Disaster Risks With Third Party Vendors

Moving your network and data to an external provider’s building doesn’t make you immune from the impact of natural or man-made disasters. In fact, it could increase your risk if your chosen Cloud or Software as a Service provider operates from a location more prone to disasters than yours.

To account for this possibility, first incorporate your CSP’s Backup and Disaster Recovery Plan into your own BUDR. This will be critical in outages caused by storms, tornadoes, earthquakes, etc.

If your CSP operates from a geographic region prone to natural disasters, does it have a second location in another region that it can spin up quickly? If not, how long will you likely be down while it recovers?

What happens if an employee of your company or the CSP accidentally deletes important files or data or clicks on a link that triggers a Ransomware attack? Does the CSP perform automatic backups and how often? If so, where does it store the backups? Does it perform the backups itself or outsource that?

If needed due to an extended outage, can the backups still be accessed if you have to bring operations in-house or find another provider during a lengthy outage of days or weeks?

Check your insurance policy carefully, for this and other reasons. You need to know if it will cover the losses you experience from damage at your SaaS or Cloud provider.

You need to answer those questions before you sign with a CSP, and you need to know how much downtime you can legitimately afford.

For more information about performing a VRA on Cloud and SaaS vendors, grab your FREE copy of our e-Book, "Find Your Cloud 9's", which offers a mini-guide to the VRA process. 

To set up a Reference Interview on the questions you have about investing in new technology for your business, contact me at 302-537-4198, ericm@edminfopro.com or on our Contact form.