Failing at Business continuity(BC) and Disaster recovery(DR) program
As we all witnessed the havoc caused by the CrowdStrike updates on Windows systems, it made me question the Business continuity (BC) and Disaster recovery (DR) of airports, air flight companies, hospitals, and other affected institutions. One of the most critical items in the TRIA of information security is availability; these company’s systems were not designed to be 99.999% available. Airports, air flight companies, and hospitals are part of the critical infrastructures of a country. If they are not available to service their customers it has a direct impact on the economy and lives of their customers.
1. Problem:
It seemed that critical systems were not backed up or had redundancy to private clouds or even public clouds apart from Microsoft systems.
Solution:
- Use a hybrid or multi-cloud approach to have availability for critical systems. For example, a company would run everything on Azure but have standby on a private cloud, AWS, or Google Cloud.
- As soon as downtime is detected on primary sites all the traffic should be routed to secondary cloud services.
