Will business data survive?

November 2018 Editor's Choice, Infrastructure, Security Services & Risk Management

When it comes to business continuity and disaster recovery, companies often think it’s acceptable to have backups of their data to cater for unexpected events. At the same time, certain companies also try to ensure they have an alternate location for their staff to work from in case of an extreme event like flood, fire or political violence.

Iniel Dreyer
Iniel Dreyer

Iniel Dreyer, managing director at Gabsten Technologies warns that, while the above are necessary and should be part of any continuity plan, people need to realise that a business’s data really is key to any backup plan you may have. This doesn’t mean you simply need to make a backup of your data, but that you must ensure it is accessible, even in a worst-case scenario.

Even if a worst-case scenario happens and a business premises is inaccessible, a company could even have its employees working from home as long as they can access the applications and data they need to do their jobs. All too often, however, this will be a problem because the company’s planning did not cater for these types of events.

Dreyer gives an example of a fire, which is pertinent given recent events in Johannesburg. If a company’s building is inaccessible because of a fire, where is its data? They may have a backup copy in a fireproof safe, but how do they get to it when access to the premises is forbidden? Perhaps the company has a data centre and has designed it correctly so that it is fire proof, but again, even if you can access the location, how do you get to the data once the fire department has cut the electricity to the building?

The same concept applies to data on computers and laptops (and in certain cases, even mobile devices) these days. Executives may have critical information on their computers and if a device is stolen it’s easy to wipe the data remotely, but where is the data backup for easy access? In many cases, a USB drive would have a backup, but it would be in the individual’s laptop bag which is now in the wrong hands.

In cases like this, one has to consider how the backups were done. Is it encrypted so that even if the wrong people get it they can do nothing with it, or did the user simply copy files to a USB without thinking of the consequences?

And this applies to all companies, from large enterprises through to small- and medium-sized businesses (SMBs). Gartner recently found that only 35% of SMBs have disaster recovery plans in place, and Dreyer says these companies are hardest hit by disasters.

The cloud in a crisis

When an SMB loses its data, or access to its data, it can’t service its existing customers or get new customers. And for a small company on a budget this can have serious implications, both for the company and its employees.

A relatively cheap and easy solution is to use a service such as Dropbox to store your data in the cloud (although it’s advisable to ensure you meet local regulations in terms of storing sensitive data offshore). Cloud-based solutions like this are very useful. However, Dreyer says that these large companies would see an African SMB as a blip on the radar and if you have a problem it is very hard to be able to speak to someone and get help when you need it. You are basically on your own and you may end up having to download gigabytes of data from an international location before you are up and running again – if everything goes as expected.

What happens if you accidentally deleted a file from your cloud service provider’s server? What do you do then? Dreyer says this is why it is critical to have a local partner to phone when something goes wrong. In the worst case, you may need more than a phone call and a technician may have to come out and spend some time getting you up and running. International cloud services are cheap because there is no interaction apart from email, which may take a long time to be answered.

It’s worth reading the contracts, or terms and conditions of cloud providers to see what they actually guarantee to provide. They provide a convenient infrastructure, but do they back up your data? What happens if they are hit by a disaster or some form of cyber-attack like ransomware?

Even if you regularly back up your data to an external drive and keep it offsite, how sure are you that when you plug it in you will have all your data available. (How many people test their backups to make sure they can be restored?)

It’s all about service

The solution, according to Dreyer, is to deal with the basics before you get into the complexities of a full business continuity and disaster recovery plan. For example, ensure there are multiple copies of your data backed up, including having it available at a different location (not on the same site or in someone’s laptop bag). Additionally, you should store two copies offsite, one of them on a different medium than the original – a cloud solution could be used for this.

He warns that companies need to choose their cloud providers with care, ensuring they take the necessary steps to ensure that the data entrusted to them is available, even if their infrastructure goes down. As noted, the ability to contact a trusted service provider is also of importance.

In the end, it’s all about service, not just having your data stored somewhere. When you need help, you need to know it’s easily and conveniently available. And most important of all, always remember that your data is something you need to use. Getting it back from a service provider is one thing, but getting it back and available for normal business use quickly is another challenge altogether.


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Kaspersky finds 24 vulnerabilities in biometric access systems
Technews Publishing Information Security
Customers urged to update firmware. Kaspersky has identified numerous flaws in the hybrid biometric terminal produced by international manufacturer ZKTeco, allowing a nefarious actor to bypass the verification process and gain unauthorised access.

2024 Southern Africa OSPAs winners announced
Editor's Choice
The 2024 Southern Africa Outstanding Security Performance Awards (OSPAs) winners were revealed on Tuesday, June 11th, at the Securex South Africa Seminar Theatre hosted by SMART Security Solutions.

Local manufacturing is still on the rise
Hissco Editor's Choice News & Events Security Services & Risk Management
HISSCO International, Africa's largest manufacturer of security X-ray products, has recently secured a multi-continental contract to supply over 55 baggage X-ray screening systems in 10 countries.

NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

iOCO collaboration protection secures Office 365
Information Security Infrastructure
The cloud, in general, and Office 365, in particular, have played a significant role in enabling collaboration, but it has also created a security headache as organisations store valuable information on the platform.

Detecting humans within vehicles without opening the doors
Flow Systems News & Events Security Services & Risk Management
Flow Systems has introduced its new product, which detects humans trying to hide within a vehicle, truck, or container. Vehicles will be searched once they have stopped before one of Flow Systems' access control boom barriers.

Smart mining operations management
Mining (Industry) Infrastructure IoT & Automation
In his presentation at the recent MESA Africa conference, Neels van der Walt, Business Development Manager at Iritron, revealed the all-encompassing concept of SMOM (Smart Mining Operations Management) and why it is inextricably linked to the future of worldwide mining operations.

Cybercriminals embracing AI
Information Security Security Services & Risk Management
Organisations of all sizes are exploring how artificial intelligence (AI) and generative AI, in particular, can benefit their businesses. While they are still figuring out how best to use AI, cybercriminals have fully embraced it.

The future of digital identity in South Africa
Editor's Choice Access Control & Identity Management
When it comes to accessing essential services, such as national medical care, grants and the ability to vote in elections to shape national policy, a valid identity document is critical.

Do you need a virtual CIO?
Editor's Choice News & Events Infrastructure
If you have a CIO, rest assured that your competitors have noticed and will come knocking on their door sooner or later. A Virtual CIO service is a compelling solution for businesses navigating tough economic conditions.