如何保护数据免受自然灾害的影响

由杰克 M. 杰曼猪 19， 2020 4：00 上午 PT

https://www.technewsworld.com/story/86808.html

随着飓风季节的到来和自然灾害的进一步展望，公司制定灾害数据计划至关重要。

未能制定电子装备和基本数据的恢复计划的公司，在发生紧急情况时，会招致严重的财务伤害。

TechNewsWorld 与 IT 专家小组讨论了备灾问题。看看他们的建议-并确保你没有忘记这个关键的、许多公司忘记保护但之后又会后悔的事情。

IDC 调查结果

2018年，IDC一份题为"IT弹性状况"的报告警告企业，在发生紧急情况时，不要陷入每年许多公司陷入的陷阱。这些公司将灾难恢复 （DR） 准备视为一种保险单，并且是一种可能几乎没有回报的附加费用。

这种灾难恢复方法对于当今的数字业务来说是不够的。报告警告说，如果将 DR 工具和计划视为成本中心目标而不是业务驱动因素，则组织的云和数字化转型 （DX） 计划将面临更高的失败率。

其他研究估计，多达一半的组织无法在灾难事件中幸存下来。该研究还发现，许多企业没有正确保护其数据、测试其灾难恢复环境或已实现自动化的灾难恢复流程。

"在2020年由于COVID-19大流行已经很紧张之后，预报员预计本季的飓风数量将高于平均水平。遗憾的是，许多企业可能毫无准备地经受住这些风暴，如果从 IT 角度来说还没有准备好，他们可能会经历永久性的数据丢失，"Zerto产品营销副总裁卡罗琳·西摩告诉TechNewsWorld。

为了避免成为另一个受害者，她建议保持关键业务运营，保留有价值的数据，并确保 IT 恢复能力，制定可快速实施的正式 DR 计划。

Seymour 提醒说，除了实施和测试基于云的灾难恢复技术外，IT 团队还需要实践其灾难恢复计划，以了解哪些计划效果良好，哪些领域存在改进机会。

不准备的成本

IT 恢复能力（对灾难恢复至关重要）是衡量组织在计划破坏性事件期间保护数据、有效响应计划外事件并加快面向数据的业务计划的能力的指标。它包括传统的灾难恢复和备份工具，还集成了 21 世纪任何数字业务成功所需的高级分析和安全功能。

IDC 的研究发现，许多组织都看到了新形式的中断（如勒索软件）导致大量停机。

以下是 IDC 灾难恢复研究的一些关键发现：

• 超过一半的受访者目前正在执行 IT 或数字化转型项目，并查看 IT 弹性。他们认为 IT 弹性是基础。但很少有受访者认为他们的 IT 弹性战略已经优化。
• 大多数接受调查的组织都经历过与技术相关的业务中断。这些情况对回收成本或额外员工工时、直接收入损失、永久数据丢失或公司声誉受损造成了重大影响。
• 数据保护 （DP） 和灾难恢复 （DR） 是数字化转型计划的核心原则，但许多组织可能不会优先考虑这一点。
• 只有一半的应用完全由 DR 策略覆盖。这表明在业务战略级别上，数据保护和数据恢复对组织计划的重要性存在脱节。

很多可能会出错

研究发现，许多公司都在为数据保护和灾难恢复解决方案的成本、复杂性和协调而挣扎。近一半的受访者（45%）报告了恢复或备份可靠性方面的挑战。

备份和恢复过程的复杂性也是 43% 的公司面临的主要挑战。这些因素极有可能延迟或中断 IT 转型 （DX） 计划。

这种复杂性过程正在推动大约 90% 的参与公司寻求备份和 DR 工具的融合，因为它们消除了冗余工具。这表明用户越来越多地将备份和 DR 功能视为孤立的产品，而不是单个解决方案的补充资产。

研究人员认为，企业数据恢复的最佳做法是定义 IT 弹性对于其组织意味着什么，并制定实施计划。该定义应从数据保护、备份和灾难恢复的核心元素开始。

它还应考虑新出现的安全威胁，并满足所有业务应用程序的要求。这包括本地或基于公共云。它不应包括一刀切式的 IT 弹性解决方案。

"截至 2020 年 7 月，美国经历了 10 起与天气和气候相关的灾难事件，每次损失超过 10 亿美元。这甚至不算上周席卷东北部部分地区的风暴（飓风阿赛亚斯），"INAP全球云服务副总裁詹妮弗·库里告诉TechNewsWorld。

恢复配方

成功的备灾需要确定优先次序和沟通。Curry 概述了公司在灾难发生前保护其数据和信息的三种方式：

第一步： 识别风险对于许多组织来说，丢失数据和信息是最大的威胁。首先确定其数据存储的位置，是否有副本，如果有，则确定副本的存储位置（现场或单独位置）。

她说："将所有信息存储在一个地方是极其危险的，因为一场自然灾害可以消灭一切。

第二步：考虑非现场备份 如果一个组织确实将数据存储与其主要位置分开，则这是一半的战斗。

"为了进一步保护他们的资产，公司应该选择一个不同地理区域的备份站点，以减少两个地点被一场灾难击倒的可能性，"她解释道。

第三步：考虑灾难 恢复解决方案 许多公司使用云存储作为备份，因为它易于扩展且经济高效。但是，一个更强大的选项是灾难恢复服务 （DRaaS）。

"DRaaS 本质上是公司基础设施中的设施冗余。它复制任务关键型信息、应用程序和数据，以便公司可以在自然灾害期间保持业务连续性，"Curry 解释道。

"当灾难袭来时，IT 团队将受到绑，与其让他们处理来自整个组织利益相关者的多个请求，他们更成功，如果他们有一个优先的应用程序列表，"她提出。

INAP 告诉客户确保在发生破坏性事件之前开发全面的业务连续性。这也提供了一个机会，以确定那些可能经常错过的风险和差距。

平衡风险

管理数据丢失是减少风险和后果的一个案例。LC技术国际首席执行官大卫·齐默尔曼表示，风险不可能也永远不会达到零。

"火灾、洪水、龙卷风、地震和其他灾难等事件可能导致业务更改数据丢失。洪水（尤其是盐水）严重损坏服务器、SD 卡和笔记本电脑等设备。由于海水腐蚀，数据恢复可能是不可能的，"他告诉TechNewsWorld。

然而，培训、公司协议和云备份的一次正确组合可以大大减少任何数据丢失的缺点，从而带来轻微的不便，而不是业务终止灾难，他补充道。

公司可以通过将数据丢失风险纳入灾难恢复计划（评估其数据的物理和虚拟位置）来在紧急情况下保护其电子和数据。然后回顾一下两者对火灾、洪水或其他事件的影响，齐默尔曼建议。

回避灾难

许多没有 IT 人员的小型企业运营商往往认为，他们只需要一个备份到外部硬盘驱动器或存储上传到云服务。齐默尔曼说，这是危险的想法。

仅仅因为您的业务没有配备配备豪华数据管理系统的全职员工，并不意味着您不能采取更小、简单的步骤来保护您的数据。

"对硬盘进行单个备份是没有 IT 人员资源的企业可以完成的第一步。然而，它必须超越这一点。

如果没有正式的数据保护计划，您的所有辛勤工作和内容每天都面临风险，不会重复。有简单的步骤来主动防止这种情况发生，"他说。

小型企业运营商应该遵循拥有 IT 员工的大公司所做所为。实施冗余策略。

这涉及到进行多层备份，通常比您认为必要的要多。使用云创建备份，并结合外部硬盘驱动器存储。齐默尔曼建议，这些应该串联使用，而不是作为彼此的替代品。

"管理任何自然灾害带来的风险应从所有公司拥有的数据的清单开始。将所有内容备份到外部硬盘驱动器（注意这些硬盘都保存在非现场）是最重要的部分。如果灾难袭来，所有数据都保留在办公室，那么备份就毫无意义了，"他提出。

有一件事不能忘记

Zimmerman 表示，尽管丢失数据可能会影响公司的未来，但许多组织仍认为在灾难发生之前制定灾难恢复计划的重要性。数据恢复的最关键点是主动性。

"您不想在灾难发生后争先恐后地创建数据恢复计划。该计划应作为一个路线图，包括数据的所有来源和位置，以及由谁负责，"他建议。

评估数据丢失后要做什么和去哪里，可能会削弱业务模式、公司声誉和实际开展业务的能力。这可能会损害与客户和合作伙伴的现有关系。

"忘记保护某样东西通常不是问题所在。公司最遗憾的是没有从备份数据执行定期恢复测试和测试灾难恢复计划。如果公司毫无准备，它会延长停机时间，在某些情况下会导致数据丢失，"梭子鱼网络公司客户产品经理肖恩·卢巴恩告诉TechNewsWorld。

How to Protect Data From Natural Disasters

By Jack M. Germain Aug 19, 2020 4:00 AM PT

With hurricane season in full bloom and the additional prospect of natural disasters, the importance for companies to have disaster data plans in place is paramount.

Companies that fail to make recovery plans for their electronic gear and essential data are inviting serious financial injury when an emergency strikes.

TechNewsWorld discussed disaster preparedness with a panel of IT experts. Check out their recommendations -- and make sure that you have not forgotten that one key thing that many companies forget to protect but regret afterward.

IDC Findings

A 2018 IDC report entitled "The State of IT Resilience" warns businesses not to fall into the trap that snarls many companies each year when emergencies happen. These firms view disaster recovery (DR) preparedness as an insurance policy and an added expense that is likely to have little payback.

This approach to disaster recovery is inadequate for today's digital businesses. If DR tools and initiatives are viewed as a cost center objective and not as a business driver, an organization's cloud and digital transformation (DX) initiatives will be exposed to a higher rate of failure, the report warns.

Other research estimates that as many as half of all organizations could not survive a disaster event. That research also found that many businesses do not properly protect their data, test their disaster recovery environment, or have automated DR processes in place.

"After an already stressful 2020 due to the COVID-19 pandemic, forecasters are expecting an above-average number of hurricanes this season. Regrettably, many businesses may be unprepared to weather those storms and could experience permanent data loss if they aren't ready from an IT perspective," Caroline Seymour, vice president of product marketing at Zerto, told TechNewsWorld.

To avoid becoming another victim, she recommends maintaining critical business operations, preserving valuable data, and ensuring IT resilience by having a formal DR plan in place that can be enacted rapidly.

In addition to having cloud-based disaster recovery technology implemented and tested, IT teams need to practice their DR plans to understand what works well and where there are opportunities for improvement, Seymour cautioned.

The Cost of Not Preparing

IT resilience -- essential to disaster recovery -- is a measure of an organization's ability to protect data during planned disruptive events, effectively react to unplanned events, and accelerate data-oriented business initiatives. It includes traditional disaster recovery and backup tools, and also incorporates advanced analytics and security capabilities needed for the success of any digital business in the 21st century.

IDC's research found that many organizations are seeing new forms of disruptions, such as ransomware, cause considerable downtime.

Here are some key findings from IDC's disaster recovery research:

• More than half of the respondents are currently undertaking IT or digital transformation projects and view IT resilience. They see IT resilience as foundational. But few respondents believe their IT resilience strategy is optimized.
• Most organizations surveyed have experienced tech-related business disruptions. These situations resulted in material impact in terms of either recovery cost or additional staff hours, direct loss of revenue, permanent loss of data, or damage to company reputation.
• Data protection (DP) and disaster recovery (DR) are central tenets of digital transformation initiatives but may not be prioritized by many organizations.
• Only half of all apps are fully covered by a DR strategy. This indicates a disconnect at the business strategy level regarding the importance of data protection and data recovery to the organization's initiatives.

Much Can Go Wrong

The research found that many companies struggle with the cost, complexity, and orchestration of their data protection and disaster recovery solutions. Almost half of the respondents (45 percent) reported challenges with restore or backup reliability.

The complexity of the backup and recovery process was also a leading challenge for 43 percent of the companies. These factors have a high probability of delaying or disrupting IT transformation (DX) initiatives.

That complexity process is pushing some 90 percent of the participating companies to pursue a convergence of backup and DR tools as they eliminate redundant tools. This indicates that users increasingly see backup and DR functions not as siloed products by as complementary assets of a single solution.

Researchers believe the best practice for corporate data recovery is to define what IT resilience means for their organization and develop a plan for implementation. That definition should begin with the core elements of data protection, backup, and disaster recovery.

It should also account for emerging security threats and address the requirements of all business applications. That includes on-premises or public cloud-based. It should not include a one-size-fits-all IT resilience solution.

"As of July 2020, the US has experienced 10 weather- and climate-related disaster events, losing more than $1 billion each time. This does not even count the storms that took out parts of the Northeast last week (Hurricane Asaias)," Jennifer Curry, vice president of Global Cloud Services at INAP, told TechNewsWorld.

Recipe for Recovery

Successful disaster preparedness entails prioritization and communication. Curry outlined three ways companies can protect their data and information before disaster strikes:

Step One: Identify Risks For many organizations, losing data and information is the biggest threat. Start by identifying where their data is stored, if there are copies, and if so, where are the copies stored (onsite or in a separate location).

"Having all information stored in one place is extremely risky because one natural disaster can wipe out everything," she said.

Step Two: Think About Off-Site Backups If an organization does store data separate from its primary location, that is half the battle.

"To further protect their assets, companies should select a backup site that is in a different geographical region to reduce the chances that both locations would be knocked out by one disaster," she reasoned.

Step Three: Consider Disaster Recovery Solutions Many companies use cloud storage as a backup since it is easily scaled and cost-effective. However, a more robust option is disaster recovery as a service (DRaaS).

"DRaaS is essentially a facility redundancy in company infrastructures. It replicates mission-critical information, applications, and data so companies can maintain business continuity during natural disasters," Curry explained.

"IT teams will be strapped when disaster strikes, and rather than having them tackle multiple requests from stakeholders across the organization, they are more successful if they have a prioritized list of applications," she offered.

INAP tells clients to make sure comprehensive business continuity is developed before a devastating event happens. This also serves as an opportunity to identify the risks and gaps that may be commonly missed.

Balancing the Risks

Managing data loss is a case of reducing risks and consequences. The risk cannot and will not ever reach zero, according to David Zimmerman, CEO of LC Technology International.

"Events like fires, floods, tornados, earthquakes, and other disasters can result in business-altering data losses. Floods (especially salt water) severely damage equipment such as servers, SD cards, and laptops. With corrosion from seawater, data recovery might be impossible," he told TechNewsWorld.

However, the right mix of training, corporate protocols, and cloud backups can greatly reduce the downsides of any data losses, making them slight inconveniences instead of business-ending disasters, he added.

Companies can protect their electronics and data during an emergency by incorporating the risks of data loss into a disaster recovery plan that evaluates the physical and virtual locations of their data. Then review how susceptible both would be to loss from fire, floods, or other events, suggested Zimmerman.

Sidestep Mishaps

Many small business operators with no IT staff tend to think a single backup to an external hard drive or storage uploads to a cloud service is all they need. This is dangerous thinking, according to Zimmerman.

Just because your business does not have a full staff with a fancy data management system does not mean you cannot take smaller, easy steps to protect your data.

"A single backup to a hard drive is the first step a business without the resources of an IT staff can do. However, it must go beyond that.

Without a formal data protection plan, all your hard work and content are at risk every day it is not duplicated. There are easy steps to proactively prevent this from happening," he said.

Small business operators should follow what larger companies that have IT workers do. Implement a policy of redundancy.

This involves making multiple layers of backups, often more than you think is necessary. Create backups with the cloud combined with external hard drive storage. These should be used in tandem, not as replacements for each other, recommended Zimmerman.

"Managing the risk from any natural disaster should start with an inventory of all corporate-owned data. Back everything up to external hard drives -- noting that these are kept off-site -- that's the important part. If a disaster strikes and all the data is held in the office, then the backups are pointless," he offered.

One Thing Not to Forget

Many organizations still do not see the importance of creating a disaster recovery plan prior to a disaster happening, despite the massive risk of losing data that could impact the company's future, Zimmerman shared. The most critical point of data recovery is proactivity.

"You don't want to have to scramble to create a data recovery plan after a disaster strikes. The plan should function as a roadmap that includes all the sources and locations of data and who is responsible for it," he advised.

Evaluating what to do and where to go after data is lost can be crippling to a business model, company reputation, and ability to actually do business. That can hurt any existing relationships with customers and partners.

"Forgetting to protect something is usually not the problem. What companies regret most is not doing periodic restore testing from backup data and testing disaster recovery plans. If companies are unprepared, it prolongs downtime and in some cases leads to data loss," Shawn Lubahn, account product manager at Barracuda Networks, told TechNewsWorld.