DR Preparedness in 2018: No Pizza Parties Just Yet
Flood potential is a major threat to a data center for obvious reasons. Scientific American cited 2016 / 2015 with 500-year and 1000-year floods in West Virginia, Texas, Oklahoma, South Carolina and Louisiana as the basis of its thesis that it is time to re-think the way we classify flooding and how/where we build to prevent being in the path of disaster. In all, the flooding caused billions in property damage all within a twelve-month span.
Organizations do have a choice when it comes to where their data center resides and this is where colocation for DR shines. Part of the colocation site-selection process is identifying a parcel in the lowest risk area possible within any desired Metro Area or – for DR-specific data centers – the lowest risk US region possible with enough geographic separation to comply with industry/internal regulations for target customers. Facilities built in high-risk areas are bolstered with designs specifically created to address high winds, risk of flooding, earthquake readiness and other possibilities.
If the world feels more dangerous today, it’s probably because … it is. What happens if those who don’t play by the rules start targeting the data center?
According to CNN, in the year 2015, “terror attacks in developed world surged 650%”.
And, for the most part, the “developed world” describes where most of the world’s data centers are located. Add in the topic of cyber-terrorism and the numbers are even more staggering. According to a bitpipe security report, 62% of security professionals reported an increase in insider security threats. This was coupled with a staggering statistic that 63% of companies did not have a cyber threat response plan in place and that 50% of those did not feel that it was necessary.
As in the example of insider threats, the physical security layer is still – and will always be – a critical component of protection. Ransomeware has brought to light the importance of having readily available data center environments separated from seized assets, allowing companies the ability to switch over to uncompromised IT environments as opposed to making a choice between payment and operational interruption.
While it is hard to say that any location or company is completely safe from attacks, you can take steps to mitigate the associated risks. For example, think about how many layers of protection there are that prevent an unauthorized person(s) from accessing the actual hardware in your data center. Does it start and finish with a securely locked door?
Colocation facilities from top tier providers feature a wide range of protection such as CCTV cameras with redundant coverage of every square inch of their campus. There are biometric scanners that combine with key cards and pin pads to mandate three layers of personalized input to authenticate a user before they may open a given door. Mantraps and tailgating alarms prevent someone from sneaking up behind a person entering after an authorized user post-authentication. On-site officers, access logs, diamond plating, bullet-proof glass, facial and retinal scanners – the list of potential security components is extensive.
So, with an increasingly dangerous world to live and conduct business in, how prepared are we to protect the organization, employee and customer?
In 2013, according to the Disaster Recovery Planning or “DRP” survey, 72% of businesses received a D or F grade with regard to their level of DR preparedness.
In 2017, Forrester said that “The use of advanced technology is growing, but infrequent DR testing results in low preparedness.” An invenioit survey of 400 IT professionals found that 74% of companies with 500 or more employees at least had a DR plan, but only 54% of companies with less than 500 employees were in the same boat. The same survey found that less than 2% of respondents had established a reliable DR solution. Less than 50% were using cloud and less than 50% of those were using hybrid IT.
So, C’s and below are what make up the 2017 DR preparedness report card, not exactly what a teacher would reward with a class pizza party.
This state of DR preparedness is not only dangerous for the organization and its employees. The customers who regularly consume products and services from such organizations are at risk from simple loss of access to identity theft and other serious ramifications. And, as the members of the developed world become more and more dependent on technology to execute their daily lives, there is more disaster-related risk than ever.
Conclusion – what to do about it.
According to devops.com, Fortune 1000 companies report the average cost of unplanned application downtime to be $1.25B to $2.5B every year. While not all of this is due to a disaster, it follows that a little more investment in DR can pay off in a big way for even the largest, most sophisticated of organizations.
The good news is that with technological innovations, organizations have a wide-range of options for that elusive, reliable DR solution. No longer does a budding young casino marketer have to export the company database to DVD at a given frequency and deliver it to the designated location.
Hybrid IT solutions provide a diversified environment for proper segmentation of systems and workloads to manage budgets as well as a properly prioritized, compliance-ready recovery process. This includes a mix of a colocation hub with cloud, managed services, tape and in-house options layered on top.
Specific to the colocation DR hub, while it is only one component of the DR plan, hosting a backup/DR environment at a reputable colocation provider can address a variety of different risks while optimizing for hybrid IT.
The right facility will feature increased security that help protect against an attack. Purpose-built data centers can be wind-rated to resist big storms and there are even underground data centers in remote locations that protect from natural and manmade disasters with the geographic separation to address any compliance requirement. Many colocation providers also offer easy access to cloud and network ecosystems for efficient tethering to cloud-based and on-prem environments.
With all of these options, here’s to hoping that when the 2020 DRP report comes out, the findings show respondents making the grade when it comes to DR preparedness.
That will be one well-deserved, long-awaited class pizza party. Pepperoni and sausage please.