What are the most prominent business risks? The usual suspects are cybercrime, operational interruptions, infrastructure failure, and compliance issues. However, once we exclude strategic risks such as debt and market shifts, most risks often boil down to a single issue: utility failure.
Utilities typically refer to electricity or water. Since the Eighties, this scope has encompassed problems with IT infrastructure, introducing the third utility: data. If something goes wrong with your business data, it’s often more intricate and harmful than a power failure, says Rob Abrams, Chief Technology Officer at Sithabile Technology Services:
“A power failure is at least straightforward. It has a blunt and all-encompassing impact that is relatively simple to fix—find a new power source. Data failures can occur in different ways and places, and their impact is not always immediately evident. They might result in slow applications, unreliable reports, or a complete shutdown of operations. The problem isn’t solely the loss of data and productivity, but also the amount of resources required for recovery.”
Ransomware attacks illustrate data’s multi-faceted risk profile: simply encrypting data to restrict access is enough to cripple multiple levels of a business. Data loss can also stem from hardware failure, employee negligence, or insufficient data management. Furthermore, it has a compound effect. Data losses can exacerbate other business risks, including routine tasks like compliance reporting. When data fails, many other functions start to decelerate or break.
Risk mitigation necessitates data recovery. Companies need to have a plan in place for when these risks emerge. What are the steps to formulate a data recovery strategy?
1. Establish a Living Plan: Data isn’t static; it flows and changes based on various uses in your business. From the outset, acknowledge that data backup and recovery strategies aren’t static or one-time endeavors. They benefit from regular testing and updates, so encourage broad business support, flexibility, and cooperation for the strategy.
2. Don’t Do Everything at Once: Your business handles a substantial amount of data across different types and use cases. Not all of this data is equal, and attempting to tackle everything simultaneously will lead to shortcomings and data management fatigue. Choose your battles and concentrate on the most crucial risks or valuable data. This ensures the safeguarding of vital information and its quick recovery.
3. Understand the Goal: A recovery strategy goes hand-in-hand with a backup strategy. However, there’s more to it than just where and when the data is stored. Data must align with business needs and priorities, such as customer data access, governance and security alignment, and appropriate utilization of IT systems and budgets. A data backup and recovery strategy that doesn’t align with business needs will be disregarded.
4. Identify Stakeholders: The purpose of data depends on those who require it. Avoid relegating data management solely to an IT function. Engage the individuals who utilize the data: system owners, departments, project teams, etc. Surveys and data audits can help define these groups. Foster collaboration with them and ascertain their requirements—this process will also highlight business priorities.
5. Establish a Data Leadership Team: Beyond stakeholders who use the data, create a multidisciplinary team with expertise to inform backup and recovery strategies. This naturally involves IT professionals and data experts but also includes finance to understand budget needs and legal to address concerns like legislation (such as data sovereignty or personal information storage).
6. Determine Failure: Define what constitutes failure. How can data failure detrimentally impact your business? This knowledge will aid in prioritizing the focus on specific data and, in the event of failure, prioritizing which data to recover first.
7. Profile and Audit Data: Determine the data present in the business and rank it by importance and risk. Multiple ways to audit data are available; consult data management experts (such as STS) to explore options.
8. Determine Backup Systems: Data backups must be stored somewhere—on internal systems, in the cloud, or at a backup site. This may require high-speed storage like flash arrays or long-term cold storage such as tape drives. These considerations influence recovery speed, storage budgets, and relevant data management skills.
A Plan Now Averts Disaster Later
Swift and strategic data recovery can mitigate even the most severe data failures and reduce operational risk. Yet creating such a plan need not appear daunting, says Abrams:
“It’s not worthwhile to cut corners when crafting your backup and recovery strategies. However, you need not tackle everything at once. It’s akin to purchasing insurance: focus on what holds the utmost importance and what your risk appetite entails. Collaborate with a data management company boasting a proven track record that can present various use case options proven successful for other companies.”
Addressing data risks can eliminate numerous challenges that might impede a modern business. Do not wait until ransomware, technology failures, or negligent employees create escalating and compounding risks initiating data failure. Adverse events will occur, but a well-structured plan will restore that data into play. Have a data recovery plan in place and mitigate numerous critical business risks.
By Rob Abrams, Chief Technology Officer at Sithabile Technology Services
