Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Guest View: How to disaster-proof that critical IT architecture

Lawrence Garvin | Dec. 11, 2013
Because protecting networks and their vulnerable components is essential to business survival, it could be catastrophic for IT professionals to sit back and assume their existing disaster recovery (DR) plan is adequate, particularly if it has been in place for some years.

Outlook cloudy

Cloud-based data storage is generally cheaper and more convenient than on-site storage, but remote data centres are still prone to natural disasters, human error and cyber-crime, so backups need to be monitored closely.

If a cloud service-provider encrypts data on behalf of an organisation, that data can also be decrypted by the service-provider. Therefore it is wise to encrypt all data BEFORE it leaves the premises, reducing the risk of exposure to malicious activity.  

For smaller organisations, storing business services in the cloud can reduce risk and provide enterprise-level solutions at a fraction of the cost of running their own infrastructure. With software-as-a-service (SaaS), applications are served and accessed via a third party who will have extensive disaster recovery plans in place.

Colocation offers similar benefits, with servers and rack-space hosted by companies whose existence depends on the reliable delivery of business operations. Smaller organisations can take advantage of this economy-of-scale, with data hosted by a company capable of providing state-of-the-art disaster proofing.

When an organisation replicates data to a chosen destination every few minutes or so, a large volume of data is moved and stored. Surprisingly organisations often invest in a state-of-the-art backup system and off-site storage at a data centre, without considering how much bandwidth will be required for the continual transfer. So use a network monitoring tool to make an accurate assessment of the required volumes, and ensure the link has enough capacity. In some cases a WAN optimisation solution might be implemented to optimise traffic and streamline replication.

Next, consider security. DDoS attacks, malware, state-sponsored espionage and the growth of BYOD all leave a company exposed to external risks and potentially disastrous loss of business continuity. As companies move more storage operations to the cloud, IT administrators have witnessed a partial loss of control, with serious concerns raised around data security and compliance. The following steps show how an organisation can counter security threats.

Companies must implement a strong BYOD policy that educates users on existing threats, and puts clear guidelines in place for safe use of devices both inside and outside the LAN. Train staff to avoid unsecured WiFi networks, use strong passwords and never download software or mobile apps from an unknown source. Set up a Virtual Private Network (VPN), and train staff to use it when outside the office. Keep on top of anti-virus and patch updates, make sure devices are backed up somewhere safe, and ensure they are set up for external wipe in the event of one being stolen.

Network monitoring essential

Many security breaches will trigger network performance issues, often before the breach is discovered. Indications that a network is under attack can be picked up by vigilant network monitoring, and in some cases can be stopped before they cause damage.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.