IT Business Continuity & Disaster Recovery
Overview of IT Business Continuity & Disaster Recovery
Flex IT will help you develop Business Continuity & Disaster Recovery (BC-DR) plans to re-establish operations as swiftly and smoothly as possible from a range of scenarios through to complete disaster recovery. Flex builds redundancy, resilience and off-site replication for the IT infrastructure. We also use the most suitable backup processes so that your files, emails, servers and applications, in fact all business information is safe. By focusing on protecting business information from damage or loss Flex IT can make sure your business is protected from interruptions.
Business information needs to be available to your organisation as and when required so that business operations operate efficiently. Hardware failures need to be considered as well as the accidental (or deliberate) deletion of data. It could be that a more serious event affects the office building or systems through to a complete disaster situation.
Our Business Continuity & Disaster Recovery Service will help you to consider the impact to your business and create a business continuity plan and disaster recovery plan with you which will have defined timescales. We consider all ICT areas used by clients and determine the Recovery Point Objective (RPO) and Recovery Time Objective (RTO) which are the maximum allowable amount of lost data the business is prepared to lose and how long it takes to restore systems from the incident. Additionally, once in place, we continually review and test the process for clients.
Key Areas to address for IT Resilience
The areas of consideration to ensure a business has resilient ICT infrastructure and is prepared for an incident that would disrupt the businesses operation is not inconsiderable. Additionally, every business is different and so there is not a single solution to fit all.
Depending on your business and level of risk, every business will have different primary threats to business as usual. That is why risk assessments prior to assembling a business continuity plan can be so helpful. It is also why every plan needs to be bespoke and plan for multiple, potential interruptions to services caused by the unavailability of services, staff, workplaces, and third parties etc.
We implement resilient systems for businesses as well as security fabric to protect business information from damage or loss. A wide range of replication, backup and restore solutions are matched to a business’s requirements following consultancy and discovery exercises. Continuing support and systems management maintains reliability and availability.
Being prepared for incidents will ensure your business continues unimpeded by events. If you are not sure how your business would cope in an event then call us and we will help you.
Here are some of the key areas we address to ensure IT Resilience and Business Continuity:
– Systems & Services
– Backup and Disaster Recovery
– Flexible Working
– Cyber Security
Reliable Internet Supply
The internet supply must be reliable so that remote workers can access On-Premises Services and Internal users access hosted services which need to be readily accessed and the flow of business information uninterrupted.
As part of the resilience plan for Internet services we consider how work could continue if the office is not available. Staff may need to operate from home therefore, their Internet connection also needs to be of a suitable standard. Mobile workers also come into the mix because they will also need to access services and could also be affected by outages.
We provide a wide range of different services with committed SLA’s along with backup provision should the main connection fail. Additionally, 4G backup services can be installed so that an even greater level of resilience can be achieved.
Resilient Systems & Services
All the systems used by the business need to be fit for purpose and by this we mean they must be always reliable and available.
Traditionally we would have been concerned mainly about hardware reliability with an emphasis on replicated servers, redundant hardware and UPS devices to maintain power. While this is still important, we now additionally consider the reliability and resilience of hosted platforms where Infrastructure as a Service (IaaS) as well as other provisions are placed.
We recommend using providers who provide the highest level of resilience and security and these are typically using enterprise-class technology located in Tier 3 data centres in multiple locations as well as conforming to the security and resilience standards ISO 27001 or ISO 22301.
Desktop and Notebook systems need to be properly maintained and updated so they are not exploited by Malware and damage the data they have access to. Printers and other ancillary peripherals may not be accessible by users in certain circumstances and alternative methods may be required.
Protecting the Wider IT Network
Today businesses have a much more complicated network infrastructure than previously with information being dispersed, widely creating a complex web that includes servers in the cloud as well as on-premise. The network now extends to home and mobile devices with each of these “nodes” within the system requiring consideration. It is not just that they are subject to failure they could also be compromised and present a security risk to the business.
By considering the wider network implications we can advise clients on how best to ensure reliability and be prepared to withstand a disaster.
Of course, the Office Network (LAN) is important and its failure can impact the operation considerably if it fails or becomes overloaded. The LAN will typically be connecting not just the PC’s and Notebooks but also the Printers, Phones, other Peripherals as well as the Wi-Fi Access Points. It is important to eliminate single points of failure and make sure the network is protected from devices that could cause an overload or create a network storm.
Flexible Collaboration & Communication
While we are moving away from plastic phones on desks to softphones on laptops and mobile devices, we nevertheless rely on voice communication heavily. We integrate traditional lines to Microsoft 365 and Teams so that voice can be placed alongside IM and email on PC’s Notebooks as well and mobile devices. This is typically referred to as Unified Communications and the flexibility and resilience afforded by these integrations give businesses the power to maintain communication under the most austere situations.
Retaining email through archives as well as invoking “Legal Hold” to retain email for contractual reasons can also play an important part of resilience and limits the chance of accidental deletion.
In the event of a disaster being able to maintain communications with customers, suppliers and staff will be vital and therefore we place a good deal of emphasis in this area.
Information Backup, Restore & Disaster Recovery
Wherever information is held it needs to be preserved and protected to ensure its credibility and confidentiality. This will extend from files, application data, as well as messages etc. Each different set of data have different requirements in terms of both the maximum period that you are willing to lose data on your systems because of an event (RPO) and how fast you can recover from the moment of a disaster to the moment you return to normal operations (RTO). These RPO & RTO objectives need to be realistic and the cost implications accounted for but they are important to determine so that the best fit processes can be implemented.
By employing a mix of technologies, we can provide flexible options to suit all backup requirements including protecting data from accidental deletion, mishap, corruption, malware and even ransomware. A range of services is employed using our Backup as a Service (BaaS) for cloud storage as well as on-premises storage to provide a comprehensive backup solution. Versions of files can be kept online for immediate retrieval, as well as implementing very long-term archiving.
Our Disaster Recovery (DR) as a Service (DRaaS) offers one of the industry’s most advanced disaster recovery services providing a documented SLA for an RTO and RPO you can count on. This service is not a simple restore from backup. Instead, it provides continuous data protection for a group of systems whose configuration and data are kept in sync automatically and can be recovered as a group. Our automated provisioning tools ensure systems configuration and changes are mirrored constantly.
The Impact of Flexible Working
Home and Mobile workers as well as staff who use mobile devices to access company information and send and receive messages need to be included in the mix of IT Resilience. The presence of so many different devices in disparate locations and with software that may not be up to date can present significant security issues.
We need to consider the data being accessed and edited and possibly downloaded, as this can present issues of version control and backup.
In the event of a business interruption or disaster, these weaknesses can become very significant and could exasperate an already difficult situation.
Cyber Threat Protection
We have devoted an entire section of our web site to this subject because it is a key factor in our efforts to Protect Business Information from Damage or Loss. The confidentiality & integrity of businesses data needs to be maintained so that it can be relied on.
We operate around a Security Framework which is based on the guidance provided by the NCSC’s 10 Steps to Cyber Security and its Small Business Guide, the Cyber Essentials checklist as well as the best practices from the ICT industry.