The Disaster Recovery is a plan developed in order to restore the accessibility and the various functionalities of the IT infrastructure. Access and functionality, in case of Disaster Recovery, have been violated due to natural physical events (such as earthquakes, fires, floods) or caused by illegal violations through cyber attacks, or events caused by human errors that impact the malfunction and damage of the IT infrastructure.

Being able to restore the IT infrastructure and bring it to the situation prior to damage is an issue closely connected with Business Continuity.
In fact, a rapid recovery or replication of the servers with a Disaster Recovery plan allows to minimize the amount of company downtime, thus maintaining business continuity.

Specifically, the Business Continuity is the company project that allows you to protect and keep company operations and functions active after an emergency with consequent damage to the infrastructure. In the concept of Business Continuity, emergency events have a broader concept and may also concern power cuts, malfunctions in power equipment, up to a significant drop in personnel linked to the core business. A company stoppage involves the consequence on the company of the loss of money relative to the period of interruption.
Without a Business Continuity plan it can lead to huge losses.

That said, some points are key:

• Establish a Disaster Recovery plan allows the restoration of Business Continuity in the face of the emergency. The plan has the purpose of dividing different levels of disaster and priorities (from a Business Continuity perspective) in the various systems and IT areas present in the company.
  The Disaster Recovery plan does not only envisage the activities to be carried out to restore the infrastructure in the event of an emergency, but also the recurring prevention and control activities over time.
   
• The Business Continuity and Disaster Recovery plans are fundamental steps for companies that want to meet the fulfillment of the management standards ISO 27001, ISO 22301 and, in particular, ISO 27031. In fact, the standard ISO 27031 provides the following: "Strategies should define approaches to implement the necessary resilience in order to implement the principles of prevention, detection, response, recovery and recovery from incidents", giving a pragmatic look at how to implement Business Continuity plans and Disaster Recovery, using established protocols that minimize human error and instinctive choices.
  The Disaster Recovery plan is to be implemented internally or much more frequently occurs with the advice of external experts, always considering that it is a plan that must change according to company changes and it is therefore good practice to review documents and contracts to ensure that they are always adequate to the corporate IT infrastructure.
   
• Furthermore, from 25 May 2018 the GDPR (General Data Protection Regulation), the EU Regulation 2016/679, regarding the protection, processing and free circulation of personal data of natural persons.
  Among other indications, it reports: "The data controller and the processor shall put in place adequate technical and organizational measures to ensure a level of security appropriate to the risk, which include, inter alia, where appropriate: [...] c) the ability to restore promptly the availability and access of personal data in the event of a physical or technical accident. [...] "
  
  Disaster Recovery is, therefore, the only plan that meets the GDPR requirements and allows you to quickly recover lost or damaged data!
   

Contact us to develop your ad hoc Disaster Recovery plan in the cloud with our specialized technicians to be GDPR compliant.