Insight and analysis on the information technology space from industry thought leaders.

Why Overlooking Identity in Disaster Recovery Is Putting Businesses at Risk

To protect critical operations, organizations should embed identity continuity into disaster recovery plans, using failover, DR-specific policies, and identity orchestration for resilience and uninterrupted access during crises.

Industry Perspectives

November 13, 2024

4 Min Read
person using laptop computer with Disaster Recovery icon on virtual screen
Alamy

Cyber adversaries have increasingly trained their sites on identity systems. IBM’s 2024 X-Force Threat Intelligence Index reports a 71% increase in cyberattacks exploiting user identities in 2023. The interconnected nature of modern enterprise infrastructures that span multiple cloud providers has turned identity systems into an enticing attack surface for cybercriminals.

Why this focus on identity? Today’s enterprises operate in multi-cloud and hybrid environments where critical business operations are often only protected by a login, exposing identity assets in ways that traditional cybersecurity approaches cannot fully mitigate. The result: a heightened risk landscape that puts identity at the heart of business continuity and disaster recovery (DR) planning.

Rethinking Disaster Recovery and Business Continuity

Traditional disaster recovery and business continuity (DR/BCP) plans are well-established in most organizations. They account for physical redundancies, crisis communications, incident responses, and compliance with regulatory frameworks like GDPR or SOC 2. However, these plans often lack a detailed strategy for identity continuity. This oversight leaves a significant gap in protecting against identity-related risks that can disrupt business operations and compromise data integrity.

Related:BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster Recovery

In a multi-cloud world, identity continuity must be vital to any DR/BCP strategy. It ensures that authentication, authorization, and access services are continuously available—even during outages or attacks. This requires integrating identity systems into DR planning, not as an afterthought but as a core pillar.

Building an Identity-Resilient Infrastructure

With identity firmly established as a cornerstone of security and a top target for adversaries, preparing for the worst is no longer optional. Even the most advanced recovery plans can fall short without continuous access to identity services. Imagine the chaos if critical identity services become unavailable during a crisis: employees locked out of systems, emergency response teams unable to access vital applications, and attackers exploiting every second of downtime.

To prevent such scenarios, CISOs must plan for identity resilience. This means going beyond conventional backup strategies and implementing best practices to ensure seamless authentication, authorization, and access management—no matter the challenges. Here are some best practices:

  1. Identity Continuity Simulation and Testing: Just as organizations simulate cyberattacks and data breaches, identity continuity must be rigorously tested. Run regular simulations to ensure your disaster recovery protocols can sustain identity system failures without disrupting access to critical applications.

  2. DR-Specific Identity Access Policies: In a disaster, a different set of access policies may need to be enforced. Establish DR-specific access policies that only grant necessary permissions to key recovery personnel and ensure these policies are audited and kept updated.

  3. Dynamic Failover and Synchronization: Leverage an identity fabric or orchestration layer to synchronize identity data across on-premises and cloud environments. This ensures that if one identity provider (IDP) fails, another can seamlessly take over. Modern architectures should support hot standby modes, where backup identity systems are ready to activate without delays or disruptions.

  4. Audit and Forensic Readiness: Detailed access and audit logs are essential during and after a disaster. Attackers often escalate their activities when they detect an organization is in a degraded state. Ensuring comprehensive logging and forensic capabilities can help detect anomalies in real time and facilitate post-incident investigations.

Related:How to Keep IT Up and Running During a Disaster

The Role of Identity Orchestration

Related:Why AI and BCDR Are a Natural Fit

In a multi-cloud environment, identity orchestration enables automated identity failover between providers like Azure AD, Okta, Ping Identity, or even on-premises identity systems like Microsoft Active Directory. For example, if a primary IDP becomes unavailable, orchestration can reroute authentication requests to a secondary provider, maintaining business continuity without sacrificing security.

Identity orchestration is a central hub for managing authentication and access control across an organization’s diverse technology stack. Instead of relying on fragmented identity systems, an identity orchestration layer consolidates and standardizes identity management, enforcing consistent security policies across all applications. This approach reduces the likelihood of adversaries exploiting gaps between on-premises and cloud-based identity systems.

A major hurdle in ensuring identity continuity is the presence of legacy applications that don’t support modern authentication protocols. These outdated systems often lack strong security measures, such as multi-factor authentication (MFA) or passwordless access, making them attractive targets for attackers. However, even if upgrading to MFA or passwordless security isn’t feasible, integrating these legacy applications using identity orchestration can greatly enhance overall security and reduce vulnerabilities. This integration allows legacy applications to leverage advanced security features, such as centralized user authentication and comprehensive logging, even if they can’t natively support them.

Looking Ahead

Now that identity as an attack surface is firmly within attackers' crosshairs, organizations should adopt a holistic view of identity continuity, treating it as an integral part of their disaster recovery and business continuity plans. The future of identity security lies in the ability to transition seamlessly between cloud and on-premises IDPs, with orchestration tools enabling automated, policy-driven responses.

The stakes are high, but with proactive planning, rigorous testing, and strategic investments, businesses can stay one step ahead of adversaries and maintain operational resilience, even in the face of disaster.

About the Author

Aldo Pietropaolo is Field CTO of Strata Identity, a provider of identity orchestration technology. He has had over 20 years of experience in the identity industry and was co-founder of Good Dog Labs, where he invented the first identity and access management microservices-based product (Perseus IAM). Good Dog Labs was acquired by Lighthouse Computer Services. He has held senior management roles in identity solutions engineering and architecture with SGNL, Identropy, PwC, HP, RSA, and Securant.

About the Author

Industry Perspectives

Industry Perspectives

See more from Industry Perspectives
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

the interface of the PowerShell search tool with a hand holding a magnifying glass on a background of a blue sky and clouds in the shape of gears
PowerShell
How I Built My Own PowerShell Multi-File Search Tool
How I Built My Own PowerShell Multi-File Search Tool

Oct 22, 2024

burnout gif featuring a mannequin surrounded by office technology on fire
Career Tips
Am I Burned Out? How To Identify and Address Burnout in IT
Am I Burned Out? How To Identify and Address Burnout in IT

Oct 24, 2024

MLOps
Ops and More
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?

Oct 23, 2024

Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

AI chip
Cloud Computing
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
Cloud vs. On-Prem AI Accelerators: Choosing the Best Fit for Your AI Workloads
SaaS concept on a tablet
Cloud Computing
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
Why SaaS Backup Matters: Protecting Data Beyond Vendor Guarantees
DevOps logo on top of code
DevOps
DevOps: Key to Faster, More Efficient Government Software Development
DevOps: Key to Faster, More Efficient Government Software Development
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

cartoon shows a person next to a checklist and several icons that represent disaster scenarios
Disaster Recovery
BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster RecoveryBCDR Basics: A Quick Reference Guide for IT Pros
technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables