Story image

Disaster recovery: What to consider when choosing a cloud provider for data backup

30 Nov 16

The business impact of the recent earthquakes has prompted organisations to think about their disaster recovery plans, and The Ministry of Business, Innovation and Employment (MBIE) says there are a number of factors to consider.

Organisations need to know all types of data they have, and whether that information can be secure. Some storage solutions can be kept on-premise and off-site, but how much information is in those storage facilities may be too much.

"You should regularly make copies of data — known as backing up — in case original data is lost or stolen. It’s also vital for your disaster recovery. If you store data in the cloud, this should be done for you. If not, look at getting software that backs up data automatically, so you don’t need to think about it," the MBIE website says.

In addition, managed ICT & business continuity solutions provider Plan B states that having access to data from other locations is important, as was particularly demonstrated during the recent earthquakes.

"As with any unplanned outage, customers that had clear business continuity plans were able to get up and running more efficiently than those that did not," Plan B says.

The company put together a list of tips to consider when forming a disaster recovery plan, and data access was high on the list.

"To ensure access to critical systems, have a plan for accessing your data and server infrastructure from another location if your production equipment is affected by an outage," the company says.

The Ministry of Business, Innovation and Employment says that in the event of an IT breach, hack or natural disaster, most cloud data should, in theory, be safe. The Privacy Commissioner has released a number of factors when analysing cloud computing risk - particularly when choosing a cloud disaster recovery provider.

1. Understand your company's needs and work out your risks - Personal information on an unsecured server would be better protected by a cloud provider, particularly in the event of data loss or hacking.

2. Understand what information you'll be entrusting with cloud providers - if it is personal information, there is more risk involved.

3. The responsibility is ultimately on you - you are giving cloud providers trust and access to personal information. Ensure that your contract covers safe and secure storage of private information.

4. Ensure your provider offers data encryption and also use encryption on your end - this makes it less likely for data to be misused.

5. Analyse any prospective cloud providers - are they independently and regularly audited? What is their reputation like? If they are New-Zealand based, they may be signed up to the Institute of IT Professionals CloudCode.

6. Understand the contract - what happens to the data if the cloud provider is bought our or goes under? Will you be told in the event of a data breach?

7. Explain to clients what you're doing with personal information when giving it to cloud providers.

8 Work out where the data is hosted and what privacy laws apply - not all providers disclose their data centre locations, but ensure they comply with government requests, legal procedures and complaints procedures.

9. What happens if you switch providers? Will the company keep or delete the information?

10. Does your cloud provider pass data on to a third party? Some providers outsource their services. The security of the outsourced companies must be as robust as your own provider's policies.

Slashing commute time could save NZ from 900,000 tonnes of C02
In New Zealand, workers could save between 7.7 and 8.8 million hours of commuting time every year.
Experts comment on record 772mil-user data breach
Dubbed “Collection #1”, the data set contains emails and passwords with over a billion unique combinations of email addresses and passwords.
Why flexible working could make good business sense
“You can always give it a go on a trial basis. If it’s not working, be honest."
Chorus fibre roll out picks up pace
Chorus has announced that 50% of fibre installations are now being completed within a day.
Keep security in check when doing your mobile banking
Most mobile banking attacks happen through social engineering, which is when people are manipulated to hand over their usernames and passwords to cybercriminals.
AI, big data could be key to improving Māori health
"Being able to get experts of this level together to start exploring how we use data to ultimately better the lives of New Zealanders is one that we were determined to be involved with," says ACC chief.
Human assets the key to a successful digital transformation
Y Soft's Martin de Martini says it's vital that organisations continue to train and motivate their employees.
New blockchain solution aims to keep our food ethical
OpenSC enables anyone to scan product QR codes which automatically takes them to information about where a specific product’s journey.