When it comes to backup and disaster recovery (BDR) guidance, it’s pretty common to hear discussions about your Recovery Point Objective (RPO) and your Recovery Time Objective (RTO).

Your RPO is essentially your decision on how much data you can afford to lose during downtime. For instance, you’ve decided you can afford to lose six hours of email or four hours of online orders.

Your RTO, on the other hand, is the maximum amount of time you want to lapse between the initial failure and your recovery. If your RTO is three hours, then your objective is to be up and running within three hours from going dark.

RTA vs. RTO

Here’s what you hear less about: your Recovery Time Actual (RTA). RTA is the actual amount of time it takes for you to recover and is the reality, not the goal set by your RTO (the objective). This is important to measure because your success or failure in matching your RTA to your RTO tells you if your backup and disaster recovery system needs help.

Why Your RTA is Lagging Behind Your RTO

Not all outages are the same, and your RTA could fluctuate depending on the solution, the type of disaster, and other factors. But whether you’ve developed an RTO for each situation or one that overrides RTO for your critical systems, you should have an accurate idea of how much time it takes you to come back to life. That tells you how effective your BDR strategies and solutions are.

If your RTA is coming up short, here are several possible reasons:

Relying on Physical Backups: You’re still relying on physical backups, and you find that you can’t keep up with your expanding data and apps – and even when you can, retrieving those offsite backups can involve traveling to distant data centers or shipping times.

Legacy System: You’re using an old-school legacy system that requires intense maintenance and manual testing as well as backup creation – and sometimes your team falls behind, putting your recovery at risk. Plus, legacy systems that doesn’t use data deduplication creates high bandwidth requirements, which put a drain on your network performance.

Inadequate Resources: Your IT infrastructure has insufficient hardware, storage, or network bandwidth, which slows down recovery times.

Multiple Vendors and Interdependencies Needed to Recover: You upgraded to a modern BDR solution but found it involves a variety of vendors and support centers for recovery, creating chaos whenever recovery goes wrong and no one seems to know whose fault it is or how to fix it. Systems with multiple BDR solutions create complex interdependencies that require more time to restore, leading to delays.

Complex to Use: Your new solution involves a dozen complex steps that require training, which slows down recovery when none of the trained staff are available.

Partial Recovery: When recovering from an outage, you can only get a few systems back online, forcing you to choose between saving sales or employee productivity.

Poorly Defined RTO: An RTO that is too aggressive or was created hastily can lead to failure in meeting it.

Untested RTO: This is one of the most common causes. When an RTO is untested, chances are the RTO and RTA has a wide gap. Without frequent testing, flaws in the recovery processes are only discovered during actual outages, which can cause extreme delays.

Closing the RTO-RTA Gap

If any of the above sound familiar, below are a few ways to speed up your RTA.

Simplify your Recovery Process. Choose a solution that’s intuitive and easy enough for anyone to failover in a time of crisis. A solution like Quorum’s one-click recovery is your friend when it comes to getting back online fast.

Choose an All-in-One Solution. Along the same theme of simplification, find a BDR vendor that either takes it all off your plate, as in a DRaaS solution, or choose a vendor that handles every aspect of BDR – no extra suppliers or complexity involved.

Go Virtual. For another level of security, partner physical backups with a virtualized mirror of your environment for a speedy offsite disaster recovery.

Leverage Cloud Resources. A cloud-based disaster recovery solution that includes on-site appliances can offer more flexibility and easier scalability compared to purely on-premise backups. As a bonus, these more contemporary frameworks can mitigate your lack of resources while being more cost-effective in most scenarios.

Create a Response Team. Your RTA is bound to hit a practical limit if your recovery processes rely on an individual to perform key recovery tasks. Sooner or later, an incident may occur where the individual you need is unavailable. This can be especially devastating if you lack the documentation needed for someone else to take over. To avoid these kinds of mishaps, you must make a point to create a team trained to recover from different scenarios should the situation arise.

Prioritize Automation. Nothing slows down recovery like discovering your backups are corrupt or outdated – or just weren’t created. Automated backups and testing features like what Quorum provides can lighten the administrative burden on your team while boosting your RTA. Automation that removes the need for humans to do the heavy lifting should help your team focus on the big-picture issues, thus speeding up your RTA.

Set Up a Tiered Recovery System. Team leaders may not want to hear or even admit it, but not all systems and data are equally critical. Before disaster strikes, the organization’s stakeholders must agree on which systems need to be prioritized for restoration to meet continuity needs, if applicable. For instance, a manufacturer would prioritize systems that can keep their assembly line moving, whereas a law firm may prioritize communications and document accessibility. This will further simplify recovery and recovery scenarios where business units are prioritized based on clout and not on the real value they provide.

Collaborate with External Experts. If your in-house team lacks expertise, consider collaborating with external BDR consultants or MSPs to review your strategies. External experts may be less burdened by biases, and they may have the most up-to-date experiences from other clients and industries that may help you close the RTO and RTA gap.

Set Up Testing Environments. If you haven’t done so already, you’ll want to set up a test environment, like the Clean Room Test Network that Quorum provides, so that you can run recovery tests without impacting live systems. Regularly testing in these environments will also help provide a baseline for success when optimizing your RTA, troubleshoot ransomware attacks, and help prevent faulty patches from taking down your systems like what happened to CrowdStrike.

Keep Testing Your Disaster Recovery Plan. The best way to close the gap between your RTA and your RTO is to keep testing your plan and find out where the weaknesses are. On each test, consider these three key questions at the very least:

• Is the team unclear on what they should do?
• Have you identified the most likely risks and implemented the right security and recovery measures?
• Are you prioritizing critical systems and data through tiered recovery?

Regular tabletop exercises and run-throughs are the best ways to continually identify and correct the stumbling blocks that inhibit a speedy recovery. Once you have these down, you will eventually get your RTA closer to your RTO.

Final Thoughts

When evaluating solutions, ensure the clone environments run as fast as your normal environments. Lags and limitations can cancel out even a rapid RTA. Thus, make sure your replica will perform with the same speed and smoothness users are used to. That is why, at Quorum, we’re laser-focused on the performance of our appliances. In fact, our appliance are so fast that when clients failed over to our appliance, their users didn’t even notice any difference.

With our Quorum onQ, recovery time is only 5 minutes. A single appliance can have up to 8,000,000 IOPs. Our scalable hardware is designed to deliver the same levels of workload performance as your production systems and seamlessly take over from the compromised server.

See how Quorum can help you close the RTO and RTA gap. Get a demo now.

As an IT leader, do you know if your Ransomware/DR solution is being tested on a regular schedule?

If you can’t answer this question or the following questions, you are at risk of financial loss or adversely impacting your company’s reputation should something happen. For many organizations, they expect the solution provider or a service provider to ensure their protection will meet their requirements should the unfortunate happen.

Don’t assume that others are providing adequate protection. Test! If something happens and you are not able to keep your business running or bring the business back up within the times spelled out in your DR plan, as an IT leader, you will be the one held responsible. While your provider may be a very reputable company, the only way you can ensure that it will be available when needed is to test and test regularly.

If you are not testing regularly, why?

1. Is it because there is a cost associated with testing?
2. Is it because other things are taking priority over regular testing?
3. Are you expecting your service provider to conduct testing and they are not?
4. Is it because you are being told by a service or cloud provider that the solution is solid, and you don’t need to worry?

If any of these apply, you are at risk!

1. If it’s the cost associated with testing, you must ask why?

• Some vendors charge for testing; this may come in the form of professional services because the solution is complicated and requires special expertise to conduct the test.
• It may be that there are fees associated with moving the data; frequently found in a cloud solution.
• At Quorum, we believe you should be able to test your solution as often as you need so you are confident you are ready should something happen. We also provide resources should you need them to help complete your test.

2. Is it time limitations or competing priorities that prevent you from completing a regular testing schedule?

• There are always competing priorities, don’t let the safety of your businesses drop off the list.
• Work with your service or solution provider to establish a plan that ensures your safety but also respects your other activities.
• At Quorum, we will help you come up with a plan that recognizes you have other commitments but ensures your business is protected.

3. Are you expecting your service provider to be conducting tests?

• Know the schedule – when and how often.
• Consider having someone present to observe the testing and schedule an after action with your service provider or solution provider to review the results versus your requirements; applying the “zero trust” philosophy.
• You may want to consider having a user participate and perform a few real-world scenarios while running on the recovery node.
• If your solution is “backup-only”, can you recover within your time requirements? Sometimes we believe the recovery process is easy, but pushing large amounts of data across the internet or internal networks can be much slower and take much longer than expected.
• Also, with “backup-only”, if your hardware is damaged or out of commission, what will you do? Where will you mount your backups?

4. If you are in a public cloud like AWS, Azure, etc. or a private cloud hosted by your MSP or solution provider, don’t assume you are adequately protected. It is still your responsibility to test and verify your solution is sound.

• You need to see that your recovery requirements are being met.
• If you are being hosted in the cloud (public or private), make sure you are protected. Don’t assume you are protected because your cloud or service provider is providing assurances. Have them demonstrate the solution provided meets your requirements.
  • Can you spin up your environment and operate your business should your primary environment goes down?
  • If you are only backing up, how long does it actually take to move your data back to your production environment and is that acceptable?
• How is the connection between your cloud instance of your environment and your workplace where the employees need to access the information?
• As noted above, I would consider having a user(s) perform real-world scenarios to ensure the solution provides an acceptable experience to conduct business.

Bottom-line, no matter what anyone tells you about your preparedness, are you sure you’re ready. Don’t ever assume. Set up a regular testing schedule where you are actively involved and can guarantee that should something happen, you will be able to spin up your alternate environment and continue to run the business. In each of the scenarios listed above, not only will you need to spin up the environment, but you may need to continue to run on the environment for days, weeks, or possibly months.

At Quorum, we fully understand and appreciate the importance of regular testing. Whether in our cloud or on one of our appliances, there will never be a charge for you to test. You can test as often as you need to be comfortable your solution meets your needs. Additionally, if you need help, we have resources available to assist with anything you may need – again, at no charge. We want you to be safe and confident in your solution. Testing is the only way to guarantee that safety.

QuorumLabs is excited to announce our latest product releases. Our teams have been hard at work to bring you incredible new features and enhancements that will take your industry leading ransomware protection and disaster recovery experience to new heights. QuorumLabs continues to be a leader in ransomware protection and disaster recovery, these enhancements just make that claim even stronger.

Version 6

• Version 6 launched Quorum VIP (VMware Integrated Protection), a groundbreaking set of features which allows you to perform agentless back-ups of your data from the VMware level. That’s not all! With VIP, you can now run your environment from the onQ, but you can also mount the VDMK directly back to a VMware host.
• Say hello to Multi-Factor Authentication. The Quorum appliance has never been infected by ransomware, MFA extends our security focus by providing an extra layer of security to safeguard your valuable data.
• We’ve also added the ability to protect a VM operating system supported by VMware for VIP recovery back to VMware. This feature currently supports Windows, Redhat kernels, and Suse for direct recovery to the onQ.

Version 7 – Prepare to Be Amazed

• Introducing the New Policy Engine, featuring three types of policies that will revolutionize your data protection strategies.
• Enrollment Policy: Seamlessly enroll and protect large numbers of Protected Nodes from licensed VMware ESX environments. The policy also allows monitoring of these environments for new servers and automatic enrollment onto the onQ. You won’t need to lift a finger!
• Backup Policy: Customize your backup policies by setting backup frequency, retention, and recovery parameters. Take control of your data protection processes like never before.
• Recovery Policy: Design recovery scenarios to recover any number of machines based on real-time network conditions. Prioritize your recovery and ensure minimal downtime.
• All policies come with powerful filtering and defining options, allowing you to protect servers based on various criteria such as name, VMware tags, Quorum Tags, IP address, VMware datacenter, and folder groupings.

Internals Updated for Maximum Performance

• We’ve made internal updates, moving from XenServer to Oracle Enterprise Linux KVM 9 for the hypervisor, resulting in faster start times for Recovery Nodes and no networking bottlenecks.
• Latest security patches and updates have been applied.
• Upgraded scripting engines for improved backup and policy performance.
• Quorum has also moved from CentOS to Oracle Enterprise Linux 9 for the onQ, ensuring a more secure environment which is easier to maintain.

Introducing “Quorum Collections”

Quorum Collections provides customers with:

• Multitenancy which allows multiple customers to exist on a single appliance
• Multiple onQ environment to exist in the same network
• A solution for MSPs to manage multiple customers

In the rapidly evolving landscape of technology and cyber-attacks, ensuring the resilience of your organization’s IT infrastructure is paramount. A robust ransomware protection and disaster recovery (DR) solution is not just a best practice; it’s a critical necessity to safeguard your business against the unpredictable incidents like power outages, hardware failures, natural disasters, or ransomware attacks.

One key step in this process is conducting regular self-assessments on your organization’s IT infrastructure’s resilience to unexpected incidents. To make the self-assessment process simple (like the way we created our DR solution), Quorum has created a free self-assessment questionnaire, comprised of 10 questions, to help you easily evaluate the resilience of your organization’s IT infrastructure. The assessment should only take you 2 minutes to complete.

But before you start, why is the important to take a self-assessment?

Table of Contents

5 Reasons Why You Need a Disaster-Preparedness Assessment

Here are 5 reasons why an assessment holds immense importance for your organization’s success.

1. Alignment with Business Objectives

Conducting a self-assessment allows you to closely align your DR strategy with your organization’s broader business objectives. By understanding the unique needs and priorities of your company, you can tailor your disaster recovery approach to minimize downtime, data loss, and financial impact. This alignment ensures that your IT investments are working in harmony with your overall business strategy.

2. Identification of Gaps and Weaknesses

Self-assessments empower you to identify vulnerabilities and weaknesses in your existing disaster recovery plan and ransomware preparedness. These gaps might include outdated procedures, inadequate backup systems, and overlooked components. One common gap that we see in ransomware preparedness is not involving the enough personnel in the communication plan, such as security, law enforcement, and other senior executives. Addressing these issues proactively can prevent costly disruptions in the event of a disaster, reducing downtime and improving your organization’s overall resilience.

3. Regulatory Compliance and Risk Management

Many industries are subject to regulatory requirements that mandate comprehensive disaster recovery planning. Self-assessment enables you to ensure your DR solution aligns with these regulations, avoiding potential fines and legal issues. Furthermore, by addressing risk factors during self-assessment, you can minimize the likelihood of operational disruptions that could negatively impact your reputation and customer trust.

4. Efficient Resource Allocation

Assessing your disaster recovery solution helps you allocate resources more efficiently. You can identify areas where investments might be unnecessary, redundant, or misallocated. This optimization not only saves costs but also ensures that your IT team can focus their efforts on high-priority tasks that contribute directly to your organization’s growth.

5. Enhanced Communication and Collaboration

These self-assessments start conversations that encourages cross-functional collaboration within your organization, and is especially true when prepping for ransomware attacks because it brings in expanded team members, such as security, law enforcement, and more senior executives, etc. Involving different stakeholders from IT, operations, management, and other relevant departments fosters a comprehensive understanding of your DR solution’s strengths and weaknesses. This collective insight enables better decision-making and implementation of improvements.

10 Questions to Measure Your Organization’s Disaster Preparedness

Again, Quorum created this self-assessment to help you easily assess how well your organization can recover from an unexpected incident. There is a total of 10 questions, which should take you approximately 2 minutes to complete.

Upon finishing, you will receive a score out of 100 which tells you where you stand on disaster preparedness. You will also get a free whitepaper that unveils how your score was calculated, and the reasoning and importance behind each question.

Begin your assessment here.

If you need guidance or assistance in conducting a thorough self-assessment of your disaster recovery solution, feel free to reach out to us. We’re here to support you in ensuring the resilience and success of your organization.

Despite investing significant resources, companies are still losing data. This podcast takes a deep dive into data security and protection, where Demetrius Malbrough, founder and CEO of Data Protection Gumbo, interviews Jim Garn, Quorum’s CEO, about ransomware and recovery, and what they mean to small, medium and large businesses.

Here’s the link to the original podcast. Below is the video and transcript:

Table of Contents

[00:00:26] – Demetrius Malbrough

Welcome to Data Protection Gumbo. I’m your host, Demetrius Malbrough, and today we have a special guest, Jim Garn, who is the CEO of Quorum on the show. And Jim is big Air Force Academy guy, right? Serving in the Air Force for ten years, also finishing at the Pentagon. And he jumped into business, where he successfully led operations across a number of industries, including automotive software and life sciences industries. And so, as I mentioned, he’s the CEO of Quorum, which is a leading mission-critical operations, to offer fast, secure, and reliable data backup and recovery for businesses. So Jim, welcome to the Gumbo. How are you?

[00:01:16] – Jim Garn

I’m good. It’s great to be with you, Demetrius. Look forward to spending a couple of minutes talking about data protection and ransomware.

[00:01:24] – Demetrius Malbrough

Let’s do it. I heard you were the right guy to have this conversation with, so let’s dive in and have a conversation.

[00:01:32] – Jim Garn

Absolutely.

Experience with ransomware attacks

[00:01:33] – Demetrius Malbrough

And so there’s a lot of talk about ransomware within the news, within the industry, and just it’s everywhere. Even the White House is talking about it. They released a cybersecurity strategy a few weeks ago as well. And so a lot of resources, a lot of money, and a lot of eyes are looking at it. And so, as a data backup and disaster recovery vendor yourself, what has been your experience with ransomware attacks?

[00:02:05] – Jim Garn

So we have quite a bit of experience just being in the business and having a number of customers out there. I mean, ransomware. I think one of the things that we see is that your ability to defend against it is very difficult. So what you really need to do is make sure you’re prepared should you be hit by ransomware. And that’s where we really come into play with the backup and recovery side of the business. Often times, companies think that they’re going to defend themselves and prevent the attack from entering into their environment. What we find is that if a hacker wants to get into an environment, the odds are they’re probably going to get in. And so, like I said, the challenge is to make sure you’re prepared. It’s interesting, you mentioned that the recent release of the cybersecurity document strategy, we recently did a webinar on that to help some of our customers and potential customers better understand the document, which was rather extensive and a little bit challenging to follow. So we recently put together some kind of high points and talked about it, so worked out well.

[00:03:16] – Demetrius Malbrough

Yeah, I think it’s about 96 pages, 89 pages. It’s almost 100 pages.

[00:03:24] – Jim Garn

It references a lot of other pages, and people, and organizations.

[00:03:28] – Demetrius Malbrough

And that’s typical of a political document anyway; no one’s going to read it; just give me the highlights.

[00:03:38] – Jim Garn

When we were going through it, I accused or I told my product VP, I said, who is actually putting together the presentation. I said, I think what they’ve done is they used Chat GPT to put this together and then published it.

Protecting data when it comes to ransomware

[00:03:52] – Demetrius Malbrough

Yeah, I wouldn’t be surprised. Some White House correspondence or someone on the back end, decided to take the smart route. And just something else that I’ve noticed around ransomware is that everyone says that it’s not a matter of if, it’s a matter of when. Well, actually, yeah, I think I said that right. It’s a matter of when it’s going to happen because the statistics are rather high that you will one day get some type of breach in your environment, whether it’s ransomware, or it’s malware, or it’s some type of phishing activity from some bad actor somewhere, or even an internal employee, right? All of that or any of that can happen. So when you’re having conversations with C-level executives, Jim, what are you primarily trying to get them to understand about protecting their data as it comes to ransomware?

[00:04:57] – Jim Garn

Well, first of all, if you listen to what you just said, I think you pretty much hit the nail on the head. You talked about all the ways a bad actor could enter into an environment, and mostly what you talked about was how they could enter into an environment, typically by some mistake typically made by an employee. Not intentional, but how often, and I’m a key target, for I get more spam emails saying click here, click there, and it’s amazing how authentic they look. But what I emphasize is that it really starts with making sure that all of your employees are extremely careful that if they even slightly suspect that an email is spam or malware to make sure that they reach out to their IT group before they do anything with it. And my IT guy gets regular emails from me saying, “Take a look at this, is this valid or not?”. The other thing, besides employees clicking on emails, it’s making sure that within the IT organization that there is a well thought out strategy on how to manage passwords. One of the things we find is that companies sometimes, just because passwords can be challenging to stay on top of, they sometimes get a little bit lax in that space.

[00:06:31] – Jim Garn

And I think that’s another thing that I would emphasize, is making sure that companies stay on top of their password policies, strategies and making sure that they’re changed regularly. The final thing would be making sure that if they have multi-factor authentication, particularly for some of their key systems that they engage with that. We launched multi-factor authentication probably about six months ago, six, eight months ago. And one of the things we’re doing is when we install, we go through a new install. We’re making sure that when we complete that install, we’re also activating the multi-factor authentication with the customer. Because a lot of times, again, what we find is if we don’t do it, if we don’t make sure it’s done during that process, people get busy, they have other things that come up, and they never do it, and then they get hit by something, and then they have a problem. So it’s kind of those things, it’s the people to make sure that they’re constantly on guard. It’s making sure you’re taking care of passwords, making sure you’re using multi-factor authentication would be the kind of the key things and then also making sure you have a top rate disaster recovery solution.

[00:07:51] – Jim Garn

Because again, we can talk about antivirus software, we can talk about firewalls and all the things to shore up the walls around your environment. But again, as we talked about and as you indicated, you talked about people, and oftentimes the challenge is more with the people and those types of things than it is with some of the software that is trying to prevent the activity.

Why DR solutions have been overlooked in ransomware attacks

[00:08:17] – Demetrius Malbrough

Yeah, and the way I think about security controls nowadays, especially like multi-factor authentication and two-factor authentication, is that it’s like the analogy of in order to get a good job, you have to have at least a high school diploma, right? But it’s more like now you have to have a degree from a four-year university and also some type of, if it’s a technical position, an internship proving experience before you actually get hired at that particular job makes you more marketable. But those types of things now around security controls are like your four-year degree. Like you really have to have those things built into a solution because zero trust is a buzzword. But it’s also a way that security professionals started saying, Hey, we don’t give everyone authorization, right? So we’re going to say we don’t trust anyone, even the person who has access, give them minimal and least privilege possible. So one thing that’s often overlooked as well in that disaster recovery solution, you mentioned that last Jim, which it’s important. What do you think disaster recovery solutions have? Not what, but why do you think disaster recovery solutions have been often overlooked when it comes to ransomware?

[00:09:48] – Jim Garn

I think that in many respects, people think that they’re bought into the concept that they can prevent it or that it’s not going to happen to them. They’ve invested in the front end; they’ve invested in building the firewalls and those types of things, and they think that I’m not going to have. First of all, they think I’m not going to have a disaster, so I don’t necessarily need to invest in disaster recovery. And then, if they get beyond that or if they’re looking at ransomware, the odds of me getting hit by ransomware they think are low. But it’s like insurance; you hope it never hits, but when it does, it can be very painful and very costly. So that’s one of the things that we point out with our customers, is that it is like insurance. And when you think about it, and we have a number of customers that have been with us for a number of years, and they’ve been on we sell an appliance-based solution. The appliance is kind of the portion of it you’ve got to buy hardware, you got to buy a piece of hardware, and sometimes they bock at that.

[00:11:02] – Jim Garn

But many of our customers have been on the same piece of hardware for seven years. So when you look at what you’ve actually paid for the hardware over that time, it’s minimal compared to the pain you would experience going through a ransomware or even a disaster. Again, we have a lot of customers in the panhandle of Florida, along the Gulf, and as soon as when we see some of those swat big hurricane things building, we immediately get on the phone and make sure that everybody’s up to date and everybody’s current.

Keeping backups safe from ransomware

[00:11:34] – Demetrius Malbrough

Yeah, actually, there were a lot of news stories about ransomware infecting and encrypting backups as well. And so, yeah, we have a backup, but is that backup safe, right? So we’ve seen different things happen to backups, which is you mentioned insurance, right? It’s your insurance policy. But how can businesses ensure that their backups are safe from ransomware attacks?

[00:12:04] – Jim Garn

So one of the things we do is we do incremental backups and also their immutable, right? So that once you back it up, it’s locked. So essentially with our solution, what you do is identify when you were hit by ransomware, you go to the incremental backup just prior to being hit by ransomware, and you spin it up on the appliance. One of the things by using an appliance, when a lot of those ransomware, some of the high-dollar ransomware attacks, were taking place, the government was talking about the idea of air gap. And that’s one of the things that, by using a backup solution that is an appliance-based solution, or not connected into your production environment, or not part of your production environment, you get that air gap, that separation between the production environment and what you’re expecting to be there when you need it. So this goes back to making sure you have three copies—two places and one off site. So that’s the thing that, when you look at how to protect against ransomware and if you have a ransomware attack, that’s really our solution, is that you go to the backup that took place right before you were identified as being hit by ransomware and you spin that up, and you continue running the business while you clean your environment.

[00:13:31] – Demetrius Malbrough

And maybe a random question here. You’ve heard of Chat GPT, right?

[00:13:36] – Jim Garn

I already mentioned chat GPT. I told you that. That’s what I thought.

[00:13:40] – Demetrius Malbrough

Oh, you did. See you’re testing me.

[00:13:44] – Jim Garn

I’m testing you. Yeah, that’s right. My turn to test you.

[00:13:49] – Demetrius Malbrough

Have you played around with it for any business use or maybe personal? I don’t know.

[00:13:55] – Jim Garn

No, we did play around with it. We have kind of a company that we work with on a regular basis, kind of a mentoring situation. And they were talking about Chat GPT, and it was right before it all kind of really popped up in the news, one of my folks actually wrote a marketing piece using Chat GPT. It was actually pretty amazing how accurate it was. I’m not sure if that’s a good thing or a scary thing. I’m still sorting that out. But it was a great starting point. So I told him, I said, hey, good starting point. Now make it look like something we would have written or a person. You got to break it up, do some bullets, do some a little bit more texture to it than just a bunch of streaming words that sound good. So we did play with it a little bit.

Artificial Intelligence (AI) in backup and disaster recovery

[00:14:52] – Demetrius Malbrough

Okay. Yeah. And I bring it up. Because of artificial intelligence and generative AI. And, I mean, it’s a hot topic nowadays. Everyone’s jumping in the race. Google, Microsoft, of course, they’re, like, leaps and bounds ahead. IBM’s been doing it for decades, right? Watson and the chess matches, et cetera. But where do you see AI in artificial intelligence and also machine learning in the industry around disaster recovery and backup, and recovery?

[00:15:26] – Jim Garn

Well, one of the places I see it is using it to better identify potential threats within an environment. Using it to learn and understand what the signatures look like that you’re looking for, understanding, looking at things not just necessarily within your production environment, but looking for areas where you can identify that you are being targeted in advance for a potential ransomware attack, so that’s one of the things that we’re looking at right now, is adding some things to be more preventative or anticipatory and looking for those types of signatures that would indicate that there’s a potential attack.

[00:16:10] – Demetrius Malbrough

Wild question here.

[00:16:12] – Jim Garn

That’s fine. Go ahead.

The future of disaster recovery

[00:16:13] – Demetrius Malbrough

Tell me something I don’t know. Where do you think this whole market is going? Something like futuristic that we don’t know about the environment? Where do you think it is headed?

[00:16:25] – Jim Garn

Well, that’s a good question. I think a lot of it is in many ways, I don’t know what the idea of disaster recovery is. I don’t want to say if it’s a commodity, but it’s kind of like a meat and potatoes type of business, and we do what we do, and we do it well. I think the places where we will continue to grow is, like I said, looking to be smarter about anticipating and identifying where there are potential issues. Because, again, some of the companies have already jumped into that space where they’re doing a lot more analytics of the data that’s being backed up to look for those types of signatures and to be able to look for that stuff. So I think near to midterm, a lot of it’s going to be continuing to see how we can better protect our customers and give them advanced warning of things that may potentially happen.

Are tape storage going away?

[00:17:32] – Demetrius Malbrough

And maybe one more question. Are you having any conversations around like storage and maybe the different tiering models of storage and storing some data on tape or, for low cost, cheap, long-term, is it secure in storing it in the cloud? Are you having any of those conversations or it’s just all straight disaster recovery and not a whole lot about the tape in the cloud?

[00:18:01] – Jim Garn

Well, we’re always working with customers that we speak to that are using tape.

[00:18:10] – Demetrius Malbrough

Okay.

[00:18:12] – Jim Garn

We think that what we provide, whether it be through one of our devices, because, again, our offerings are fairly flexible. We have, like I said, an appliance-based solution. We manage our own private cloud. So you can either do replication of the cloud or you could actually do a direct to cloud disaster recovery solution. So we’re always working with customers and talking to them about the different methods of storage. One of the things that we are not is we are not a backup company, right? So, I mean, backup has become extremely cheap, and that’s just not what we do. If we do offer a customer a backup option, it is in combination with a solution that will immediately spin up and be ready to run in five minutes for the customer to get back online and back in business. So that’s what we do. If we get into a situation where we’re talking to a customer and they just say, I just want to back it up, we’re probably going to suggest to them that they look at organization companies that just provide backup. We do have companies that do tape, but in some ways a lot of those companies that are still using a tape backup are looking for ways to get off of a tape backup.

[00:19:42] – Jim Garn

And again, with all of the different storage methods and types these days and a lot of it getting fairly reasonably priced, it seems like people are getting more and more away from that. We do have people that are doing things in the public cloud, whether it’s Azure or AWS. So we do have customers that are doing things, obviously moving some of their applications to the cloud. And again, those are things that we can provide disaster recovery for. So we can provide disaster recovery for customers that are using the cloud to run their environments. So to answer your question, yeah, we are encountering those, or running, we’re having those discussions with customers to find the best solution for them.

[00:20:32] – Demetrius Malbrough

Yeah, I remember everyone was like, bashing tape, tape is dead and it’s going away, and I think we go through a cycle, like, every so many years, where we think something’s going to cease to exist. And maybe we’re there with AI in ML with some of the things and innovations that’s happening around that. But also, just looking at your background, there’s a lot of books there. What are you reading now? Or what’s your favorite book? Give us a book recommendation.

[00:21:08] – Jim Garn

It’s funny you asked for books, but don’t people just use Kindles anymore?

[00:21:13] – Demetrius Malbrough

See, I’m an old school book guy. I got to have it in.

[00:21:17] – Jim Garn

I love to handle books. One of the things that I didn’t really put in the bio, I teach yoga, and I do a lot of yoga, so a lot of the books that I read are more about mindfulness. I’m reading a book right now about studying breath and how breath influences health and well-being, mindfulness, and mental health. Yeah, it’s a book. It’s Breath by James Nester, so it’s not a real long book.

[00:21:52] – Demetrius Malbrough

But wow, you got to be in great shape to really take on yoga as a professor or profession.

[00:21:59] – Jim Garn

I do. In fact, I taught this morning. I had a 06:00 class. Yeah. So it’s something I do more on the weekends than anything else when I have a little bit of time. It’s a nice break from the day-to-day stuff.

[00:22:17] – Demetrius Malbrough

Well, it’s been super informative and insightful having you on the show, and any final shout-outs and maybe your website or blog post, or follow on LinkedIn.

[00:22:33] – Jim Garn

Well, like I said, you’re more than it we did recently do. If anybody’s looking for information on a better understanding of the security document, that strategic document that the government did, and wants a half an hour recap of it, feel free to go to our website, Quorum.com, and take a look at it. Anytime I have a chance to shout out to the employees of Quorum, I always want to say thanks, because one of the things that’s been great over the years since I’ve been here is that people stay with Quorum. They like Quorum. They believe in the product, and it’s always great to have them on board and great to be able to spend time with them.

[00:23:21] – Demetrius Malbrough

And how many employees do you have?

[00:23:23] – Jim Garn

We’re about 27 employees.

[00:23:26] – Demetrius Malbrough

Okay. Small. Okay.

[00:23:27] – Jim Garn

Yeah, we’re relatively small. Like you said.

[00:23:30] – Demetrius Malbrough

Small but mighty.

[00:23:32] – Jim Garn

There you go. Absolutely.

[00:23:36] – Demetrius Malbrough

All right. Well, Jim, it’s definitely been a pleasure. And before we go, I want to plug the Backup and Recovery Professionals LinkedIn group that I run. There are about 25,000 plus backup, security, storage, all different types of professionals within that group having great conversations. So just go to LinkedIn and search “backup and recovery professionals”, and you can join the group. And also, if you happen to be on Apple podcasts, please stop by Data Protection Gumbo and write a review for us, and that helps us out. So, Jim thank you again for being a guest on the show.

[00:24:20] – Jim Garn

Thank you.

[00:24:21] – Demetrius Malbrough

And also make sure out there in digital land that you stay secure and you back up often.

Every day, businesses face uncertainty and risks that are totally out of their control. Mitigating those risks are what responsible businesses should do, and that is what this guide will help you do.

In this article, we share our knowledge and experience with you as a disaster recovery solution vendor. We will share 4 of the most common scenarios that will require activating your disaster recovery plan. Then, we will teach you the basics on how to prepare and recover from these disasters should it ever happen to you. Towards the end, you will find additional resources and specifics on how to create a solid disaster recovery plan for 2023.

4 COMMON SCENARIOS THAT REQUIRE DISASTER RECOVERY

User Error – User error will continue to be the number one reason why businesses need to initiate a disaster recovery plan. User errors can range from simple mistakes such as accidental file deletion, typo, and password mismanagement to construction workers accidentally destroying cable or power lines. User errors should never be underestimated because they can have a colossal impact, such as a typo that took down Amazon for an afternoon or a bug that took down Facebook for 6 hours.

Cyber Threats – Cyber-attacks, typically in the form of ransomware, has exploded since 2020 as more and more office workers started working remote. According to Checkpoint, global attacks increased by 28%in the third quarter of 2022 compared to same period in 2021. Most cybersecurity experts agree that being attacked is not a matter of if, but a matter of when. The best approach to increase cyber resilience is through a layered approach with your disaster recovery solution as the last line of defense.

Power Outage – Power outages can cause significant disruptions to operations, and the business loss varies by industry. According to a survey by Consortium for Electric Infrastructure to Support a Digital Society (CEIDS), the average cost of a one-second outage among industrial and Digital Economy firms is $1,477, vs. an average cost of $2,107 for a three-minute outage and $7,795 for a one-hour outage. Severe weather during summer and winter will put additional strain onto the energy infrastructure, increasing the likelihood of power outages even in major metropolitan areas.

Natural Disasters – Natural disasters has caused $268 billion in damages in 2022, mainly driven by Hurricane Ian. These unexpected events often take businesses by surprise, which is why most businesses are unable to fully recover from hard-hit disasters.

THE BASICS ON HOW TO PREPARE FOR DISASTERS AND ENSURE BUSINESS CONTINUITY

Start with Business Continuity Planning – Before diving into disaster recovery planning, you need to start with business continuity planning. Although the two are similar in some respect, business continuity is broader and encompass the business as a whole. That is when business needs (such as acceptable level of downtime, RTO) and other requirements are uncovered.

Create a Plan with the Essential Elements – The disaster recovery plan, at the very least, should include the acceptable Recovery Time Objective (RTO) and Recovery Point Objective (RPO). In short, RTO is the acceptable downtime, and RPO is the acceptable amount of data loss. The IT department and the business as a whole should agree on both the RTO and RPO per business requirements (which should be uncovered in the business continuity planning phase). Further, the plan should include how often IT recovery should be tested.

Build a Checklist – Building a checklist lists of the specific required tasks when an outage occurs. At the very minimum, this list should be specific enough to guide general IT staff to initiate data recovery and restoration if the IT admins are not available (assuming the DR solution used is not “one-click” simple like what Quorum provides). At best, there should be checklists for both IT staff and management to follow in the case of an outage.

Define Activation Triggers – Knowing when to initiate a disaster recovery plan is just as important as what to do when a disaster occurs. We’ve seen companies initiate the whole bare metal recovery process after accidentally deleting a few files. We’ve also seen companies hesitant to activate disaster recovery even when they experience a major hardware failure, thinking they could’ve fixed the failure in a few minutes but instead took almost a day. There’s no right or wrong answer here. After testing the disaster recovery process, you should know how much resource is needed to initiate the disaster recovery process and what scenarios warrants triggering that process.

Build and Test DR Scenarios – An untested disaster recovery plan is almost as good as no plan at all. Many unforeseen obstacles and issues will arise as you go through the disaster recovery process. We’ve seen a lack of software update wreck a solid disaster recovery plan. We’ve also seen team miscommunication and technical glitches ruin the whole recovery process. Further, major disaster scenarios, such as the four mentioned above, should be tested because they are most likely to happen.

As we have learned with Met Opera’s ransomware attack, when developing a plan you need to include all potential actors. With Met Opera, the security team has stepped in and is driving all steps post-attack. We are not sure this was expected or part of the actual plan. If this is how the organization wants to run things, that’s fine, but it should be known in advance and be part of the test scenarios.

VIDEO: DISASTER RECOVERY PRE-PLANNING CHECKLIST AND LIST OF MANAGEMENT TASKS

Before the actual planning takes place, you need to assess your organization’s needs, resources, and goals. That is what disaster recovery PRE-planning is all about. This includes business continuity planning (as mentioned earlier), defining people’s roles and responsivities, and much more. Further, once the disaster recovery process is initiated, there’s a list of management tasks that requires completion, including starting a Call Tree, deciding on command center, and more. We have compiled a list of pre-planning checklist and a list of management tasks in this recorded webinar here for those of you who are serious about mitigating risks and being prepared

We continue to hear stories of successful ransomware attacks impacting large organizations. One of the more recent events highlighted the successful breach of the Los Angeles School District. As the CEO of a company that provides disaster recovery solutions, I struggle when I hear of these incidents. I struggle because I strongly believe they can be avoided, especially if you implement layers of protective measures against ransomware.

But what are these layers and can they protect your organization from someone attempting to break through? Let’s explore:

LAYER 1 – ACKNOWLEDGE THAT YOU ARE A POTENTIAL TARGET

If you don’t acknowledge you could be a target and prepare for a possible breach, you are a perfect target. Accepting an attack is a possibility, understanding the expense of doing nothing, and taking actions which will protect your data and your operations is critical to your avoiding an attack.

LAYER 2 – EMPLOYEES ARE YOUR FIRST LINE OF DEFENSE

The majority of the time, the path into your environment is through people.

1. An unsuspecting employee who innocently clicks a link or opens a well disguised attachment.

2. Someone who fails to change the default password to a new application. Chances are very good you can get in to a number of places by simply trying User Name: admin; Password: password.

3. Constantly train and remind employees to question anything that seems out of place. Even if the source is familiar, be suspicious, check the full email address before opening or clicking. If ever in doubt, check with your IT department.

LAYER 3 – TECHNICAL PROTECTION LAYER

Make sure you have all of the technical protections in place. Starting with access to the facility, to network perimeter protection (IPS/IDS), application protection with a top-rated Anti-virus/Malware software, host, and data/systems; make sure every piece of your environment is protected. Don’t skimp, find highly regarded tools to reduce the risk of entry. But know that people will break through this line of defense.

LAYER 4 – BACKUP AND DR: THE MOST OVERLOOKED LAYER

This layer may be the most overlooked layer. Layer 4 is to have a solid disaster recovery solution that can

1. offer separation from the production environment (air gap)

2. spin-up quickly

3. take you to a snapshot prior to the ransomware being detected

4. support your business for as long as it takes to correct issues within the production environment.

5. easily move the data back to the production environment

Related: If you want more details on how to prepare against ransomware, download this ransomware preparedness guide.

At Quorum, we have more than ten years of experience successfully protecting our customers from all forms of disasters including ransomware attacks. Originally designed to support the Department of the Navy, Quorum has spent the past 10 years building a product that has never been compromised and has always been there to support our customers.

With our recent release we now fully integrate into VMware to improve speed and simplicity in supporting virtual environments. With this addition, Quorum is now one of the best end-to-end solutions, supporting both virtual and physical environments. Request a demo today and check us out!

Do you or your customers use multiple disaster recovery solutions to protect your environment; possibly one to protect physical servers and the other to protect virtual servers. If your answer to this question is “yes” then I have to ask why.

Using multiple solutions not only adds major complexities to your environment, but also additional costs, and sometimes these costs can get hefty. That is why all-in-one disaster recovery solutions are quickly proving to be the stronger option. Here are the major benefits when you move away from multiple disaster recovery solutions to a single, all-in-one solution.

ELIMINATING COMPLEXITIES

1. Eliminate Complex Training

Having multiple solutions means your IT staff needs to be trained on multiple systems. They need to learn different interfaces, familiarize with how each solution integrates, and know how every solution fits together. More complexities arise when the key person who has all the training and knowledge decides to leave the company.

If you’re using an all-in-one solution, training is easy because your IT staff only needs to learn how to operate one system. No additional training or knowledge on integrations and data mapping required.

2. Eliminate Complex Support

When you have multiple solutions, support can be complex because you might need to call multiple vendors to resolve a single issue. Support can get even more complex when there’s integration because their support might not have experience with your integration methods. A typical response you’ll get is when customer support blames their problem on the integration or on the other solution, asking you to contact other vendors or the consultant that integrated your solutions. Often times, you’ll have to figure out the solution yourself, which can take a considerable amount of time.

If you chose an all-in-one disaster recovery solution, support will be easy because you only have one vendor. When a problem arises, that vendor cannot point fingers. Most of the time, a support case will get resolved easily because their other clients might have experienced the same problem before you.

3. Eliminate Complex System Management

The more systems you have, the more systems you need to maintain and update. Plus, system management can get even more complex if you’re integrating them together. Every time there’s a system update, you have to check whether all integrations are working because updates are known to break integrations. On the operations side, your IT staff has to jump from one platform to do the other just to perform a single task. Testing your disaster recovery plan will also take much more time because of these complexities.

All of the above can be eliminated if you choose an all-in-one disaster recovery solution. For Quorum, testing is automated, and managing your disaster recovery solution is almost as simple as “set it and forget it.”

4. Eliminate Complexities in Time of Emergency

The purpose of a disaster recovery solution is to help you recover during times of emergency. When you use multiple solutions, your staff will have to jump from one solution to the other, wasting precious time. The biggest risk is when the multiple solutions you use aren’t working properly because a new system update broke all integrations unknowingly, and your IT staff was “too busy” to check and fix this issue.

With an all-in-one disaster recovery solution, you can eliminate all these complexities. With Quorum, it’s even simpler to recover – just one-click, and all your systems will be back online.

REDUCING COST

5. Reduced Cost from Multiple Solutions

Some might think the price of multiple solutions would end up being the same since you’re using the same number of programs. Although that is possible, it is not the case 99% of the time. The single solutions will often claim that they’re the “best of breed” and charge premiums for it, even if the functionalities are no different than all-in-one solutions. Additionally, there is the cost of integration, which can get hefty depending on the solutions you choose.

If an all-in-one disaster recovery solution is able to help you recover from a disastrous situation, it is a “best of breed” solution. Plus, an all-in-one solution does not have any integration cost.

6. Reduced Cost from Additional Training or Certification

Some backup solutions are quite complicated where extensive training is required. Other backup solutions require both training and certification. Both training and certification requires time and money, which most organizations are short of. The more solutions you have, the more the cost. That is why you can greatly reduce cost from training and certification when you have an all-in-one disaster recovery solution.

7. Reduced Cost for Additional Headcount

Additional headcount is necessary when you have multiple solutions that require extensive training and certification. The common practice is to have one IT staff be in charge of one solution. This way, not only can you avoid overworking your staff, you can reduce business risk as well. Meaning, your backup and disaster recovery system will not halt when a person who has all the training and certification decides to leave the organization.

With an all-in-one disaster recovery solution, you do not need to hire additional staff to train and certify. With Quorum, disaster recovery gets even simpler because of our ease of use. When the CEO is not around, we often say “our solution is so easy that even our CEO can use it.”

QUORUM IS MORE THAN AN ALL-IN-ONE DISASTER RECOVERY SOLUTION

Quorum prides itself on flexibility, simplicity, speed, and security. With the launch of our latest version, we can now make this claim stronger than ever. Quorum has always supported virtual machines, but with the launch of version 6.0 we are now fully integrated into VMware. We are more than an all-in-one solution for your disaster recovery needs.

While the four qualities noted above have always been key tenants of our DR offering, it has never been truer than it is now. With 6.0, Quorum continues to provide flexibility by offering local high availability with the option for local replication at one of your backup locations or to our private cloud. We also support direct to cloud. In addition, Quorum has expanded the number of operating systems we support and will continue to adjust as new versions are released. We have built our solution to offer you flexibility and ease in how you implement you 3-2-1 DR plan.

SIMPLE, FAST AND EASY TO USE

Quorum is the simplest solution out there. When a server goes down for any reason, you press a button on your app and keep on working. Our product doesn’t require extensive training or certifications, it is that easy. With one quick session over the phone you’re an expert. And with 6.0 if you do have a failure, when you are ready to bring the server back up you simply load the VDMK using vMotion to ensure you don’t experience a minute of downtime.

When comparing speed we have always been fast but with the 6.0 version we have reduced our backup times by 95%.

AN ADDED LAYER OF SECURITY

When it comes to secure, we ARE your solution. Like our fellow competitors in the market, we are PCI, HIPAA, GDPR, and SOC2. We have encryption in motion and at rest. And by offering an appliance-based solution we provide “air-gap” protection’ this provides separation between your server and DR devise. Don’t overlook the importance of having separation from your production environment as the bad guys are targeting your production environment. That added separation has saved a number of our IT managers in times of crisis and protected against ransomware attacks.

Enough of my comments. Get a free demo today or reach out to one of our sales specialists to see how we can fully protect your environment.