Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Business Continuity Planning in a Cloud Enabled World

Putting Business Continuity Plans in Place Now, Means You Won’t Have to Scramble When It’s Time to Trigger Your Disaster Recovery Plan…

Putting Business Continuity Plans in Place Now, Means You Won’t Have to Scramble When It’s Time to Trigger Your Disaster Recovery Plan…

Optimizing the application, architecting network topologies, locking down access controls, carefully selecting service providers – these are the building blocks necessary to achieve a secure, high-performance infrastructure. After all that is done well, you can sit back and relax… until disaster strikes. Even the best-laid plans can experience disruptions due to unforeseen circumstances such as capacity limitations, hardware failure, application error, and human error. These can seem like benign instances up to the moment you’re facing them. This is precisely where business continuity planning comes in.

Business Continuity PlanningTake, for instance, this recent example of where business continuity planning would have made a significant difference. The Surgeons of Lake County’s medical practice database was successfully hacked this summer and 7,000 Electronic Healthcare Records (EHRs) were held hostage for a demanded ransom. The hackers obtained access to a physical server, where the records were housed in plain text, encrypted and password-protected the database, and left a note on the server. This single point of failure locked doctors out of the only copy of patient records available, which possibly put lives at risk.

We’d have to speculate as to what IT practices were and were not used that led to this scenario, but it’s clear a business continuity plan was not in place, as this extra step would have left the EHRs readily available in another location, and allowed the patient care to continue while IT administrators dealt with actual data-napping.

Making provisions for these unlikely but tumultuous events is where business continuity begins, and can benefit companies in a wide array of industries.

Mitigate Localized, Physical and Hardware Problems

IT decision makers can help their companies avoid bleeding revenue and frustrating (or losing) end users, by replicating applications and databases across multiple hosted instances. Mobilizing data across geographically diverse infrastructure, especially cloud environments, offers a great amount of agility, and enables you to diversify point of failure risk.

Ideally, you’ll want your business continuity plan to provide the ability to redirect your DNS to any number of failover facilities, where a mirror of your primary hosting setup has been replicated and is standing by. If you are utilizing cloud environments, snapshots are easily replicated, so businesses can have nearly a carbon copy of their data through this setup by way of nightly backup routines or real-time replication. The agility provided by these plans, when feathers hit the fan, will make the preplanning and incremental additional cost worthwhile.

Bring in the Cloud to Manage BCP Resources

Cloud Computing for Business Continuity Like healthcare organizations, the stakes for transactional businesses like eCommerce platforms and SaaS/PaaS solutions providers are extremely high if their data is unavailable. You’d think business continuity planning would be a no brainer for businesses like these that live and die by having their data online.

In reality, however, since business continuity plans solve future, and possibly (hopefully) nonexistent scenarios, business continuity planning often falls lower on the list of fiduciary allocations. Companies that opted not to put a plan in place, due to cost or resource allocations, should take another look at the cloud as a viable option since this type of infrastructure solves many of the resource restraints and can be highly secure.

When cloud business continuity solutions are in place, processors, RAM, and storage allocations remain practically dormant until the business needs to use them. Once live, more resources can be invoked or existing provisions can scale up quickly, to sufficiently handle the production load. Most enterprises have BC plans with global infrastructure in place. SMBs can now have the same kind of set up by way of cloud environments.

Putting business continuity plans in place now, means you won’t have to scramble when it’s time to call upon your disaster recovery plan. Simplicity and scalability of the cloud makes access to data, without fail, a reality for more IT administrators than ever before. Taking the few simple steps necessary today helps guarantee data protection and availability for your business.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.