We just completed our annual disaster recovery test here at the company I work for. It went well. We have great people at my organization and we are lucky to have them. We learned a few new things about recovery and updated a few things in our documentation. We are an Azure shop and use Azure Site Recovery Manager. We replicate in near real-time to Azure and then snapshot those replications. It’s a pretty robust plan. We have Internet VPN’s back to Azure from all of our locations just in case we need to bring up our entire landscape and not rely on connectivity back to our main datacenter. We view normal day to day recovery different than disaster recovery. We still have on-prem recovery available for file level recovery or single system restores. But the real point of this post revolves around the blurring lines between disaster recovery and cybersecurity events. It make sense to start to look at your disaster recovery plans through the lens of a cybersecurity event. I would encourage you to start talking through scenarios with your team that aren’t your typical disasters (fire, flood, tornado, etc). When you start to peel back the layers of a cybersecurity event, you may find that the recovery aligns closely with existing DR plans. It might even make sense to do your next disaster recovery test with a cybersecurity scenario (Ransomware for example). I hope this helps and makes you think a little bit about your own situation and how Cybersecurity may affect your company, specifically around disaster recovery. Cheers!
About the Author
