Enabling Business Continuity & Disaster Risk Recovery for a Global Logistics Enterprise
After being a target of a massive cyber breach and malicious activity, the client realised their business continuity programme was insufficient. The operational and financial impact of a disruption brought about by a cyber incident has cost millions of dollars and thousands of hours in lost productivity and valuable data.
Pragma was required to help put technology or solution in place to recover business-critical applications quickly if another incident ever occurs. The answer needs to be able to scale and support twelve countries supporting the client's network of more than 500 locations. The critical applications need to be available with a Recovery Time Objective (RTO) of less than one hour, 365 days a year.
Pragma presented and implemented a 4-stage business continuity programme and disaster recovery system that is ISO 22301 Business Continuity Management compliant—specially developed for the client's critical system across twelve regional hubs in three months. Pragma had also set up a fully managed 24/7 Disaster Recovery Infrastructure on the cloud using Veeam's Backup & Disaster solution, enabling a cost-efficient recovery without the need to allocate additional workforce or resources. The cloud-based solution can restore critical client systems within one hour and allow access to all applications for all users from any location.
The system in place also institutionalises a regular Disaster Recovery testing regime conducted in all regional hubs that involve simulation of different disaster scenarios and conducting documented disaster recovery tests, ensuring that the backup lifecycle is maintained properly.
Pragma supported the client during the ISO implementation phase by documenting the procedures and policies and ensuring the DR testing met the criteria set by the ISO.
With the help of Pragma's Security Architecture Team and several workshops with the client's IT team, across the ten countries, a tailor-fit Business Continuity Plan focused on the client's critical system was rolled out across the entire organisation and certified by both regulatory and local auditing bodies on each regional site. A bi-annual review and disaster recovery testing are performed with additional cyber security awareness training for the management staff. The solution has met businesses' requirements, giving them access to their critical systems 24/7 securely from any location. The system protects from ransomware attacks and unauthorised threats.