Disaster Recovery and Business Continuity Review: “highly readable”

Mark Rowe, editor of the Professional Security magazine reviews Disaster Recovery and Business Continuity: A quick guide for organisations and business managers, by Thejendra BS.

The review

If you find your organisation has blank computer screens, it’s too late to turn to Disaster Recovery and Business Continuity, by Thejendra BS – especially if you want to read the e-book or to order it online. That would be your own fault; and it’d be a pity, as the book is highly readable.

As the author points out early on, predictable disasters can strike, and hoping for the best or paying for insurance might not suffice. Whether due to a hacker or virus, fire, explosion or power cut, human error by a contractor, or failure of your data centre back-up, your computers may fail, and the inter-connectedness of business may mean that if part of your business or a supplier loses their IT systems, you can’t carry on either. And lost time can soon equal money. The book’s subtitle is ”A quick guide for organisations and business managers”, and the author is as good as his word, noting that a technical disaster does not always require a technical solution: “It’s about providing quick workable alternatives to minimise adverse impact.” He covers plenty of ground, as budgets are seldom unlimited and the DR and BC specialist or team has to consult with other managers. Information and cyber security, for example, take up two of the book’s total of 15 chapters.

The writer does us a service by admitting disarmingly at the very start that disaster recovery and business continuity (DR and BC) “are often considered to be a costly, complex and over-complicated task that can only be handled by specialists”. The author instead takes you through the various terms and risks, and suggests that you can plan for DR and BC, by “qualified internal members of staff, contractors, external consultants and some common sense”. Some of the author’s generalisations can be queried – is it really true that “business people prefer to avoid travel unless it’s absolutely essential”, for example?

As an example of how the book covers many angles at some speed, industrial espionage is done in three pages. The author advises background checks on all staff, “especially newly hired staff”, storing data properly and using software tools to check if files are copied illegally, shredding documents once used, and hidden CCTV in restricted areas. As the author, an IT manager (and fan of cricket) in Bangalore, notes , anyone can photograph sensitive information and send it by email via mobile phone without going through your computer network. The author, then, is alert to security besides IT in general.

The book closes with a chapter entitled “How do I get started?” that details plans, making mock runs, and sample checklists. It’s striking that every recovery from disaster is unique, although IT is all about technology – and those specialists in the field might give that impression. So much is about finance, the law, and what we can sum up as ‘the human factor’, whether it’s a choice between outsourcing IT staff or not, or computer users falling for phishing attacks. While you can use sample or template checklists and plans, the author shows that you have to go into some detail, if not at first, and planning is a process and not a one-off. Do you have emergency contact numbers? Have you ever discovered the horror of trying them after office hours?

Find out more and read your own copy of Disaster Recovery and Business Continuity: A quick guide for organisations and business managers, RRP £29.95.