The Covid-19 pandemic has completely altered the way business continuity practices have traditionally been practiced and implemented. If one looks at the extensive damage caused by disasters, it reaffirms the need to have a comprehensive disaster recovery or business continuity policy in place.
How can enterprises prepare themselves for the future? We take a look at some prominent trends that will be intrinsic to business resiliency technology and strategies:
#1 The continued rise of DRaaS
For 2021, Forrester has estimated that an additional 20% of firms will make the change from DR operations to public cloud for a varied part of business apps. This trend is set to accelerate, due to the increased benefits of DR as a Service (DRaaS). More enterprises will opt in for a pay-as-you use DRaaS model, as they see the benefits of having access to valuable data quickly, in the event of a disaster. 2020 proved how a cloud-based business continuity plan was crucial to access critical IT assets from anywhere. 2021 will see on-premise DR plans fading out, and more enterprises will consider DRaaS.
#2 People will be an intrinsic part of business continuity plans
The Covid 19 situation has completely changed how organizations think with respect to their business continuity plans. Till date, disaster management was confined to regions. Risk was typically mitigated by assuming that if one physical asset was affected in a region, then the other physical asset in another location would take over. The Covid 19 pandemic has completely altered this approach. With a large number of employees working from home, enterprises suddenly needed to connect remote workers to ensure continuity of business. The business continuity plan must hence capture this eventuality.
#3 Roles will be have to be reclassified in the remote working era
Consulting firm McKinsey says that firms need to classify roles into a fully remote, hybrid remote, hybrid remote by exception or onsite. This will allow enterprises to gauge how they can operate business in an environment where most resources are working from scattered remote locations. This will also help them plan and build for remote capabilities, such as Tier II or Tier III locations in India, where reliable bandwidth can be a huge issue. In the future, DR drills must be conducted from multiple remote locations involving different scenarios. This will help them in preparing a more realistic assessment of actual situations on the ground and close gaps progressively.
#4 Security must be embedded by design
An increase in remote working has also brought in additional risks. The last nine months have seen a surge in ransomware attacks targeting remote workers. As most employees do not have the same level of security infrastructure preparedness in the home environment, they are at greater risk of being targeted with ransomware. Weak passwords, unpatched systems and usage of unsecure devices are some of the key reasons for home devices to be targeted by cyber criminals. To ensure robust security, organizations must improve awareness and make employees aware of the dangers of phishing or using unofficial apps or websites for storing or transmitting data. As part of the security policy, employees must also be regularly encouraged to keep changing their passwords, as weak passwords are responsible for a majority of unauthorized access. Regular patching of systems must also be enforced. Secure access of information can be provided using VPNs. Similarly, virtual desktops can be provided to employees for ensuring secure access to data and applications. This is critical today, as recent trends have shown that hackers are increasingly targeting backup systems to improve their chances of getting payment after installing ransomware.
#5 Continuous Data Protection will be increasingly preferred
As data becomes more critical to the competitiveness and mere survival of many enterprises, data protection has assumed greater significance. While backups are useful, it is time consuming and expensive to restore to a day-old or week-old backup. To prepare themselves for these uncertain times, organizations are implementing a technology called Continuous Data Protection, which ensures that enterprises have access to updated data in the quickest way, and can restore operations without any delay. This helps in keeping data protected in real time by automatically updating every single change to your live data. As changes are written simultaneously, the technology allows organizations to access data from any point in time. Using this technology, organizations have access to updated copy of their information and can achieve resiliency against ransomware. The technology can be used to recover files, virtual machines, or even an entire application stack.