While most of today’s focus is stopping cyberattacks, threats come in many shapes and forms. Being prepared for the unexpected — or the seemingly impossible — should drive your organization to draft, refine and implement a sound disaster recovery and business continuity plan.
On the surface, the idea is simple: prepare for disaster (e.g., hurricanes, earthquakes, fire, snow storms, flooding, etc.) before it happens. Most small- and medium-sized businesses (SMB) don’t devote enough time thinking about disaster recovery (and some enterprises, too), but a “we’ll deal with it when it happens” attitude can mean the end to any company — successful or not.
This level of preparedness is not quick or easy, which can unfortunately lead to irresponsible procrastination. To kickstart your disaster recovery plan — or ensure your current approach is optimized — explore five best practices to help prepare SMBs for worst-case scenarios.
Have a practiced plan in place
It seems obvious enough, but the first component of ensuring business continuity in the face of disaster is to actually have a plan — and then train for it. After any major disaster, people will be under extreme stress and not thinking clearly.
Therefore, it is critical to have a thought-out plan in place that outlines procedures and instructions to follow after a catastrophe. In the business world, this is more commonly referred to as a business continuity plan (BCP).
A BCP coordinates the efforts of all teams (e.g., communications, security, IT, HR, finance, engineering, supply chain, etc.) and helps identify leaders, manage assets and maintain customer expectations. Training and simulations are required to successfully implement a plan; without them, it’s just a piece of paper.
Ensure data is accessible
Network access may not be available after a disaster. The best efforts will have gone to waste if the disaster recovery plan is on a network drive or internal computer that no one can reach.
The same goes for email access. If a company maintains an on-prem secure email server and connectivity is down, communication will be handicapped. A popular solution is to have email and data repositories in the cloud.
Another scenario could be that connectivity is down only to the main site, but a secondary site is available which people don’t know how to reach. For example, a SonicWall Secure Mobile Access (SMA) appliance will make remote access transparent as it will automatically set up a VPN to the closest online site and reroute access as needed.
Build communications options
The ability to communicate effectively with your team, company leaders, customers, vendors and partners has a direct correlation to how quickly a company recovers from a disaster.
Email is the main form of communication in all companies, but this may not be available. As a backup, use social media to coordinate efforts. Applications like Teams, Slack and WhatsApp are good options for coordinating with internal groups. Twitter and the company website also can be used for public communications.
Maintain cyberattack awareness
While cybersecurity awareness should be practiced at all times, it’s critical to be even more vigilant during times of disaster.
Cybercriminals are opportunistic and will launch targeted attacks (e.g., phishing campaigns, ransomware attacks) at areas, regions, companies or organizations looking to either take advantage of those trying to help or hoping the chaos has caused targets’ guards to drop.
Sadly, many non-profit organizations, including the Red Cross, FEMA, FCC and more, are forced to issue repeated scam warnings during disasters. Should one of these attacks compromise an employee or partner, it may be a pathway into your network. If the proper network security firewalls and secure email controls are not already in place, it only takes one click to breach a network or infect a machine.
Some basic best practices will protect users during times of disaster and ensure that contingency networks and access are protected, including two-factor authentication (2FA) or multifactor authentication (MFA), and next-generation antivirus (NGAV) or endpoint protection, such as SonicWall Capture Client.
Together, these will help validate a user’s identity even if his/her credentials are compromised and prevent malicious files from being executed and installed on company machines in the case of infection.
A proper disaster recovery and business continuity plan should not be put off. A catastrophic event or natural disaster could cause far more damage to your business, customers, employees and brand than a proactive, responsible investment in sound cybersecurity, redundant networks and failover controls.
Preparing for disaster not only helps safeguard you during times of crisis, but the same controls will likely protect your networks and data during everyday cyberattacks (e.g., ransomware, email attacks, encrypted threats, insider threats and other malicious threats) against your organization.