But in today’s article, we’re going to focus on IT insurance from the perspective of what we can’t touch, and that’s data and architecture.
Conventional insurance companies can provide insurance for physical servers, equipment, or even entire server rooms or data centers relatively easily. IF someone wants to hurt you by stealing or if there just happens to be damage, you need to have at least some assurance that you won’t come up empty.
But even if you are left with a physical server or its value as compensation, what was running on it can no longer be protected by ordinary insurance. So we have to look at IT insurance in a slightly different way – with disaster recovery, exit strategies and back-up processes.
This will be the area we focus on most in today’s article. Disaster recovery (translated as disaster recovery – but don’t use that in real life when communicating with technicians) is a set process that keeps IT up and running even when there are problems with the core infrastructure.
A lot of things can happen – power goes out, internet goes down, a building burns down, things are stolen. It doesn’t really matter what disaster, minor or major, occurs, but what is important is that the company is not completely cut off from IT. Let alone a complete and final cut-off from data and architecture, precisely when the consequences of the situation are permanent.
The reason we talk about disaster recovery as IT insurance is simple – if a company is prepared for Plan B, has the Plan B infrastructure up and running, then relatively anything can happen and the damage will be minimized.
WHY DO COMPANIES AVOID DISASTER RECOVERY?
The answer is again very simple – finance. Because for disaster recovery to work well, you need to run two IT infrastructures at all times. One is the normal one that your business runs on day-to-day. The other is the backup one, and you’re actually paying for something that is a sunk cost most of the time.
You think that description reminds you of something? And you’re right, we’re drawing on a strong similarity to insurance here. Once you pay that, it’s gone, but if you didn’t have it, you’d be tearing your hair out when you had problems paying for it.
So on the face of it, the effectiveness of disaster recovery is nil, but the moment something happens, it’s the only lifeline you get.
HOW TO DO DISASTER RECOVERY?
Regardless of how you run your IT, disaster recovery doesn’t have to be a clone of your operational environment. So if you actually have servers, you don’t have to immediately get servers for your backup site as well.
In fact, disaster recovery can very well be provided by a cloud environment. This saves you, for example, at least investment costs. But every business is different, it’s an individual entity with individual needs, so before you dive into disaster recovery, consult the experts.
We are now at the stage where disaster recovery covers the ability to run the infrastructure at a separate location to keep the business running. What about the data? Back-up or data backup must go hand in hand.
I mention this basic thing because companies tend to back up where they operate. And do you see the problem? If something happens in the offices, even the best backup can be lost. That’s why it’s important to think about data backup in the context of a possible main site disconnect. If the building burns down at a moment’s notice, where will we keep the data to keep it safe?
Data is a very sensitive thing. GDPR gives us clear instructions and, in addition, companies in some industries don’t have the freedom to store it in the cloud, for example. Even so, it is possible to back-up, it just might take a little more ingenuity. But even here, experts can advise and find solutions.
And then there’s the special situation that regular insurance would be short on. You might have an IT service provider – for example, a cloud infrastructure provider – and suddenly decide not to provide the service anymore. And you have the whole running of the business in it.
But IT insurance is not that helpless. In fact, a company should have an exit strategy for such cases. It’s a back-up plan for not losing your environment and data if you have to leave the provider for whatever reason.
You need to set up such a plan before you sign the contract, but if you do, you’ll save what you can. After all, if you deal with such a thing when it occurs, you may find that the provider leaves you with tears in your eyes and holding data that is in an unusable format. But for more on this topic, check out our two-part series – The Selection of Cloud Provider Starts with an Exit Strategy and How to Design a Good Exit Strategy.
IT Insurance Is Largely a Technical Issue
When you take out a regular insurance, you get advice from someone who understands it. But IT insurance is nuclear physics in its complexity. So don’t underestimate the consultation and analysis done by experts in IT infrastructure and solutions. Your business will thank you in the event of an emergency.