By Riaan Lombard - 19 August 2021
This article might seem to be “a little too late” but several sources recently reported of a planned attack on local policing and security infrastructure points set for 23 August 2021. Perhaps this is fake news or just media sensa-tion, but we thought it a good idea in any case to share some action points when your shields need to go up.
Run Forrest Run - Our number one riot rule: No human life is worth sacrificing for data or IP. When danger is imminent, stay clear of the affected and surrounding areas. With South Africans being forced to work from home during lockdown, we had the opportunity of either leaving the server locked away in a server room, or moving to the cloud (someone else’s server locked away in a room). If we look at the damage caused during the previous riot, it might be time to start thinking of moving to the cloud if you have not done so already.
Simulate the disaster - This is not always possible, but if you have the means to do so, perform a shutdown of your work infrastructure and test whether your workforce will be able to continue. One of the first problems you might run into is a disconnect from the Internet which may cause a general downing of tools. A possible solution to this would be to implement a 5G or LTE-A failover with a battery backup. This will however only help if cellular tow-ers are not affected. Use this opportunity to identify your critical systems needed to continue business operations.
The last successful backup - It is extremely important to confirm your last successful backup of your data. Equally important is to have this latest copy in an offsite location or backed up to the cloud. Another aspect to re-member is where your data will be restored to in the event that your server(s) are stolen or destroyed. This should form part of your disaster recovery plan which should be revisited often to ensure its validity.
Check your insurance policy - IOL reported the following on 21 July 2021: “All-risk property insurance policies protect the assets of a business against the risk of physical loss or damage from certain perils and the consequen-tial financial loss to the business. But these policies do not cover damage caused by vandalism, riots, public disor-der, and civil commotion. Nor do they cover damage caused through lawful attempts at controlling, suppressing or preventing these acts. Insurers simply do not underwrite these 'special risks'“. It is a good idea to contact your in-surance provider and find out exactly what you are to do in the event of a planned, or unplanned riot.
Assemble a crisis team - Establishing who your “soldiers” will be is a very difficult task. We are not faced with natural disaster and riot attacks daily, and therefor do not know how people will react in such situations. The key is to prepare for the situation before it happens. Set clear guidelines on who will be affected, what systems will be down, and who needs to be informed. Know where to update your website with closure notices, and how to indi-cate emergency contact numbers in your corporate communication. Write your emergency evacuation plan, and determine who your “freezers” are in a fight, flight or freeze situation. If at all possible, perform a simulated dry run to prepare for the worst and ensure that your most valuable assets, your employees, are safe.
Connect with us - The reality is that, even if we are completely migrated to the cloud, and have a rock solid disaster recovery plan, 100% business uptime can never be guaranteed. If our Internet infrastructure and power sources are attacked, our connection to our business systems will be disrupted. We hope that this article aided in providing you with some ideas on aspects that are often overlooked and need to be planned for in advance. Be sure to get in touch with us if you would like to draft your disaster recovery plan. Stay safe.