• 05 June 2026, 19:04 PM

Email Support

support@dsmgroup.co.uk

Call Us

03333 22 11 00

Head Office

The Old Hangar, Peterborough PE8 6NE

Category Archives: Disaster Recovery

  HomeDSM Group   : :   Disaster Recovery
Business continuity
Posted on By Author DSM Group Categories Business Continuity, Disaster Recovery, Workplace Recovery

If your office was gone tomorrow, what’s your plan?

Most organisations believe they are prepared for disruption because they have backup systems and disaster recovery plans in place.

But these plans often focus on technology.

They overlook one critical factor:

People.

Because if your office becomes unavailable, your ability to operate depends on far more than your servers.

The Overlooked Risk in Business Continuity

Disaster recovery strategies traditionally prioritise:

  • Data protection
  • System recovery
  • Infrastructure resilience

These are essential.

But they only address part of the problem.

If your physical workspace is unavailable due to:

  • Fire
  • Flood
  • Power failure
  • Access restrictions
  • Security incidents

Your systems may still be recoverable.

Your business, however, may not be operational.

What Happens When the Workplace Is Lost

When an office becomes unavailable, disruption spreads quickly:

Staff Displacement

Employees have no designated place to work, leading to immediate productivity loss.

Access Challenges

Even if systems are available, secure access may be limited or unavailable without proper planning.

Communication Breakdown

Telephony systems, internal communication tools, and customer contact channels may be disrupted.

Operational Delays

Without clear processes, decision making slows and confusion increases.

This creates a situation where systems may be functional, but the business cannot operate effectively.

Why Traditional DR Plans Fall Short

Many disaster recovery plans assume:

  • Staff can work remotely without issue
  • Systems can be accessed securely from anywhere
  • Communication channels will remain available

In practice, these assumptions often fail.

Remote working may not be suitable for all roles.
Security controls may restrict access.
Infrastructure may not support sudden demand.

Without structured planning, recovery becomes fragmented and slow.

What Workplace Recovery Actually Requires

A complete workplace recovery strategy ensures that people can continue working, even when the primary office is unavailable.

This includes:

1. Alternative Workspace

Pre-arranged, fully equipped environments where staff can operate immediately.

2. Secure Access to Systems

Reliable, secure connectivity to critical applications and data.

3. Telephony and Communication Continuity

Ensuring calls, emails, and internal communications remain operational.

4. Defined Recovery Processes

Clear instructions on where staff go, what they do, and how operations continue.

5. Scalability

The ability to support a large number of users simultaneously under emergency conditions.

Integration with Disaster Recovery

Workplace recovery should not exist in isolation.

It must be integrated with your wider disaster recovery strategy:

  • Systems must be available where staff relocate
  • Access must be secure and controlled
  • Processes must align across IT and operations

Without this integration, recovery efforts become disconnected.

The Role of Your IT Partner

Delivering effective workplace recovery requires more than internal planning.

It requires an IT partner capable of providing:

  • Secure, resilient infrastructure
  • Rapid system availability
  • Physical recovery environments
  • End to end coordination

Many providers focus solely on data backup or system recovery.

Few provide the full capability required to keep a business operational.

Final Thought

Losing your office does not have to mean losing your business.

But without proper preparation, it often does.

Business continuity is not just about restoring systems.

It is about ensuring your organisation can continue to function under any circumstances.

If your workplace was unavailable tomorrow, would your business continue operating or come to a stop? Talk to us about Disaster Recovery and Business Continuity solutions for your business.

    Please prove you are human by selecting the heart.

    system hacked
    Posted on By Author DSM Group Categories Cyber Security, Disaster Recovery

    Cyber Attacks Don’t Shut Down Systems. They Shut Down Businesses.

    When most organisations think about cyber attacks, they think about IT systems.

    Servers go offline.
    Files become inaccessible.
    Applications stop working.

    But that is only the surface level.

    The real impact of a cyber attack is not technical.
    It is operational.

    Because when your systems go down, your business goes with them.

    The Difference Between IT Impact and Business Impact

    An IT failure is measurable in systems.

    A business failure is measured in consequences.

    When a cyber attack hits, the immediate effects are rarely limited to infrastructure. Instead, the disruption spreads quickly across the organisation:

    • Revenue generation stops
    • Staff are unable to perform their roles
    • Customer services become unavailable
    • Internal communication breaks down

    What begins as a technical issue rapidly becomes a business-wide crisis.

    And the longer systems remain unavailable, the more severe the consequences become.

    The Hidden Cost of Downtime

    Many organisations underestimate the true cost of a cyber incident because they focus only on recovery of data.

    In reality, the most significant losses come from downtime:

    • Financial loss from halted operations
    • Customer attrition due to lack of service
    • Reputational damage that can take years to repair
    • Regulatory exposure in sectors with compliance obligations

    In some cases, businesses recover their data but never fully recover their position in the market.

    Why Prevention Alone Is Not Enough

    Cybersecurity tools are essential.

    Firewalls, endpoint protection, monitoring systems, and user training all play a critical role in reducing risk.

    However, no environment is completely immune.

    Attack methods evolve constantly.
    Human error cannot be eliminated.
    Supply chain vulnerabilities introduce external risk.

    The question is no longer:

    “Can we prevent an attack entirely?”

    It is:

    “What happens when something gets through?”

    This is where many organisations fall short.

    They invest heavily in prevention but give far less attention to resilience and recovery.

    Backup Is Not Business Continuity

    A common misconception is that having backups is enough.

    Backups protect data.

    They do not restore operations.

    After a cyber attack, recovery involves far more than retrieving files:

    • Infrastructure may need to be rebuilt
    • Systems must be validated and secured before going live
    • Dependencies between applications must be re-established
    • Users need safe and controlled access

    This process can take hours, days, or longer without the right preparation.

    During that time, the business remains effectively offline.

    The Importance of a Complete Disaster Recovery Strategy

    A true disaster recovery approach goes beyond backup.

    It ensures that your business can continue operating, even during a major disruption.

    This requires:

    1. Secure, Replicated Infrastructure

    Not just stored data, but ready-to-run environments that can be activated quickly.

    2. Defined Recovery Processes

    Clear, structured procedures that are understood by both technical teams and business stakeholders.

    3. Rapid Failover Capability

    The ability to switch operations to a secondary environment with minimal delay.

    4. Workplace Recovery

    Ensuring staff have access to systems, communication tools, and a place to work if the primary office is unavailable.

    5. Regular Testing

    Simulating real-world scenarios to validate that recovery works under pressure.

    Without these elements, recovery becomes slow, uncertain, and risky.

    Why Your IT Partner Matters More Than Ever

    One of the most critical decisions an organisation makes is choosing the right IT partner.

    Not all providers approach security and disaster recovery in the same way.

    Many focus on:

    • Basic backup solutions
    • Reactive support
    • General IT services

    But in today’s threat landscape, that is not enough.

    You need an IT partner that is:

    Security First

    Actively focused on protecting your environment, not just maintaining it.

    Proactive, Not Reactive

    Identifying risks and weaknesses before they become incidents.

    Experienced in Real Recovery Scenarios

    Understanding what actually happens during a crisis, not just what should happen in theory.

    Able to Deliver End-to-End Disaster Recovery

    Providing complete solutions that include infrastructure, failover, and workplace recovery, not just data backup.

    Because when an incident occurs, your IT provider is not just supporting systems.

    They are supporting your ability to operate as a business.

    From IT Recovery to Business Continuity

    The organisations that recover quickly from cyber attacks are not necessarily those with the most advanced technology.

    They are the ones with the most complete strategy.

    They understand that:

    • Recovery is about people as well as systems
    • Speed is as important as security
    • Preparation is more valuable than documentation

    Most importantly, they treat disaster recovery as a core business function, not an IT afterthought.

    Final Thought

    Cyber attacks do not just disrupt infrastructure.

    They disrupt operations, revenue, and trust.

    And in many cases, it is not the attack itself that causes the greatest damage.

    It is the inability to recover quickly and effectively.

    If your current strategy is focused mainly on backup, it may be worth reassessing your level of risk.

    Ask yourself:

    If your systems went down today, how much of your business would still be operational?
    Speak to us to discuss a complete DR plan today

      Please prove you are human by selecting the key.

      Modern IT Landscape
      Posted on By Author DSM Group Categories Cloud Computing, Consultancy, Data Centre, Disaster Recovery, ESG, Hardware & software, Hosting & Colocation, IT Support

      The Modern IT Landscape: Technical Challenges Facing Businesses in 2026

      he current IT environment is defined by rapid innovation, but also by compounding complexity, expanding attack surfaces, and operational fragility. Businesses are no longer simply “using IT”—they are entirely dependent on it. As a result, infrastructure decisions now directly determine resilience, security posture, regulatory compliance, and ultimately commercial survival.

      Below is a deep technical breakdown of the most pressing challenges organisations face today.

      1. Cloud Complexity and Misconfiguration Risk

      The shift to hybrid and multi-cloud architectures has created distributed, fragmented infrastructure models that are inherently difficult to secure and manage.

      • Cloud adoption continues to accelerate, driven by scalability and AI workloads
      • However, misconfigurations remain the dominant cause of breaches, with poorly secured storage, IAM policies, and exposed services acting as entry points
      • Recent findings show up to 80% of cloud breaches stem from basic configuration errors

      Technical Reality

      Modern environments include:

      • Multi-cloud (AWS, Azure, private cloud)
      • Kubernetes / container orchestration layers
      • CI/CD pipelines with embedded secrets
      • API-driven microservices

      Each layer introduces:

      • Identity sprawl (users, service accounts, tokens)
      • Policy inconsistency across platforms
      • Limited visibility into east-west traffic

      Implication

      Without centralised governance, continuous configuration monitoring (CSPM), and identity control, organisations are operating with unknown exposure risk.

      DSM Alignment

      A properly architected colocation plus private cloud hybrid model, supported by managed services, allows:

      • Deterministic control over infrastructure
      • Reduced reliance on hyperscaler complexity
      • Secure segmentation and predictable performance

      2. Explosion of Attack Surface and Identity-Based Threats

      The traditional network perimeter is effectively gone. Modern environments are defined by identity, not location.

      • Machine identities (APIs, certificates, service accounts) now vastly outnumber humans
      • Credential theft accounts for a growing proportion of breaches, with sharp increases in compromised identities

      Technical Reality

      Attack vectors now include:

      • Stolen API tokens from CI/CD pipelines
      • Compromised service accounts with excessive privileges
      • Lateral movement via poorly segmented networks
      • Abuse of OAuth and federated identity systems

      Traditional controls such as firewalls and VPNs are ineffective against:

      • Authenticated attackers
      • Insider threats
      • Compromised machine identities

      Implication

      Security must move toward:

      • Zero Trust Architecture (ZTA)
      • Continuous authentication and behavioural monitoring
      • Least privilege access enforced dynamically

      DSM Alignment

      This is where managed cybersecurity services become critical:

      • Identity governance and privileged access management
      • Network segmentation within controlled data centre environments
      • SIEM and XDR monitoring with real-time threat detection

      3. AI-Driven Threat Acceleration

      Artificial Intelligence is now both a defensive tool and a threat multiplier.

      • The majority of organisations are using AI, significantly expanding attack surfaces
      • AI enables attackers to automate phishing campaigns, malware generation, and reconnaissance

      At the same time:

      • AI systems introduce new trust boundaries
      • Autonomous agents can interact with systems without human validation

      Technical Reality

      AI introduces:

      • Unstructured data exposure risks
      • Model poisoning and prompt injection vulnerabilities
      • API-level attack surfaces
      • Autonomous decision-making risks

      Implication

      Security models must evolve to:

      • Treat AI agents as identities
      • Enforce strict access controls and audit trails
      • Monitor behaviour, not just signatures

      DSM Alignment

      A secure, controlled hosting environment rather than uncontrolled public AI integrations enables:

      • Data sovereignty
      • Controlled AI workload deployment
      • Reduced exposure to external threat vectors

      4. Data Centre Demand, Power Constraints, and Sustainability Pressure

      The backbone of IT, data centres, is under unprecedented strain.

      • Global demand for data centre capacity is expected to triple by 2030
      • Power consumption is rising dramatically, becoming a primary constraint
      • Data centres are now considered critical national infrastructure in the UK

      Technical Reality

      Operators face:

      • Power density challenges from AI workloads such as GPU clusters
      • Cooling inefficiencies between air and liquid systems
      • Grid constraints and energy pricing volatility
      • ESG and carbon reporting requirements

      Implication

      Businesses must consider:

      • Where workloads are hosted
      • Energy efficiency of infrastructure
      • Long-term sustainability commitments

      DSM Alignment

      Facilities designed with:

      • Water cooling and energy-efficient systems
      • Renewable energy integration such as solar
      • Scalable high-density rack capability

      …provide both cost control and ESG alignment, which is increasingly a commercial requirement.

      5. Regulatory Pressure and Data Sovereignty

      Governments are tightening control over data location, cyber resilience, and supply chain security.

      • There is increasing focus on digital sovereignty and reducing reliance on foreign hyperscalers
      • New legislation is driving higher standards for critical infrastructure protection

      Technical Reality

      Organisations must now manage:

      • Data residency requirements
      • Encryption and key ownership
      • Third-party risk including supply chain attacks
      • Auditability and compliance reporting

      Implication

      Public cloud alone is often insufficient for:

      • Sensitive workloads
      • Regulated industries
      • Long-term compliance strategy

      DSM Alignment

      UK-based data centre and IT services provide:

      • Sovereign infrastructure control
      • Compliance-ready environments aligned to recognised standards
      • Reduced exposure to geopolitical and vendor risk

      6. Operational Resilience and Disaster Recovery Gaps

      Modern businesses must assume breach or failure is inevitable.

      • Focus is shifting from prevention to resilience and recovery
      • Many organisations still lack tested disaster recovery plans and reliable backup strategies

      Technical Reality

      Common weaknesses include:

      • Backups stored in the same environment as production
      • Unverified recovery processes
      • Lack of orchestration for failover
      • Inadequate ransomware recovery strategies

      Implication

      Downtime is no longer just operational. It is financially catastrophic, reputationally damaging, and potentially a regulatory failure.

      DSM Alignment

      Robust Disaster Recovery as a Service solutions deliver:

      • Defined recovery objectives such as 15-minute RPO
      • Offsite, immutable backups
      • Rapid failover capability
      • Full business continuity assurance

      7. Skills Shortage and Tool Sprawl

      Even well-funded organisations struggle with execution.

      • Security teams are overwhelmed by alert fatigue, tool fragmentation, and skills shortages
      • Many organisations operate numerous disconnected security tools, creating silos and blind spots

      Technical Reality

      This leads to:

      • Slow incident response
      • Inconsistent policy enforcement
      • Increased mean time to detect and respond

      Implication

      Technology alone is not the solution. Integration and expertise are critical.

      DSM Alignment

      Managed IT and security services provide:

      • Consolidated tooling and visibility
      • Experienced technical and security professionals
      • Continuous monitoring and response capability

      Complexity to Control

      The overarching challenge facing businesses today is not any single technology. It is the convergence of all of them.

      Cloud, AI, identity, regulation, infrastructure, and evolving threats are individually manageable, but collectively overwhelming.

      The organisations that succeed will be those that:

      • Regain control over their infrastructure
      • Simplify architecture where possible
      • Embed security at every layer
      • Prioritise resilience over theoretical perfection

      This is where a fully integrated approach combining data centre, IT services, and cybersecurity becomes essential rather than optional.

      Veeam V11 Immutable
      Posted on By Author DSM Group Categories Cloud Backup, Disaster Recovery

      V11: Immutable primary backup storage

      Ransomware and malicious acts within our IT environments are rampant across the world, and the last line of defence is going to be your backups.

      In Veeam Backup & Replication v10 the ability to store your Veeam backups using the Object Lock API was introduced. This would mean that you would have a secondary copy of your backup data most likely offsite and in an immutable state, which means it can’t be modified and is protected against insider malicious activity.

      Fast forward to the release of Veeam Backup & Replication v11, and a way of storing data, agnostic to hardware in your primary location leveraging Linux with the NEW Hardened Linux Repository has been enabled.

      Benefits of immutable storage backup

      By definition, immutability is a solution that prevents data deletion or modification from the storage.

      Knowing that data is critical to all businesses—leveraging an immutable copy of your backup data ensures that there is an untouched version of that source data that is always recoverable and safe from any failure scenario.

      Veeam Backup & Replication v11 enables you to store your short-term retention backups locally onsite for fast recovery with the protection of immutability. In addition, you can now tier those backups into an immutable object storage offering offsite, giving you additional protection against unforeseen malicious activity or accidental deletion.

      image 1

      Immutable backup storage can help in the following cases:

      • Production data is corrupted or compromised
      • Accidental deletion of production data
      • Insider malicious activity, administrators modifying backup job retention or deleting restore points.

      What is the Hardened Linux Repository?

      The Hardened Linux Repository enables primary backups to be immutable, not by packaging a storage appliance together, but by offering the ability to achieve local immutable backup storage by using generic compute and storage with a supported Linux x64 distribution that provides this functionality.

      Immutability protects your data from loss because of malware activity or other failure scenarios mentioned above by temporarily prohibiting the deletion and modification of data.

      A storage solution that prevents deletion and modification of backups

      Now you know the purpose behind it and why we are doing this for our primary backups. But you have only seen part of the How — on the Linux server itself you do not need to set anything, Veeam will have that covered for you.

      MC VeeamHardenedRepository 03

      By default, the immutability is set to seven days for standard backups on the repository. It is very important that your job configuration reflects this so that your active backup chain is protected.

      Ransomware or outside malicious activity are well-known 24/7/365 threats. Take a lesson from history – even the great city of Troy, that resisted outside threats for centuries, was quickly destroyed from within. When you use the immutable flag even the kings of backups themselves, the backup administrators, cannot delete those backup files.

      MC VeeamHardenedRepository 04

      Single access credentials

      Protect the keys to the kingdom! It’s clear to see that a lot of this new feature is focused on the security and protection of your backup data. By focusing on access control, we are further reducing the possible attack vectors by not allowing Veeam or the backup administrator to have unbridled access to an elevated user account that was or is used initially to deploy Veeam services. These one-time use for deployment credentials are not stored by Veeam Backup & Replication.

      I hear you asking, how do we get started?

      Call us on 03333 22 11 00 or contact us using the form below:

        Credit: Michael Cade

        data backup
        Posted on By Author DSM Group Categories Cloud Backup, Disaster Recovery

        Four key reasons why you should backup your data

        Today’s world revolves around electronic data; Business simply cannot operate without it.  No data = no business.

        Data is one of the life bloods of a business; With the ever increasing risks (viruses, hackers, natural disasters, hardware failures etc.) it’s almost inevitable something will, eventually, go wrong;  It’s not an ‘if’ but more like a ‘when’. The scale of loss could be anything from a hard drive failure to a ransomware attack.

        We have created a list of the four main reasons why you should ensure your data is correctly and securely backed up.

        Hacking and ransomware

        It is estimated around half of UK businesses faced some form of cyber-security breach in 2019/20. Most of the time the firewall and/or anti-virus software will trap the attempted infiltration however…. just like some human viruses, there’s an occasional one that gets through and causes havoc.

        In extreme cases, hackers can encrypt and hold your data to ransom. If you don’t have your data backed up (effectively), the only way to recover it might be to pay them.  There is, of course, no guarantee that your data will be returned.

        Ransomware or a virus may not be specifically targeted to you – they are designed to be smart and will automatically seek the weakness in IT systems then spread further and embed themselves until the circumstances are right for maximum damage.

        The best way to negate a ransomware attack is to ensure your systems are correctly patched, firewalled and an effective data backup is in place.

        Not all data loss is malicious

        While it’s easy to think of data loss as being a purposeful act, UK government stats, indicate that the vast majority of data losses and breaches are the result of human error.

        Staff within your business have to handle your data as part of their job, so there’s always a chance of data being deleted by accident. If you don’t want your company to be detrimentally impacted by a business critical file or email that’s accidentally been deleted (or maybe purposeful by a disgruntled employee), you need an effective backup solution.

        Disasters happen

        When protecting against data loss, businesses also need to think about the safety of the hardware that stores their data. It is often more fragile than you might think.

        Disaster is often thought of as being a grand scale event eg: Fire, Flood, Explosion but, in fact, it’s often more mundane actions that cause the issues: Poor-quality electrics, leaking roof or pipe, failed air conditioning unit etc

        Without an effective backup, you can seriously risk the future of your business.

        Critical data loss destroys businesses

        Approximately 9 out of 10 companies that lose their data for more than 10 days end up filing for bankruptcy within a year. In fact, many of those businesses file for bankruptcy immediately.

        Why? The loss of data can cause significant business interruption. Most businesses simply cannot afford such downtime. Depending on the scale of the breach, a business may also be subject to regulatory fines (as a result of GDPR for example).

        Data loss can also prove catastrophically damaging to reputation. Companies can find that the cost of losing (and subsequently trying to win back) customer confidence, following data loss or theft, far outweighs the actual cost of the data loss itself.

        The faster you can get up and running again, the more likely you are to retain customer confidence. This is why an effective data backup is imperative.

        Protecting your data

        There’s a number of ways you can backup your business data however, the most recognised and effective solution is an offsite, cloud backup.  ‘Cloud’ is not a  mythical place but a purpose designed building with specialist technical staff and systems.

        By working with such a specialist provider, you can ensure that your critical data is automatically backed-up  – effectively and securely and perhaps, more importantly, capable of being recovered – easily.

        Don’t know where to start? We are here to work with you to create a custom backup solution for your business data.

         

        1 2