July 2024 will be remembered in American history for quite some time. Picture this: Worldwide, from Anchorage, Alaska to Sydney, Australia, thousands of international flights grounded, broadcasters unable to go on-air, truckers unable to transport loads, and doctors were unable to access essential patient information. While it might seem like the plot of a clichéd TV movie, this is exactly what happened on July 19, 2024. The chaos was caused by a faulty update to the now-notorious CrowdStrike cybersecurity software, leading Windows computers running it to show the dreaded blue screen of death. 

If you had a flight with Delta on this day, then you experienced the worst of this. Delta experienced almost 7,000 flight cancellations and received more than 176,000 refund requests from irate customers. This is what we call a disaster.

Its an occurrence that is well known across every industry and can be due to human error, an act of nature or even a freak random occurrence. It's one of if not THE biggest fear of any organization, but the future of the organization, all depends on the response. 

"The moment of the incident is the worst time to prepare for it." -Corey Sodes, CTO of Secure Compliance Solutions

Generally, Disaster Recovery is an organizations ability to restore access and functionality to IT infrastructure after a disaster event.  While it should be a core principle across a variety of disciplines, in cyber security it is critical that IT systems that enable the vital functions of a business be re-established ASAP. 

Our disaster recovery policies and testing at SCS aim to create, review, and update the policies and procedures for organizations in the event a disaster takes place. In the words of Secure Compliance Solution Chief Technical Officer Corey Sodes, "The moment of the incident is the worst time to prepare for it." SCS not only implements these policies, but we also perform ongoing management of the tools and systems that will be used in a disaster recovery scenario to make sure they are ready and available when the time arises.   

In simple terms, a successful disaster recovery strategy includes five key components: a disaster recovery team, risk assessment, identification of critical assets, backups, and testing/optimization.

A disaster recovery team is a group of individuals within the organization assigned to create, implement and manage the disaster recovery plan. Each person is delegated a specific responsibilities in the event disaster strike. 

Risk evaluation is a necessity to preparation. The organization brainstorms potential hazards and develops a relevant response. Even improbable scenarios should be taken into account.

Identification of critical assets involves documenting systems, data, resources, and applications that are imperative to business function. 

Backups involve the identification of what needs to be preserved, then establishing methods to preserve or back them up. A recovery point objective (RPO) determines the frequency of backups, while a recovery time objective (RTO) dictates how long the company should be (or can be) inoperable should a disaster incident occur. The goal is to have all systems essential to the functioning of the business operational by, or before, the RTO has been reached. 

Testing/Optimization is an ongoing process that makes sure the disaster recover plan is effective and ready to kick into effect should the need arise. This includes frequent assessments and updates to security and back up systems. 

At SCS, we cater our disaster recovery services to the needs of the client.  We provide support from a conceptual standpoint (developing recovery plans for businesses, testing and improving existing recovery plans, etc.) to material assistance, including providing a complete disaster recovery tech stack. Let Secure Compliance Solutions prepare your business for the unexpected.   

Flinders, M. (2024, November 25). Cyber recovery vs. disaster recovery: What’s the difference? . IBM. https://www.ibm.com/think/topics/cyber-recovery-vs-disaster-recovery