I don’t know about you, but I can remember a time when there were only about a dozen holidays on the calendar. Now it seems like almost every day is National fill-in-the-blank Day.
Disaster Recovery (DR) and Business Continuity (BC) practitioners are up for fun as much as the next person, so not to be left out of this trend, there are a couple of related items you should put on the calendar for the next time they roll around.
Business Continuity Awareness Week (BCAW) is May 14 – 18, 2018 this year. What is BCAW? You guessed it; it’s a week dedicated to creating and raising organizational awareness about Business Continuity. Whether you realize it or think about it often, if and when that bad thing happens at or to your financial institution (FI), you’re going to play a role in the aftermath and subsequent recovery. It is far better to know the playbook before you’re thrown in off the bench and expected to perform!
The other “holiday” to think more about is World Backup Day. Started by a vendor in the DR space, it occurs on March 31 each year. It is not a coincidence this important day is recognized the day before April 1, which most of us are probably going to recognize as another prominent day on the calendar. While I have enjoyed dishing out some pretty good pranks over the years, and have been on the receiving end as well, when it comes to data and the proper backup of it within our FI, this really isn’t a laughing matter.
Within the BC industry, we’re seeing cyber security taking up more of the table, as it should, within an organization’s BC planning. As a part of BC, one of the leading cyber security threats today is ransomware. While the best strategy to deal with ransomware is to not have to recover from it in the first place, what happens if you do have to recover?
I live in one of those flyover states in the Midwest where a lot of the world thinks not much interesting happens. Let me tell you though, when two hospitals were hit with the same ransomware attack within a week of each other back in January, Indiana became the center of the cyber security universe.
The short version of the story is that the entire network was taken hostage. After an assessment of the situation and a review of the mitigation options, the ransom was paid and the network was returned to normal. Each of these events lasted less than 24 hours but occurred on a business day.
Now, think about that same type of event on your network. How are your customers going to react to no access to the network? In many circumstances, no access to the network means no access to the data, which in turn leads to no access to funds. Show me the money! This line could be used by both your customers and the very criminals that are holding your network, data, and customers hostage!
One of the contributing factors to the hospitals’ decision to pay the ransom was because they were less than confident in their backup strategy. It wasn’t necessarily about how long the restoration would take, although this is certainly a consideration. The bigger concern was that if they wiped everything clean and went to restore, would they actually have everything they needed backed up and ready to complete a total restoration process?
This is where knowing your data is critical, as is making sure that you have everything you need – backed up in a coordinated fashion and easily accessible. There are a number of options available to mitigate this risk.
One option is that you can outsource your network to a provider of hosted network solutions. This eliminates the risk from the FI side, and puts the burden of protection on the vendor. If outsourcing isn’t your thing, another option allows you to select a provider that backs up your in-house (on-premises) network and keeps days/weeks along with multiple daily iterations of your backups. This is also a great option, because the service provider should work with you to understand the environment they are providing backup as a service to cover.Customers expect 24x7x365 access to their money, which is made available because in the background 24x7x365 access exists to their data. A sound backup strategy is critical to the availability of that data. In reality, every week should be Business Continuity Awareness Week, and every day should be World Backup Day. The criminals are working around the clock to figure out how to wreak havoc on you and your customers. Isn’t it comforting to know that you play a key role in saving your data? Your customers are counting on it.