Data Recovery – What Are We missing in the Picture of Data Security?
For the past few months I have been reading articles on Disaster Recovery, everything from what to do to why we should have it in place. The one thing that I have come to understand is that we, as a “culture”, have overlooked the recovery of our precious data and really have not planned for it. We all have the detailed plans on how we store it, back it up and somewhat on how to restore it, but here is the question; when was the last time you did a full recovery to make sure that backup, or even what is on paper, really works?
We rely on third parties to do our storage of the data and to make sure that everything is safe. We purchase the most popular plan from the biggest company because we assume our data will be safest with them, but in my experience it really is not safe after it leaves our walls.
The other thing that we overlook, at times, is the location where this data is being stored. If you are storing it in the same city that you are living in, is it really safe? Think of it this way: if you have two refrigerators in your home, one for the extra food in case of an outage, do you have it plug-in to your home’s electrical panel or do you have it on both a generator and your home’s electrical?
This analogy may be very simple but it makes a point. If you are to store your data, it is a good idea to make sure a few things are being done: 1) Your data store should be on a different grid of power then you are; 2) Where you store your data should have adequate power backup to handle the amount of data you have stored.
Most companies out there have teams of people who plan for everything down to the last second. The one thing that they fail to plan for is if (God forbid) something happens to an employee, i.e. he/she is missing, ill or in an accident. I see disaster planning both from a data recovery standpoint and a knowledge recovery standpoint. My point is this: if the
key person we have trained to implement the Disaster Recovery Plan is not able to get to the location, there should be a second and even a third person designated to step in and ensure that the plan is carried out.
All instructions for the Disaster Recovery Plan and contact information for who is responsible should be in one location, locked, and fire proofed if possible so that anyone who is responsible can access it when needed.
The key message here is that being prepared for the worst is always the best plan of action. In my world, data recovery is like car insurance; it is necessary, but we hope we never have to use it!