When we refer to Disaster Recovery (DR), we have data that resides on a “Primary” site and it gets replicated to a “Secondary” or “DR” site. This mirroring of data can be done real time, where or it can be done in batch at the end of the day. DR is essential for the smooth running of a business as any down time or loss of data can cause a business to be shut down in an event of a disaster.

This is especially so when in 2017, a new kind of virus appeared all over cyber world (Petya / Ransomeware/ Wannacry) which caused all sorts of problems for businesses big and small. This virus targeted all windows system that’s are not patched and it encrypted the whole hard disk and a message would appear on the screen asking for ransom money; or else all data will be wiped from the Hard disk including the master boot record. There is no way you can recover any of the data if your company doesn’t have proper backup solution.

 

I had the opportunity to work in an European Mining MNC which have offices around the world which has a DR site in 1 of their main production site in Taiwan  (24/7 operation in 3 plant) and have a backup solution that will backup everything at the primary site (ERP server is in the main office) to a DR site (An hour drive from main office). They backed up the whole ERP database, lotus notes database, domain controller, file server data and ETC which is needed for DR purpose to reduce business downtime.

 

When the ransomware attack came, their European HQ servers were infected and it spread thru their network and infected all their computers and servers in the whole organisation. In Taiwan the whole operations had to be completely shut down because their DR site data was also infected. There is no way the business can carry on without a proper data restore from backup tape. The IT Team worked 24/7 for 3 days to restore the data from backup and the estimated loss in business was US$5 million.

 

Their CEO consequently approved a billion of dollars in investment to improve their current IT system after the incident, which included the upgrade of their current IT Eco-system. They have spent money on hardening their computer and servers by upgrading their firewall, implementing SCCM to manage security patching, introducing more GPO to lock down some computer/server functions,  implementing MFA to control access from outside of their office and personal computer / mobile device that access to their systems remotely. The company also Implemented Palo Alto TRAPS as part of their prevention step to reduce risk of attack in future.

Essentially a good practice of prevention is better than to have do recovery when it comes to Business Continuity Planning for your businesses. For SMEs; it is even more important to have good prevention as they may not have the luxury to have a DR site and a superb backup solution.  Here at Inspireworkz IT Solutions we have experienced personnel that can help you review your current setup and to provide suggestions to improve your system’s resilience. Feel free to contact us for a non-obligatory consultation.