Use It Or Lose It

My workday was interrupted today by a planned visit from some electricians we have contracted with to upgrade our backup generator. "Mind if we test the circuit breaker panel labels?" they asked. I hesitated. In theory, our systems all have functioning, tested uninterruptible power supplies (USPs) and so flipping circuit breakers off and on should not have any noticeable effect. I should have given the OK immediately.

Instead, I hesitated. I was reluctant to tempt fate. I imagined the pain of failure, a self-inflicted wound. Our office manager asked me if I wanted to shut down the network first but she was a bit thrown by my reluctance.

In the end, I took a deep breath and explained that we are all set against power outage, so there should be no problem, so they should proceed. Not only do we have a separate UPS for each system, but each system is configured to shut itself down gracefully if the UPS's power levels drop. So, best case, no effect and worst case, graceful shutdown.

Still, I hesitated because I was ever so slightly afraid.

"Use it or lose it" is a common saying often applied to physical attributes, such as fitness or muscle memory or particular skills. But I find that it applies to cybersecurity's least popular phase: recovery from an incident.

No matter how you end up needing to recover--cyber attack, natural disaster, human error--you will be relying on your back up procedures and equipment. Do your back ups work? Are you adept at restoring them without either missing important data or overwriting important data with a previous version?

No one likes validating recovery procedures. There is a truism among tennis players that the lob, like prayer, is rarely practiced but often called upon in times of need. So it is with Recovery: rarely practiced but often called upon in times of need. You will have to use your Recovery plan sometime and it feels like tempting fate to trigger a fake disaster just to test something.

This is not true. I know I am not an expert at the lob but I am an expert on disaster recovery and I can assure you that practice makes the bad thing less bad. In fact, the "it" in "use it or lose it" in this case is often the confidence to rely on your back up procedures and equipment.

So shut the power off occasionally. Restore files to test systems on a regular basis. Schedule recovery testing. Keep your cybersecurity program's Recovery plans up to date and practice using them. Future you will thank you. Even if it is a little disconcerting. Making the effort to confirm your Recovery plans and procedures is hard. We can help. Ask us how.

As for my office, everything went off without a hitch--except for that old Windows 11 machine we have been planning on replacing for a while now. It rebooted despite a perfectly working UPS which did not complain. So now I am off to choose between accelerating its replacement and debugging its behavior.