- In our IT Support Insider series, we take a close look a specific area of the technical aspects of running a business and offer best practice advice from our team of IT experts.
- In this edition of IT Support Insider, we’re going in-depth on how to keep your business secure by implementing robust backup, disaster recovery, and business continuity practices.
- We’ll look at each of these concepts in depth, how each of them fits in to your IT support planning, and give you some advice on how best to approach your disaster planning process.
Here at Get Support, our team of IT support experts really do have more experience than you can shake a stick at.
With that in mind, we thought we’d knock a few heads together to create a series which shares some of the key technical insights we’ve collected over the years.
This is IT Support Insider, and in this edition we’re taking a look at three topics which are often uttered in the same breath, but also commonly confused: backup, disaster recovery, and business continuity.
All of these IT support concepts share some DNA, but they’re also quite distinct from one another when looked at in the right light.
To prevent any further confusion, let’s jump in by defining each concept and what you, as a small business, need to know about it.
What is backup in business computing?
In IT support and business computing, the term backup simply refers to the act of implementing measures to protect your company’s data from theft, loss, or damage.
Backing up your mission-critical data is really about making copies of your most important files and storing them either locally on an air-gapped (i.e. physically separated) computer or drive, or on a remote server via a secure cloud storage service (like our Veeam Cloud Connect Service).
Having reliable backup processes in place in your business can protect you from losing too much data should a breach or other disaster take place. Depending on how recently you backed up your files, you may not lose too much – even if a breach is successful. More on this a bit later.
If you’re unfamiliar with the particular backup processes you can put in place, be sure to check out our recent guide to the 321 Backup Rule, which is just one way to keep files out of harm’s way.
What is disaster recovery?
While backup is a preventative, ongoing measure which all businesses should take to protect their business, disaster recovery is a little more specific.
Disaster recovery essentially comes into play only after a breach or other event has occurred which has led to the loss or destruction of data. The term ‘disaster’ may sound a little apocalyptic, but it’s really a catch-all word designed to cover a few different scenarios, including:
- Natural risks like floods, epidemics, or earthquakes.
- Technological risks such as hardware failures.
- Human risks including deliberate cyberattacks, malware, and sabotage.
So what does disaster recovery look like in real terms? Well, the principle idea here is for you and your IT support team to develop what’s known as a Disaster Recovery Plan, or DRP. This is a document, whether physical or digital, which is usually managed by your IT support team and contains a detailed outline of exactly what should happen in the event of a disaster like those listed above.
The DRP will outline who is responsible for doing what, the specific steps which should be taken (and in what order), and include details about the Recovery Point Objective (RPO) and Recovery Time Objective (RTO), which we’ll cover shortly.
As the name suggests, disaster recovery is focused on how to restore data and any other core IT infrastructure immediately following a significant event – but what about the business itself? It needs to keep running no matter what, so how can you make sure this happens?
What is business continuity?
Unlike the previous two topics we’ve covered, which were focused on specific situations or data assets, business continuity is more of a process.
While backup is concerned with preventing the loss of essential data, and disaster recovering is concerned with getting it back, business continuity is about balancing risk and ensuring the company keeps running – no matter what.
You’ll recall earlier that we mentioned two specific terms: Recovery Point Objective (RPO) and Recovery Time Objective (RTO). These concepts are at the heart of business continuity strategy, because they let your IT support team know exactly how your organisation will respond in the event of a data breach or disaster:
- The Recovery Point Objective, or RPO, is the maximum amount of time that an organisation is willing to tolerate between the last backup and the disruptive event. Different types of data may have different RPOs, so files that are updated more frequently might have shorter RPOs than files in longer-term storage.
- The Recovery Time Objective, or RTO, is the maximum amount of time that the organisation can run before files, systems, and services must be restored following a disastrous event. If service levels are not restored before the RTO is reached, unacceptable consequences to the viability of the business may occur.
The best way to visualise the difference between these two is that the RPO looks backwards in time, while the RTO looks forwards in time.
It’s worth noting that there is some crossover here between business continuity and disaster recovery, because the RPO is arguably related specifically to the retrieval of data, but because an RPO is focused on a potential future event, we think it also falls under the business continuity umbrella.
In addition to the processes related to securing company data and getting systems back online, your business continuity strategy may also include topics such as alternative workspaces for employees (e.g. in the event of a flood on your premises) or even fire drills.
Keep your business safe with IT support you can trust
At Get Support, we’ve spent over two decades working directly with small businesses across the UK to optimise their cybersecurity and protect their systems from disaster. If you’ve not yet implemented a comprehensive business continuity strategy but you recognise the value of doing so, our team of IT experts is here to help.
To learn more about our IT support agreements – which include detailed IT strategy consultations to plan and develop your business continuity strategy – just get in touch with the team today.
You can reach us on the telephone during UK office hours by dialling 01865 594 000, or simply enter your details into the form below and we’ll get back to you.