We plan for power failures and other risks. But what happens when data stops flowing?
What are the most prominent business risks? The usual suspects are Cybercrime, operational interruptions, infrastructure failure, and compliance issues. Yet once we exclude strategic risks such as debt and market shifts, most risks often come down to a single issue: utility failure.
Utilities typically mean electricity or water. Since the Eighties, that scope has included problems with IT infrastructure, introducing the third utility: data. If something goes wrong with your business data, it’s often more complicated and harmful than a power failure, says Rob Abrams, Chief Technology Officer at Sithabile Technology Services.
“A power failure is at least straightforward. It has a blunt and all-encompassing impact that is relatively simple to fix—find a new power source. Data failures can happen in different ways and places, and their impact is not always immediately evident. They might result in slow applications, unreliable reports, or completely shut down operations. The problem is not just the loss of data and productivity, but how much resources you need to recover.”
Ransomware attacks illustrate data’s multi-faceted risk profile: simply encrypting data to remove access is enough to cripple multiple levels of a business. Data loss can also result from hardware failure, employee negligence, or insufficient data management. And it has a compound effect. Data losses can aggravate other business risks, even something as routine as compliance reporting. When data fails, many other things start to slow down or break.
Risk mitigation needs data recovery – Companies must have a plan ready when these risks rear their heads. What are the steps to formulate a data recovery strategy?
Establish a living plan: Data is not static; it flows and changes based on different uses in your business. From the start, accept that data backup/recovery strategies are not static or once-off. They benefit from regular testing and updates, so encourage business-wide support, flexibility and cooperation for the strategy.
Don’t do it all at once: Your business has a lot of data spread into different types and use cases. Not all that data is equal, and tackling it all at once will lead to shortfalls and data management fatigue. Pick your battles and focus on the most important risks or valuable data. This helps ensure you back up the crown jewels and can recover them quickly.
Understand the goal: A recovery strategy goes hand-in-hand with a backup strategy. But there is more to it than where and when the data is stored. Data must support business needs and priorities, such as access to customer data, alignment with governance and security, and appropriate use of IT systems and budgets. A data backup/recovery strategy that doesn’t match business needs will be ignored.
Find stakeholders: Data’s purpose depends on who needs it. Do not make data management purely an IT function. Recruit the people who use the data: system owners, departments, project teams, etc. Surveys and data audits can define these groupings. Build cooperation with them and establish what they need—this process will also highlight business priorities.
Establish a data leadership team: Beyond the stakeholders who use the data, create a multidisciplinary team whose expertise informs the backup/recovery strategies. Naturally, this means IT professionals and data experts. But also include finance to help understand budget needs and legal to cover concerns such as legislation (such as data sovereignty or storing personal information).
Determine failure: Define what constitutes failure. What are the ways data failure can harm your business? Knowing this will help prioritise to focus on specific data, and in the event of failure, prioritise what data to recover first.
Profile/audit data: Figure out what data is in the business, then rank it according to importance and risk. There are different ways to audit data; speak to data management experts (such as STS) to explore options.
Determine backup systems: Data backups must go somewhere. It can be on internal systems, in the cloud, or at a backup site. It may require high-speed storage, such as flash arrays, or long-term cold storage, such as tape drives. These considerations will impact your recovery speed, storage budgets, and relevant data management skills.
A plan now avoids disaster later – Fast and strategic data recovery can mitigate even the worst data failures and reduce operational risk. Yet creating such a plan doesn’t have to seem daunting, says Abrams:
“It’s not worth cutting corners when creating your backup and recovery strategies. But you don’t have to do it all at once. It’s like purchasing insurance: focus on what is most important and what your risk appetite is. Work with a data management company that has a proven track record and can provide different use case options that have worked for other companies.”
Mitigating data risks will remove many issues that can hobble a modern business. Don’t wait until ransomware, technology failures, or negligent employees create escalating and compounding risks that start with a data failure. Bad things will happen, but a good plan will get that data back into play. Have a data recovery plan in place and mitigate many of your most serious business risks.