In times when IT security is becoming increasingly important and complex, cyber resilience is also a much-discussed topic. It describes the ability of a company to maintain its IT infrastructure despite undesirable events or disruptions. How can data be salvaged after such a natural disaster? What role does data rescue play in cyber resilience, and what can small and less IT-savvy companies in particular do to build a resilient IT strategy?
- A natural disaster wipes out digital data
- Able to act in three steps
- Guidelines for secure data storage
- Know-how: the first step to a resilient IT strategy
A natural disaster wipes out digital data
When a flood wave rolls through the Ahrweiler district and neighboring regions in the summer of 2021, the damage is immense. The existing infrastructure is completely destroyed in parts of the region. In addition to countless private individuals and many companies, a hotel and a stonemasonry business are also affected.
After the flood and the associated water damage to the equipment of many companies, the priorities – especially at the beginning – are on other things than taking care of the backup of business data. So stories of looting made the rounds, and the mud brought on by the flood had to be moved out of homes.
The extent of the potential loss of data for businesses is not immediately clear, especially to those less IT-savvy. The obvious losses of people, machines and materials are initially the main focus. Documents such as customer lists, invoices and product sketches do not seem important at the first moment of the disaster. In view of the traumatic experiences, this is absolutely understandable: many of those affected feel powerless and first have to come to terms with what has happened.
Able to act in three steps
But in order to get back on their feet, businesses need to get up and running quickly. How does one proceed in such a case? How can companies be made capable of acting again despite the failure of the entire technical infrastructure and a barely existing data backup?
In the case of two companies from the Ahrweiler district, this was achieved by taking three steps despite the poor initial situation:
1. Keeping a cool head: Sifting through and taking stock
Pragmatism and a hands-on approach are required in such situations; the mud-covered computers were removed by wheelbarrow. In the next step, the hardware was sorted, cleaned and the computer technology removed.
Based on the findings, the data could be documented and assigned to the individual work steps. This in turn created a list of possible data sources.
2. What is important: Setting priorities
Based on the previously created lists, the data was now assigned to the existing assets. In parallel, a prioritization of the individual data and the determination of their criticality for the continued existence of the company also took place.
In addition to customer data, current liabilities and outstanding accounts with suppliers and banks were particularly important here. Fortunately, it turned out that much of the information was stored in the form of e-mails at the provider and a cloud solution could be used to continue the accounting.
In the specific case of a stonemasonry company, a large number of sketches and designs were also considered particularly important. The result of years of work lay buried under a thick layer of mud here. Based on the criticality, it was now possible to classify which data could be salvaged by the company itself and which might have to be handed over to a specialized firm.
3. Slowly and accurately: rescuing data
Only after this preparation did the next step involve the recovery and rescue of the data. The large amount of information should not be underestimated, because the search and research of the really relevant data alone turned out to be very extensive. Out of nine hard disks, only one could not be recovered. At this point, the listing of the processes and the associated data came into play. This made it possible to search for specific information and restore everyday work processes in the short term.
Guidelines for secure data storage
Experience in the Ahr Valley shows that the challenges of storing data can be successfully met with the following insights:
1. Create directories
A directory of all data and their interdependencies is crucial. Together with an inventory list of the hardware, it quickly becomes clear where which data is stored and what priorities it has in the event of damage.
2. Use standard software
Standard software can be restored quickly. This is often more difficult with industry applications or older programs. Missing or destroyed data carriers, for example, make reconstruction more difficult. Therefore, if standard software is not used, it makes sense to create a backup of the version used in addition to the data.
3. Cloud storage
Throughout the recovery process, cloud usage turned out to be particularly helpful. Data stored in the cloud is well protected from such events, especially since providers often store data in a regionally distributed manner. In most cases, it is sufficient to access the applications on the new computers via a browser and generate new access passwords as needed.
4. Establish backup strategies
Developing backup strategies that are as failsafe as possible and that take into account the individual needs of each company is of particular importance. The following principle applies: Hardware can be replaced in most cases, and insurance often pays for the damage incurred. Data, on the other hand, must be backed up separately.
5. Don’t become a data hog
To facilitate data recovery, irrelevant data should be deleted regularly. Over the years, terabyte-sized amounts of data have accumulated. Therefore, it helps to regularly do a kind of spring cleaning in which old data is sorted out. Relevant data should also be stored on an external hard drive, and cloud-based storage locations are suitable for large formats such as images.
Know-how: the first step to a resilient IT strategy
The flood disaster has shown how important regular and secure data storage is for the continued existence of a company. The short-term rescue of the data in this example is largely due to vendor collaborations and the right approach to data cleansing and mapping. But it once again highlights the importance of a long-term strategy for data protection. It should be an essential part of a company’s IT strategy.
Companies that address this issue and make themselves aware of its relevance are already significantly increasing resilience within the company. This is particularly true for small and medium-sized enterprises, which often do not have the resources to implement a fully resilient IT infrastructure. Only companies that manage to deploy their resources so well and in such a targeted manner that they can respond flexibly to changes will remain able to act and remain fit for the future even in a crisis.