3 minutes read

Ask a roomful of CIOs what keeps them up at night, and data disruptions and downtime are sure to be near the top of the list. And for good reasons: a study by consulting firm ITIC found that 40% of large enterprises estimated the hourly cost of downtime at over $1 million.

A good disaster recovery plan can help minimize disruptions and maximize business continuity in these situations, but these DR plans need to be tested and maintained regularly.

The fast-pace of innovation across the IT industry accelerates the lifespan of technology and best practices. What was considered state-of-the-art last year, just might be a vulnerability this year.  One survey found that 29% of organizations with a disaster recovery plan test it just once a year, and 23% never test it at all.

Data recovery plans have many components, and identifying potential exposure or shortfalls can be a challenge for even the most seasoned IT team.

10 Questions to Ask About Your Current Disaster Recovery Plan

1. What are your data restoration targets? Depending on your backup infrastructure, retrieving your data could take as little as one hour — or as much as several days. Setting your recovery targets involves several considerations, such as the cost of downtime to your business, the long-term impacts on your reputation and brand, and the costs of establishing and maintaining your DR infrastructure.
2. Where are you backing up your data? Options for backup range from cloud providers to specialized services that replicate your complete environment in an offsite data center. In the event of a hurricane, retrieving your data from cloud providers like AWS may take considerable time, especially if your network and computing infrastructures have been damaged. Some specialist providers will replicate your full hardware, software, and data infrastructure onsite, speeding the retrieval process.
3. How often are you performing backups? Backup frequency can depend on the volume and criticality of your data, the cost of data backup, and the ability of your infrastructure to complete backups without impacting your business. For organizations with outdated network infrastructures, frequent or real-time backups can slow network performance to a crawl.
4. What is your hardware replacement strategy? While a robust data backup plan is critical, it’s only part of the picture. A data disaster can wipe out servers, storage, and other essential hardware components. The ability to quickly replicate your hardware infrastructure is a major factor in how quickly you can recover from a major storm or other natural disaster.
5. How often do you test your disaster recovery plan? While disaster recovery testing takes up considerable time and resources, regular testing will ensure plan viability and help identify potential shortfalls. Outsourcing disaster recovery planning can relieve the internal resource burden for many companies.
6. How secure is your data? Data should be encrypted in transit, and offsite storage providers should employ state-of-the-art physical and cybersecurity infrastructures.
7. Do you have in-house expertise? Developing and maintaining disaster recovery protocols can require specialized in-house resources and represent a considerable investment in team bandwidth. That’s one reason why many organizations opt to outsource disaster recovery planning and execution.
8. What if you switch backup suppliers? How easy is it to repatriate your data if you choose to move to a new backup and storage supplier? It’s critical to maintain control of your data and know you can easily migrate it if necessary.
9. Are you employing best-in-class hardware and software? Disaster recovery solutions are quickly evolving to deliver faster and more reliable, cost-effective performance. You should evaluate your infrastructure regularly to ensure you and your providers are leveraging the best available solutions and following established recovery best practices.
10. Is your disaster recovery plan cost-optimized? Encrypting, transporting, and storing data is not cheap. An optimized solution will help maintain or even reduce your ongoing operational costs.

>>Schedule your audit<<

The Data Protection Audit — A Smart First Step

Finally, organizations should consider beginning with a third-party data protection audit to assess their current disaster recovery readiness. Specialized providers have the tools, expertise, and experience to identify shortfalls and recommend appropriate remedial actions.

A data protection audit will help your organization to:

• Validate your business goals and establish recovery point and time objectives
• Review the effectiveness of your existing backup solution
• Assess your security posture and ransomware detection capabilities
• Evaluate your hardware and storage infrastructure
• Provide prioritized recommendations based on security, backup, and disaster recovery best practices

Schedule your data protection audit – no strings attached. The audit is done by our data recovery experts and takes 30-minutes or less of your time. Trade thirty minutes of your time to avoid sleepless nights worrying about your data.

__________

Path Forward IT offers a free Data Protection Audit that will evaluate your current disaster recovery capabilities and recommend the best ways to optimize your data security and recovery solution. Find out more here. 

 

4 minutes read

Ask a roomful of CIOs what keeps them up at night, and data disruptions and downtime are sure to be near the top of the list. And for good reasons: a study by consulting firm ITIC found that 40% of large enterprises estimated the hourly cost of downtime at over $1 million.

While network disruptions caused by cyberattacks and data breaches capture most of the headlines, natural disasters can have significant — or even fatal — consequences for many organizations. For businesses operating in the southern and eastern regions of the US, hurricanes can represent the greatest risk of all.

Hurricane Frequency and Severity Are on the Rise

In 2020, 11 hurricanes made landfall in the US, breaking the previous record of nine in 1916. While growing in frequency, hurricanes are also causing more destruction — more than $51 billion in 2020.

Major storms can impact businesses in many ways — taking networks down, causing data loss, destroying infrastructure, and restricting employees’ ability to work. Remediation efforts can take significant time and resources and are not always successful. FEMA estimates that 9 out of 10 small businesses fail if they cannot resume operations within five days after a disaster.

Despite those dire consequences, Gartner estimates that 72% of organizations do not have adequate disaster recovery or data protection capabilities. Another survey found that 29% of organizations with a data recovery plan test it just once a year, and 23% never test it at all.

Don’t wait: Sign up for your free data protection audit. 

10 Questions to Ask About Your Current Data Recovery Plan

Data recovery plans have many components, and identifying potential exposure or shortfalls can be a challenge for even the most seasoned IT team.

Here are ten areas to consider when evaluating your plan:

1. What are your data restoration targets? Depending on your backup infrastructure, retrieving your data could take as little as one hour — or as much as several days. Setting your recovery targets involves several considerations, such as the cost of downtime to your business, the long-term impacts on your reputation and brand, and the costs of establishing and maintaining your DR infrastructure.
2. Where are you backing up your data? Options for backup range from cloud providers to specialized services that replicate your complete environment in an offsite data center. In the event of a hurricane, retrieving your data from cloud providers like AWS may take considerable time, especially if your network and computing infrastructures have been damaged. Some specialist providers will replicate your full hardware, software, and data infrastructure onsite, speeding the retrieval process.
3. How often are you performing backups? Backup frequency can depend on the volume and criticality of your data, the cost of data backup, and the ability of your infrastructure to complete backups without impacting your business. For organizations with outdated network infrastructures, frequent or real-time backups can slow network performance to a crawl.
4. What is your hardware replacement strategy? While a robust data backup plan is critical, it’s only part of the picture. A hurricane can wipe out servers, storage, and other essential hardware components. The ability to quickly replicate your hardware infrastructure is a major factor in how quickly you can recover from a major storm or other natural disaster.
5. How often do you test your disaster recovery plan? While disaster recovery testing takes up considerable time and resources, regular testing will ensure plan viability and help identify potential shortfalls. Outsourcing disaster recovery planning can relieve the internal resource burden for many companies.
6. How secure is your data? Data should be encrypted in transit, and offsite storage providers should employ state-of-the-art physical and cybersecurity infrastructures.
7. Do you have in-house expertise? Developing and maintaining disaster recovery protocols can require specialized in-house resources and represent a considerable investment in team bandwidth. That’s one reason why many organizations opt to outsource disaster recovery planning and execution.
8. What if you switch backup suppliers? How easy is it to repatriate your data if you choose to move to a new backup and storage supplier? It’s critical to maintain control of your data and know you can easily migrate it if necessary.
9. Are you employing best-in-class hardware and software? Disaster recovery solutions are quickly evolving to deliver faster and more reliable, cost-effective performance. You should evaluate your infrastructure regularly to ensure you and your providers are leveraging the best available solutions and following established recovery best practices.
10. Is your disaster recovery plan cost-optimized? Encrypting, transporting, and storing data is not cheap. An optimized solution will help maintain or even reduce your ongoing operational costs.

>>Schedule your audit<<

The Data Protection Audit — A Smart First Step

Finally, organizations should consider beginning with a third-party data protection audit to assess their current disaster recovery readiness. Specialized providers have the tools, expertise, and experience to identify shortfalls and recommend appropriate remedial actions.

A data protection audit will help your organization to:

• Validate your business goals and establish recovery point and time objectives
• Review the effectiveness of your existing backup solution
• Assess your security posture and ransomware detection capabilities
• Evaluate your hardware and storage infrastructure
• Provide prioritized recommendations based on security, backup, and disaster recovery best practices

Schedule your data protection audit – no strings attached. The audit is done by our data recovery experts and takes 30-minutes or less of your time. Trade thirty minutes of your time to avoid sleepless nights worrying about your data.

Don’t Wait For Hurricane Season

Optimizing your data recovery plan takes time. It can involve allocating budgets and resources, procuring hardware and software, updating processes, and establishing new service provider relationships. If your company is located in areas impacted by hurricanes, you can’t afford to wait until hurricane season to evaluate your disaster recovery plans — you should begin now.

Are you ready for the next Harvey, Sandy, or Katrina?

__________

Path Forward IT offers a free Data Protection Audit that will evaluate your current disaster recovery capabilities and recommend the best ways to optimize your data security and recovery solution. Find out more here. 

 

4 minutes read

Today’s accelerated technology trends are powering unprecedented business transformation. But they’re also introducing an overwhelming amount of security risk. Hackers use a wide range of tools and methods to gain access to your data—from social engineering and phishing scams to ransomware attacks and exploiting systems vulnerabilities. With virtually all personal and business data stored on internet-connected platforms, targeting businesses has become a gold mine for bad actors. To ensure the best chance of business continuity following any compromising cyber event, strategically backing up your data is one of the most foundational best practices you should include in your layered security checklist.

Business-Critical Backup and Recovery, Without A Plan

Cybersecurity professionals agree pretty much universally that, it’s not a matter of whether businesses will encounter an attack, but when. Trying to execute every-day business functions, without access to data, is like trying to drive a car without the tires—basically, inoperable. The very purpose of an holistic security strategy is to minimize as many gateways available to threat vectors as possible; local (on-prem locations), geographical distribution (networked systems) and cloud backups (primary or redundant data storage) are fundamental first steps in a layered approach to protecting your data.

Unfortunately, employing a data backup strategy isn’t as universally agreed upon. If that sounds contradictory, well, it is. In fact, even many IT professionals generally view backups as an insurance against the potential for an attack verses a priority to combat attacks. But consider this common scenario: a company has recognized the importance of backing up data and engages IT to deploy it. A random device is selected and turned on in a single location, but never tested, runs on subpar hardware, and has no particular defined parameters. This approach has a very different outcome during recovery from a cyber attack than a strategic data backup solution.

Business Continuity Predicated on Data Recovery

If you’re employing a set-it-and-forget-it backup strategy, you’re in for a rude awakening when an incident occurs. Waiting until you need your backups is, arguably, the worst time to wonder how many copies of your data are available and where and how they’re stored.  During an incident, time is critical; downtime adds up quickly and can be extremely costly to your customers, your reputation, and your bottom line. Some businesses simply can’t recover; they go out of business. For a significant outage, you need to be able to act fast and be responsive. If you, or your solution provider don’t know what you don’t have, you’re looking at a substantial amount of downtime, and mounting associated recovery costs, as you work it out.

Making Cybersecurity A Priority with Data Backup

Companies are best positioned to assure business continuity if each of these steps have preceded an incident:

• Security-minded culture: user behaviors and policies awareness; ongoing compliance reinforcement
• Preventative measures: annual third-party security assessment to document vulnerabilities in the security controls, along with correction recommendations; firewalls and backup strategy functioning as intended; allow listings and access controls implemented; timely patching; audits, testing, monitoring, and spot checks; and fire drills to ensure everything is documented and security settings haven’t changed
• On-call service in place: 24/7/365 fully-staffed, live helpdesk of experienced, certified engineers with a 15-minute disaster response time

Off-loading some of the routine tasks associated with cyber hygiene like software updates, patching, testing, and backups to an MSP like Path Forward IT is an investment in your overall security plan. This simple step enables a service provider, with end-to-end data protection solutions, to get to know your systems environment intimately, enabling expert counsel for when you need to make operational changes that impact IT, are thinking about a purchase decision, or encounter an attack or natural disaster.

Backup Options Matter

Of course, you never want to get to recovery mode, but when you do, the quality of your backups will be very important. The best mitigation for destructive cyber-attacks is having rock-solid backups. However, with the advent of affiliate ransomware, attackers will now go after any accessible backups too. This makes a secure cloud-based backup solution a good choice—one that uses authentication that requires a unique set of complex credentials for access (does not overlap with workstation, server, or domain credentials) and does not require physical servers in the event of a disaster. What makes Cohesity enterprise-class backup solutions the preferred choice of so many enterprises worldwide are the expanse of options available to prepare your organization for a variety of data compromises. Cohesity provides a secondary repository with immutability, for offsite storage, ransomware early detection, and other advanced security features, along with a team behind it, monitoring and testing everything daily to ensure its efficacy.

The benefits of backup options become crystallized during a recovery operation. Customized data protection and recovery solutions provider, Path Forward IT, points to less production impact and downtime in general, rapid speed to restore, massive data storage of up to 35 PiB (pebibytes), granularity, and the flexibility to scale and customize the solution to fit customer needs.

Backup As Last Line of Defense

A layered security strategy improves your chances of stopping threats from penetrating your environment. But as new technologies develop and threat actors mature in finding ways to exploit them, strategically backing up your data can mean the difference between business devastation and a quickly-contained service interruption.

“If you put a key under the mat for the cops, a burglar can find it, too. Criminals are using every technology tool at their disposal to hack into people’s accounts. If they know there’s a key hidden somewhere, they won’t stop until they find it.”—Tim Cook, CEO, Apple Inc.

To learn more, request a consultation with Path Forward IT.

—

Resources

Top 25 Cyber Security Threats

Ransomware Attacks are not a Matter of If, but When

RPO / RTO

Six Stages of Penetration Testing

3 minutes read

Since the world turned upside down with COVID, McKinsey & Company has been tracking the sentiments of US small and mid-size businesses (SMB). These statistics show that 57% of SMBs report a lack of customers or do not know when customers will come back, and 84% of SMBs say the Coronavirus has negatively impacted their income.

Small and mid-sized businesses are already enduring so many challenges in the wake of COVID. Downtime doesn’t need to be one of them.

What is downtime?

Businesses don’t always realize the ripple effect of downtime, but it can have a significant impact on customers, patients, and your bottom line.

Downtime refers to the inability to access critical business applications like sales processing, CRM, or email. For healthcare practices, it might be patient records or digital imaging. Without access to these tools – or even with slow access – businesses rack up a lot of additional costs while losing time, productivity, and customer (or patient) loyalty!

The right data storage

Establishing the right Storage Area Network (SAN) is a key piece of the puzzle when it comes to keeping your critical systems running quickly, smoothly and securely. Most SMBs already have an established SAN, and chances are, it runs seamlessly in the background – until it doesn’t.

When should you replace your SAN?

Typically a SAN lasts roughly six years, but that timeline could be shorter depending on your business. High growth and larger application systems could have you evaluating a new SAN. When the time comes to replace your SAN, our own in-house HPE Nimble storage expert, Jason Finkelstein, wants you to consider these questions:

Can your current SAN guarantee less than 1-minute downtime?

What if I told you with an HPE Nimble Storage array, you could get 99.9999% guaranteed uptime? But what does 6-Nines mean? Well, with 6-Nines, you are getting a guarantee that the array will not be down more than 2 seconds/month and 31.5 seconds per year.

How can HPE Nimble Storage arrays offer this?

HPE Nimble Storage arrays come with HPE’s Infosight technology. Infosight is an artificial intelligence (AI) cloud-based platform that provides predictive analytics and machine learning. Infosight can predict and resolve 86% of problems before your business is impacted. You can think of Infosight as the first layers of tech support, watching over your systems 24/7. With Infosight analyzing and correlating millions of sensors every second, all customers benefit as their systems get smarter, this ensures their 99.9999% uptime.

Since Infosight is acting as your Tier 1 and Tier 2 support team, any calls you might have to make to the support desk automatically connects you to a Tier 3 support technician.

This direct escalation of support means faster, more focused issue resolution with the peace-of-mind knowing systems will be up and running before morning when everyone starts logging in. With this intuitive, Infosight technology, you’ll often receive a call about an issue before you realize it’s an issue.

Finally, since Infosight is looking at more than just the storage array, it can alert you to other types of issues as well. More than 56% of the problems that Infosight detects and resolves are outside of the array. For example, misconfigurations inside VMware, network issues with ISCSI, or just a server bottleneck issue.

What about upgrades?

With HPE Nimble Storage arrays, all upgrades and expansions can be completed during the day. Improve your productivity by not having to schedule a complete downtime to upgrade firmware, add an expansion shelf, or even install a more powerful controller.

How much is this going to cost me?

The nice thing about HPE Nimble Storage arrays is that all features and licenses are included. The 6-Nines guarantee is a standard benefit on all arrays and is guaranteed as long as the product is supported.

Some of the licenses and features include:

• Deduplication
• Compression
• Encryption
• Always-on App Centric Data Services

Other interesting features for your consideration are:

• Timeless – Controller refresh every three years, with a guarantee 25% performance increase
• dHCI – Hyperconverged Solution

Path Forward: An MSP with a deep bench of experience

For nearly 20 years, Path Forward IT experts have been providing concierge-level 24/7/ 365 IT support to businesses across the US. With that breadth of experience, our dedicated engineers and technicians can quickly hone in on an issue, provide strategic guidance in planning and growing your enterprise, or simply help you select the right hardware to replace end-of-life equipment.  Contact us for more information about our HPE Nimble offering and IT Services.

3 minutes read

Wildfire season is upon us in the West. Hurricane season is underway in the East. It’s never a good time for your healthcare practice to go offline, but for it to happen during a global pandemic would be especially devastating for your patients and your practice.

Patients need peace-of-mind knowing they can reach their providers despite natural disasters.

Experts Predict Highly Active Seasons for 2020

Last year, wildfires in California and across other states in the West caused massive destruction, forcing communities to evacuate and businesses to close temporarily, including many healthcare facilities. Having fewer options puts a strain on those facilities that are still open. Ultimately, it’s the patients and closed practices that suffer most.

The 2020 hurricane season only just started, and already it’s breaking records. Beyond the high winds and loss of power, the threat of the aftermath is just as dangerous. Flooding that threatens buildings and equipment, and downed trees that block roadways can last long beyond the storm itself.

Preparedness Pays Off

Disaster recovery isn’t much different than insurance, except insurance coverage is clearly written out, stating exactly what is or isn’t covered. You can choose the level of reimbursement you would get if the worst-case scenario happened to you. With disaster recovery (DR) planning, it isn’t as clear, but it can be.

DR planning is more than paying a quarterly premium. It’s something that needs continuous monitoring, testing, and adjusting. Done well, it will save your practice time, money, and ensure your patients are getting the care they expect.

Here are a couple of real examples from healthcare practices we work with that underscore how valuable a thoughtful backup and recovery plan can be. 

Can Your Patients Reach Your Practice During a Power Outage?

When it comes to being prepared, most people only think of data backup and recovery. We helped this group of orthopaedic practices create a plan for preventing any disruption to their patient access.

Last August, the California wildfires were burning near a popular orthopaedic group. Electricity was shut down in the area for several days due to the high winds and risk of sparking new fires. Yet in the face of this adversity:

• Our clients didn’t have to shut their practices down.
• Even without electricity, they didn’t miss a single patient call because they use our iVY cloud-based phone system and geographically diverse iVY call associates. These highly-trained agents represent the practice and schedule directly into their EHR.
• Agents contacted every patient with an appointment and made new accommodations.
• Patients continued to receive excellent care, and the practices didn’t have any downtime.

How Quickly Can You Restore Patient Records?

Data backup is critical to being able to get back to seeing and treating patients. Our Patient Shield team works with healthcare practices to design data backup plans specifically for EHR systems. Most practices don’t realize some options allow providers to continue to see patients, access, and update patient records in the EHR, even in recovery mode. It only works if you have it set up before you need it.

Our Patient Shield team works with several health networks in Florida and has seen first-hand the benefits of a solid DR plan.

Last year, hurricane Dorian was on track to make landfall right over the city where one of our clients operates. With the benefit of an established DR plan and a conscientious DR team, this practice didn’t experience any data loss.

Our Patient Shield team worked around the clock, in constant contact with the practice, including daily calls reviewing backups, offsite data transfers, and DR plans. When the tropical storm surges hit, the practice felt confident their data was protected.

Don’t Be Afraid. Be Ready.

Preparing for the worst-case scenario can protect your business and provide a sense of security for your patients. A disaster recovery plan for a healthcare practice looks a little different than a standard plan. There are a lot of considerations to ensure compliance with HIPAA rules for the backup, storage, and recovery of data. There are also your patients to consider. They like knowing they can reach your practice even when facing the adversity of a force of nature.

To learn more, contact a Patient Shield team member to set up a consultation for a comprehensive, healthcare-specific DR plan.