Data protection and business continuity for small and mid-sized businesses
Business continuity and data protection are significant concerns for small and medium-sized businesses. The majority of firms depend on data integrity as a critical component of their operations. Likewise, most companies have changed their responsiveness to customers’ demands and run their business processes at a granular level in the case of a disaster or security breach.
Similarly, some small and medium-sized businesses pay less attention to data protection because disaster is unforeseeable, and have no contingency plan in case tragedy happens. For companies to avoid disruption to their services during a catastrophe, there has to be a recovery plan in place, either through an automatic or manual process.
Best practices for data protection and business continuity
Evaluate your business processes
What aspect of your business is most critical regarding data protection?
Develop a plan for business continuity:
Define access control and protection for securing data
Set up disaster recovery to keep your data safe for offsite recovery
How long can you stay unproductive during a disaster or outage?
For example, during Hurricane Sandy, most companies lost hours or days of production.
Setup an automated site recovery in a disaster recovery (DR) site by following standard operating procedures.
Establish continuous testing of the recovery process at least every six months.
Distribution of workloads across different data centers can also reduce service outages, such as setting up a recovery site in the various regions. Most big Cloud providers, like Amazon and Rackspace, have multiple data centers across different regions. You can set up systems on the east coast and west coast, so if one of the areas goes down, you still have other parts running. Pending the time the other area comes up, you can move all your workload to the location that is up and running and switch back once the other site comes back online.
How much distance should your primary site be from disaster recovery (DR) site?
This depends on your service level agreement (SLA) for your customers, and some company prefers 100 miles or 160 kilometers.
Due to the increase in Cloud computing adoption, I will suggest having your site recovery more than 100miles or 160 kilometers from your main sites.
Managing data depends on the type of industry, but for the most part, it addresses these critical questions: what data, which access control, how to retrieve the data, and where to store the data?
Which data are the top priority for your organization?
Production systems/critical application
Financial data or HR usually consider critical data for most companies
Data backup and recovery
Offline backup (Cloud backup, DR site)
Disk-to-disk backup or disk to tape backup
Which access control is to be used:
Required data protection completed by defining who gets access to data
Data security and data encryption to protect important data
How to retrieve data and where to store the data
What kind of software or application is required to manage your data: enterprise software or open source
Data storage implementation, which addresses where to store the data: onsite or offsite (such as Cloud)