Modes of Storage for BCDR Plans
In the realm of business continuity and disaster recovery (BCDR), the fundamental principle is to ensure that at least one copy of your business continuity plan and disaster recovery plan survives when one or more interrupters occur during a disaster. This approach is crucial for maintaining operational resilience and minimizing downtime in critical business functions.
When assessing the survivability of your BCDR plans, three common categories of interrupters come into play: Geography, Technology, and Utility Supply. It’s important to note that no single solution provides 100% protection or survivability in a disaster scenario. Each technology, strategy, or implementation has one or many weaknesses that need to be covered by alternative solutions as part of a comprehensive risk management approach.
The risk concept of “Likelihood of occurrence” for evaluating suitability is an anathema to implementing a protection strategy, especially in last resort or extreme impact situations. In most disastrous events, the majority of technology will be available, or you will have a copy of the plans at hand. When it comes to protecting your BCDR plans, cost is evaluated against the potential loss of the entire organisation. Therefore, likelihood (being in lockstep with cost) is not an overly useful consideration in this context.
BCDR primarily utilizes three main concepts to mitigate against disruptions: Distance, Duplication, and Disparity. When considering strategies and solutions to ensure the organisation has at least one copy of the business continuity plan and disaster recovery plan, assess your implementation against these three factors. As your maturity and rigor increase, the organisation will be better equipped to endure more destructive and/or multiple simultaneous losses, enhancing overall business resilience.
The following high-level table of attributes can assist in selecting the appropriate group of solutions for your BCDR strategy:
| Attributes | MS Teams | Encrypted USB | Paper Copy/ies | OneDrive | Network Drive |
|---|---|---|---|---|---|
| Offline/Disconnected | ✔ ½ | ✔ | ✔ | ✔ ½ | ✘ |
| All Elements Encrypted (at rest, in transit, etc) | ✔ ½ | ✔ | ✘ | ✔ ½ | ✔ |
| Third Party Supplied (Eastern States/Cloud) | ✔ | ✘ | ✘ | ✔ | ✘ |
| On Person | ✘ | ✔ | ✘ ½ | ✘ | ✘ |
| Independent of Electricity | ✘ | ✔ ½ | ✔ | ✘ | ✘ |
| Independent of Telecommunications | ✘ | ✔ | ✔ | ✘ | ✘ |
| Ransomware Resistant | ✘ | ✔ ½ | ✔ | ✘ | ✘ |
| Automated Data Synchronisation | ✔ | ✘ | ✘ | ✔ | ✔ |
| Minimal Convergence time | ✔ | ✘ | ✘ | ✔ | ✔ |
| Onboarding/Security Simple (requires Account) | ✘ | ✔ | ✔ | ✘ | ✘ |
| Is Auditable | ✔ | ✘ | ✘ | ✔ | ✔ |
| Internally Controlled/Administered | ✘ | ✔ | ✔ | ✘ | ✔ |
This table highlights how different storage solutions address various aspects of BCDR, including data protection, cybersecurity, and recovery strategies. It’s essential to consider these attributes when developing your business continuity management plan.
The following table demonstrates how different losses require different storage solutions in your BCDR strategy:
| Loss Scenario | MS Teams | Encrypted USB | Paper Copy/ies | OneDrive | Network Drive |
|---|---|---|---|---|---|
| Loss of Building (DC) | ✔ | ✔ | ✔ | ✔ | ✘ |
| Loss of Building (HQ) | ✔ | ✔ | ✘ ½ | ✔ | ✘ |
| Loss of Building Access (HQ) | ✔ | ✔ | ✘ ½ | ✔ | ✘ ½ |
| Loss of Tech (AD, SAN, WAN) | ✘ | ✔ | ✔ | ✘ | ✘ |
| Loss of Staff (IT Staff) | ✔ | ✔ | ✔ | ✔ | ✘ ½ |
| Loss of Supply (Electricity, Telco, Azure/AWS) | ✘ | ✔ ½ | ✔ | ✘ | ✘ |
This table illustrates the importance of having diverse storage solutions to ensure business continuity and effective disaster recovery in various loss scenarios. It emphasizes the need for a comprehensive approach to BCDR that considers different types of incidents and their impact on business operations and IT infrastructure.
When developing your BCDR strategy, it’s crucial to conduct a thorough business impact analysis to identify critical business functions and establish appropriate recovery time objectives. This process will help you determine the most effective storage solutions and recovery procedures for your organisation’s specific needs.
In conclusion, a well-rounded BCDR approach should incorporate multiple storage modes to ensure the survivability of your plans in various disaster scenarios. By considering factors such as distance, duplication, and disparity, and implementing a mix of storage solutions, you can enhance your organisation’s resilience and ability to respond effectively to incidents. Regular risk assessments, ongoing management of your BCDR plans, and periodic testing of recovery strategies are essential components of a robust business continuity and disaster recovery program.
Storage Assumptions
MS Teams and OneDrive
- by default these systems do not copy documents to a local drive, unless the document has been interacted with by the user or they have forced the sync
- Microsoft ultimately controls and administers the platform and a client can configure but not administer
Encrypted USB
- Assumes the USB is device independent but dependent on a device (ie can run on Mac/Windows, desktop/Server, etc but needs a device of some sort to be used)
- Assumes the person carries the stick with them (pocket, bag, lanyard, etc)
- Assumes the ransomware resistance is while it is not connected and offline, otherwise the cryptoware may encrypt
- Failure of power/electricity will eventually disable access to the USB
Paper Copies
- Paper will be kept in a secure location in at least one commonly utilised building – typically HQ
- Two locations are ideal but not the lens utilised
Network Drive
- Assumes that the drive is SMB or NFS
- Assumes that the share is connected to a directory (ie AD) for permission management)
- Assumes that the caching or offline integrations is not enabled (ie default file share)
