| > Turns out there's a huge difference between restoring the occasional system, and restoring everything. And yet it makes sense to regularly test even the "black start" scenario, just like in power grids: - ransomware isn't the only threat to a datacenter, by far not. Particularly here in Europe, the scenario of an outright nuclear, conventional or EMP attack taking out entire sites is getting back onto the discussion table for disaster preparedness plans, but you also have to account for stuff like fires, water damage, a building collapsing, suicide bombers... - you keep the employees sharp on their skills in DR - you uncover where stuff is missing or (under-)documented. If you're a multinational org, it makes sense to have everything documented to a degree that an entire offsite team can just fly in and do everything needed to recover. - you identify all the various servers that are (sometimes literally) stowed away in a cleaning storage locker but provide crucial services - you identify bottlenecks that you can use to improve your plans. Basically, stuff like splitting out "cold" data that's rarely required to its own database so you can keep at least a rudimentary version of your service running while restoration is ongoing. |