In last week’s post, our Chief Security Information Officer, Michael Johnson, talked about ransomware as a symptom of a more significant ailment - a lack of well-defined controls, securities, or policies preventing malware infection. This week, we explore capabilities needed to protect facility infrastructure and maintain an acceptable level of business operations immediately following an attack.
In addition to proactive threat prevention from bad actors, it is equally important to plan for infrastructure outages, whether caused by malware infections, system failures, or natural disasters. Well-developed disaster recovery (DR) capabilities ensure timely system and data recovery.
In an environment where many hospitals operate on thin margins, investments in disaster recovery solutions are often considered low priority. However, the return on investment can far outweigh its cost in the event of largescale data loss. Every hospital should have a strategy for these key DR capabilities:
- Business Continuity and Disaster Recovery (BCDR) framework– All automation and manual streams within the infrastructure should be well-defined to allow for the recovery of all storage, compute, and networking from outages, including recovery from ransomware events. Regular testing and refining of a BCDR plan are needed to meet and exceed previously defined service level agreements (SLAs), operational level agreements (OLAs), or any additional service level targets (SLTs) as defined by the organization.
- Server component redundancy – Identify any bottlenecks or single points of failure within the infrastructure and make sure to build redundancy for both physical and logical areas of concern. Topics include multiple power sources, server components, monitoring tools, network layer redundancy, etc.
- Storage resiliency – Ensure storage arrays and the data they contain have the highest resiliency and availability for the organization. Consider configuring arrays in at least a RAID 6 configuration to tolerate up to two drive failures within the array without incurring data loss in the event of a drive failure or degradation.
- Separate production copies of data – Consider additional production copies of data within the array and a second physically disparate array with synchronous or asynchronous replication to prevent total array failures. Replication can be accomplished through hardware or software solutions.
- Point-in-time restoration – In conjunction with multiple copies of synchronous or asynchronously replicated production data, retain point-in-time snapshots of data stored for lengths of time defined in OLAs or SLAs as agreed to by the organization. Point-in-time snapshots will enable restoration to a certain point in time to meet a recovery point objective (RPO). These copies are critical in the event of an encryption-type ransomware event.
- Geo-redundant disaster recovery strategy– To bolster redundancy, resiliency, and recoverability of the primary data center, the implementation of a secondary, geo-redundant disaster recovery plan is required. There are three main types of DR centers to consider:
Cold sites provide power, networking, and storage failover capabilities but may not include all the necessary hardware to recover wholly and immediately.
Warm sites cover all elements to provide power, networking, and compute capabilities ready to failover.
Active-Active sites offer load balancing between locations and can failover one entire data center to another.
- Virtual tape backups – Write production data to a virtual tape library capable of ingesting data streams from all various workloads. Ideally, store daily, monthly, and annual copies of data in these lower-tier devices if high availability processes become inaccessible.
- Virtual tape off-site replication – Replicate virtual tape copies to another geo-redundant location to ensure long-term archive data is recoverable elsewhere.
- Physical tape backups – For cold data archives, physical tape backups are still a cost-effective method to ensure that long-term data is accessible on magnetic media. Have devices in place along with the facility’s BCDR strategy to ensure readability and recovery of tapes.
- Physical tape off-site vaulting strategy – Along with physical tape strategy, it is ideal for storing tapes or copies of tapes off-site for long-term retention. Off-site storage is essential if production data, virtual tapes, or physical tapes are no longer accessible.
What Do Recovery Capabilities Mean to Business?
Without the proper recovery and backup systems in place, a hospital that experiences any data loss—from human or natural elements—will often suffer in several areas, including financial and operations losses, regulatory fines, drops in care quality, and reputation.
Avoiding many of the effects of data loss from a disaster is intrinsically tied to recovery capabilities. Hosting your facility’s EHR solution with a reliable partner can ensure the capabilities outlined here are covered, removing much of the DR burden from your facility.
At MEDHOST, our EHR cloud-based hosting service, MEDHOST Direct, covers facilities with high data availability and disaster recovery services. This solution alleviates many of the burdens associated with maintaining and managing your hospital’s DR infrastructure and business continuity strategy.
If you want to learn more about how MEDHOST can offer more peace of mind, reach us at firstname.lastname@example.org or call 1.800.383.6278.