HOT TOPIC Business continuity and disaster recovery In the UK and the rest of Europe we’re lucky to be relatively low risk when it comes to the types of disaster that might first come to mind, says Andrew Stuart, managing director, EMEA at Datto. A lthough businesses here are unlikely to have to deal with the impact of an earthquake or hurricane, something as simple as a power cut or broken water main can have the same impact where it comes to the availability of IT networks, and therefore the running of the business. Unfortunately for smaller and medium sized businesses, particularly those that might have just a single location, the overall impact can be far greater than for multi-nationals, as larger organisations are more likely to have a level of operational redundancy that can keep the business going in the event of a disaster affecting a single or limited number of locations. In addition, depending on the sector, IT downtime could even put personal safety of workers or the public at risk if IT systems that control physical access or relate to accurately locating personnel or other assets are compromised. 20 | May 2017 The disasters that might affect the running of an organisation’s IT networks can be loosely put into one of three types: System disasters Datto’s 2016 Cyber Resilience Report found that 66 per cent of companies in 61 countries experienced at least one cyber incident in the last year, caused primarily by phishing and social engineering, malware, spear phishing, denial of service, and out of date software, rendering the organisation’s own network either contaminated or inoperable. Natural disasters Although Europe is at a comparatively low risk, due to global climate change, natural disaster occurrences – like flooding – have increased and intensified. Natural disasters have cost the global economy $2.5 trillion since 2000 and 80 per cent of businesses that do suffer a major natural disaster go out of business in three years. Human error disasters T h e m o s t f re q u e nt , m o s t co m m o n , a n d of te n m o s t d et r i m e nta l c a u s e of d i s a s te r s t h at c a n d i s r u pt b u s i n e s s co nt i n u i t y i s u n i nte nt i o n a l h u m a n e r ro r. O u r re s e a rc h h a s s h ow n t h at 7 0 p e r c e nt of s u cc e s sf u l at ta c k s o n b u s i n e s s e s c a m e f ro m i nte r n a l t h re at s l i ke e m p l o y e e s a n d co nt ra cto r s . E ve n s m a l l d ata l o s s e s – t h o s e w i t h fewe r t h a n 1 0 0 f i l e s l o s t – c a n re s u l t i n co s t s of te n s of t h o u s a n d s of pounds. A single poor choice by a s i n g l e e m p l o y e e c a n l e a d to c ata s t ro p h i c d ata l o s s . The common theme with these scenarios is that they all concern access to data, or loss of existing data. Broadly, the approach to mitigating the risk of these affecting the business concerns the rapid availability of a recent recovery point.