When you hear the word “disaster recovery,” you might think of tornadoes, fires, floods, hurricanes, etc. But a disaster takes many forms—forms that Gillware’s experts in data recovery and digital forensics excel in dealing with. A disaster can involve any kind of natural data loss, such as the unexpected failure of a server, NAS device, external hard drive, or computer hard disk. It can also involve security threats from external bad actors such as hackers and other malcontents, as well as from internal bad actors (disgruntled employees stealing proprietary data, for example).
Whether you’re a sole practitioner, part of a small law firm, or part of a larger corporate law firm, these disasters can be perilous both for you and your clients. Imagine that your email server crashes, or your case records system goes down, or you get hit by the latest and greatest ransomware virus the day before you’re to appear in court. It’s a nightmare scenario, not just for you but your client. This is a situation where a livelihood, a future, or even a life could be at stake. These are all disasters you need to prepare for and be able to recover from.
While they don’t happen frequently, none of these situations are uncommon or even unlikely scenarios, and any legal firm of any size needs to be prepared to deal with them when they come up. Gillware Data Recovery and Gillware Digital Forensics encounters clients from all walks of life who need help with disaster recovery on a daily basis.
IT Security and Disaster Preparedness
It’s a scary world out there. No matter the size of your firm, you’re holding onto a lot of data from your clients that makes you a very attractive target for sneaks who’d like to take a peek at that data, or hold it hostage with a nasty WannaCry or Petya type ransomware virus.
When you’re a single practitioner, the only person who can be responsible for keeping your work safe from prying eyes and ne’er-do-wells is you. You need to know how to set up a firewall to protect your network from outside access. You need to have a VPN with two-factor authentication enabled in case you need to work from home or on-site at a client’s location. You need to be well aware of how malicious actors on the Internet use social engineering and phishing so you can avoid falling for their tricks and handing them the keys to the kingdom. It’s a tall order, but it’s more necessary now than ever.
In a law firm of any size, you need an IT department capable of handling these issues, educating the rest of the firm, and enforcing these policies. Secure VPNs with two-factor authentication need to be the norm for logging onto the network or using platforms like Gmail, Facebook, and LinkedIn at work, and employees should know how to make strong passwords for their individual machines, email addresses, and any other system they have access to, and know how to avoid phishing scams.
These are all necessary for disaster prevention. In the event the worst happens—if, for example, a ransomware virus does get past you—you need to be ready to restore those files.
Data Backup and Disaster Recovery
A RAID server or NAS device crashes, crippling a firm until its backup can be restored, or a hard drive or flash drive carrying important documents breaks down. A virus encrypts your documents or locks you out of your database. These are the situations that most often come to mind when you think of the disasters that can befall a you, and these are situations in which backup comes in handy.
When it comes to disaster recovery, what matters most is getting the lost data back and getting things back in working order quickly. Sadly, while plenty of businesses and organizations have their data backed up, this is where a lot of them choke. At Gillware Data Recovery, we’ve met business owners who had servers with twenty terabytes of data crash unexpectedly. They implemented their disaster recovery methods only to find that to their chagrin, those offsite backups they’d put their stock in would take days or even weeks for them to restore from—and in the meantime, they’d be dead in the water.
In these situations, backup for disaster recovery hinges on three important concepts: redundancy, autonomy, and RTO, or recovery time objective.
Redundancy is the essential principle behind data backup. But one backup isn’t always enough. Even when you have a cloud-based backup, what do you do when the cloud service provider suffers an outage? Even when you have an on-site backup, what if the disaster you’re facing has compromised them as well? The more backups you have, in multiple locations, the more resilient your data and your firm will be. A legal professional would do well to keep their critical data backed up in at least three locations, one of which is the cloud.
Autonomy is a necessary element of any good backup system. Backing up your data shouldn’t rely on human error. Uploading files manually to a Dropbox or Google Drive account is not a reliable form of cloud-based backup. A reliable backup system runs on its own schedule, incrementally backing up files as they are created and modified on a regular basis and keeping track of changes made, with the only human intervention consisting of regular audits to ensure that the backup works as intended when you need it to.
RTO refers to how long it takes for you to retrieve your lost data and get yourself back in the saddle. When you don’t have a backup in place for that server that just crashed, you typically need to either write that data off as a loss (with all the hurt that entails) or seek the aid of RAID data recovery specialists. Gillware’s experts can recover the critical data from a crashed server and get it back in a client’s hands within as little as one or two business days, although the turnaround time can vary depending on the situation.
When you tackle the question of how you are going to back up your data so a disaster doesn’t immobilize you for days or possibly longer, RTO, along with actionability, is the most important factor you can consider. An actionable backup can be swiftly and painlessly swapped over to as soon as the need arises.
Fortunately, the right backup solution that can make RTO as minimal and painless as possible. With the right backup service, even if a server crashes, you can switch over to a BDU or spin up a virtualized server in the cloud with only a minimal loss of current data within seconds, allowing you to limp along quite effectively while, in the meantime, a data recovery lab helps you get back any data you’ve lost since the last time the server was backed up.
IT Security and Disaster Recovery Survey
At Gillware Data Recovery, we’d like to know what approach you are currently taking when it comes to addressing IT security, backup, and disaster recovery in your profession. Visit our website to fill out our latest anonymous online survey on your firm’s cyber security state of affairs.