jotelulu platform, the Disaster Recovery service is the perfect solution to give our Partners peace of mind about their service availability and business continuity.
At present, the Disaster Recovery service allows you to replicate resources in a different location. You can replicate entire subscriptions, whether it be ‘Remote Desktop’ or ‘Servers’. These replicas are hosted in a remote region so they can be activated immediately in the event of a disaster. Currently, you can replicate resources in Madrid or Paris, i.e., resources hosted in Madrid will be replicated in Paris and vice versa.
Lastly, it is worth mentioning that this service forms part of the company’s bi-annual plan to enhance security for customers. This plan includes significant investments in hardware and new locations so that resources can replicated if necessary.
Conclusion
As you can see, Jotelulu’s Disaster Recovery service offers a variety of security benefits for you and your users. Just like any other service on the platform, you can configure it to suit your needs. Furthermore, Jotelulu Partners can benefit from centralised invoicing to help manage costs. All this makes it a very convenient Business Continuity solution for SMEs.
If you would like more information about this service, check out the following articles on our blog. Or if you have more specific questions, feel free to get in touch with us.
Thanks for reading!