On May 7th, the City of Baltimore suffered a crippling ransomware attack that shut down essential systems throughout the city.
The city government’s email, voicemail, property tax portal, water bill payment system and parking ticket trackers have all been affected. City Hall has declared no ransom will be paid, while technicians have spent the past couple weeks restoring the afflicted systems manually. While this is the right thing to do (never pay the ransom), we also believe this can serve as a learning opportunity to businesses, specifically about the value of an effective disaster recovery system.
Data Backup vs Disaster Recovery
When people hear the words “disaster recovery,” they often think of data backup. While the two concepts are related, they are not the same thing. The purpose of data backup is to keep recent copies of essential data in case the original copy is lost. Disaster Recovery, on the other hand, is focused on rebooting the mission-critical systems that keep your business running from one moment to the next.
Think of your company and the systems it needs to run smoothly and efficiently. This likely includes things like a phone system, email platform, website (especially important for B2C eCommerce companies), accounting system, or any other tool the business absolutely cannot function without. Now consider a scenario wherein each of those tools became instantly unavailable. How quickly could you restore those systems to working condition and re-open your business?
Why Is Disaster Recovery so Important?
This is an important question that businesses large and small must address for a couple different reasons. For one, being down is expensive. Just how expensive depends on your particular industry, but Gartner estimates the average cost of downtime across all businesses is roughly $5,600 per minute. Yes, you read that correctly. While this likely is not the case for most small businesses, the point remains that every minute your website is down is another minute it won’t be making you any money.
The second reason downtime is so dangerous to business is the corrosive effect it has on customer loyalty. As you might conclude, customers don’t like it when access to an important good or service is cut off. Every minute your services are offline is another minute they are Googling for your competitors, and B2B companies have just as much to lose when their IT networks break down. According to the Rand Group, downtime-related losses are particularly significant for businesses involved in high-level data transactions like banks and online retailers.
Therefore, as a business operation your goal should be to recover from a disaster as quickly and seamlessly as possible. In the IT industry, we refer to this seamless transition as “failover.”
Just for fun:
Curious what downtime costs major tech companies per minute? Gremlin has a nifty tool which uses real-life revenue figures to calculate the per-minute cost of downtime to major eCommerce companies like Walmart & Amazon.
Disaster Recovery & Failover
When applied to the systems that run your IT network, the term failover refers to the act of moving workloads from a downed machine (such as an email server) to a backup machine that takes over said workloads. In other words, if the server hosting your email system dies, its workload and data are automatically pushed to a backup server which takes over the job of hosting and running your email system.
Precisely how long that failover process takes depends on the type of system that went down, but a properly configured failover solution will generally restore complete functionality within 30 minutes. For context, migrating your email system to a new machine manually is an intensive and time-consuming process that could take a couple of days.
Setting up A Disaster Recovery System
As with most things in IT, there are two ways for a company to implement a disaster recovery solution. Some businesses opt to build their own systems from scratch. We won’t go into the details of what this effort entails but you can believe it’s a lot of work. More often companies seeking a disaster recovery solution end up purchasing the system as a monthly managed service. Generally speaking, these offerings fall into a category of services called DRaaS, or Disaster Recovery as a Service.
There are a variety of DRaaS providers available to companies today, each with their own unique value proposition. Aside from choosing a reputable vendor, companies must also ensure their chosen DRaaS solution is tailored to meet their unique business requirements. Seek out an IT support provider like Sagiss who has demonstrable experience building these systems.
Over the past several years Sagiss has migrated dozens of companies and thousands of end-users into cloud-based workspaces. Systems that our clients entrust us to manage, such as email and O365 accounts, live inside Microsoft Azure cloud servers. We provide Disaster Recovery protection to those systems using a tool called Azure Site Recovery (ASR). In the event a server we manage goes down, ASR automatically transfers that server’s workload to a new server. The system works automatically, meaning downtime is minimized. Because the data is traveling within Microsoft’s own environment, the recovery process is quite fast. In most cases we can recover the work of a downed server in 5 minutes or less.
If you have questions about Azure Site Recovery, or disaster recovery services in general please feel free to contact us anytime.
MDS vulnerabilities are a relevantly new class of exploitable cybersecurity flaws. Researchers are still exploring how these attacks are