Terry Childs

Whether you’ve heard of him or not, the Terry Childs case is an interesting and compelling argument for multiple levels of responsibility when it comes to security. When it comes down to it, the same is true for disaster recovery.

With your business’s security, there are definitely some compelling reasons to restrict the number of people who have access to sensitive information. With your disaster recovery plan, there are not. The simple truth is that the more people in your company who are aware of the plan and know what their role is in that plan, the more smoothly things will go when the disaster comes.

This infographic prepared by CareerBuilder claims that 60 percent of employers believe that should a disaster strike, their employees would know what to do. I wonder what the result would be if we asked the employees themselves. Do you think your employees (or your clients and their employees) know what to do when there’s a disaster, or are you the only one who knows what’s going on?

Of course, even in a disaster recovery plan, there are some security issues that need to be controlled, but again, you need to have a plan that assumes that everything is going to go wrong. John Motazedi, who’s the CEO of StorageCraft partner SNC Squared, says it like this:

Similarly, if your backups are encrypted, who has the passwords? You don’t want to be prepared for a disaster only to be foiled by perfect, waiting backup images that you simply can’t access.

Your plan probably deals with data and applications, but it needs to account for people and processes as well. In the same way that you store your backups locally and offsite to make sure you’re covered regardless of the type of disaster, you need multiple points of protection for the more material parts of your plan as well.

Matt Rayback, StorageCraft