A potential data loss to your company is likely to be the result of small localised problems. Consequently, it’s important to reinforce your critical files with a customised backup, business continuity and recovery plan.
Symantec’s 2009 SMB Disaster Preparedness Survey found the average Australian SMB was experiencing three outages within the year, from incidents including power failures, virus or hacker attacks, and accidental data loss. This was estimated to have cost $30,000 a day. So IT Disaster Recovery Plans can really pay for themselves.
Without IT capabilities, your day to day operations could cease. Emails and databases need to be accessible – or else business comes to a grinding halt. Plans are needed to resume IT services, should a worst case scenario arise. Statistics show that data loss can put companies out of business. Don’t become another statistic!
Managed IT Services combine planning, prevention and protection strategies to make this process seamless and stress free. However, if you need to set a template in place, the following tips can help assist your team.
1) Brainstorm a Disaster Recovery Plan
Though daunting, it’s something that can be taken one step at a time. Who will determine disasters and roll out the plan? How do you communicate directives when systems are down – including reinforcing client service requirements.
Go through each scenario or option. Start with the basics and feel free to add to things as you progress. Define the core requirements for your operation such as equipment, emails, apps, backups and recovery deadline objectives.
2) Oversee initiation
Implementation is required once a plan is set. Monitoring this process is necessary to ensure it’s applied effectively.
IT Recovery Plans need to evolve and be updated regularly. Proactive analysis, review and refinement of all aspects (including data replication and data backup storage) is paramount. This ensures less downtime in the event of an issue.
Many IT professionals believe a plan is enough and only think to test disaster recovery or fail over systems once a year, if that. Don’t leave your organisation vulnerable to failure in the event of a crisis.
Untested plans, or minimal trials, may end up being more hindrance than no plans at all! To be effective during emergencies, rigorous simulations in real situations need to be applied – not only for reassurance, but for verification of your measures.
4) Offsite data backup and storage
Recovery Plans are for catastrophic events, which in essence negate the likelihood of onsite data backups being accessible. Focus on database security during an incident and accessibility post an outage incident – which is where remote backup services come into play. Data backups need to be transferred by secure means and stored in a fire-proof, high-security, offsite data backup centre.
A recovery point objective (RPO) is the time between the last available backup and when a crisis occurs. Tolerance for loss of data or re-entering data needs to be considered. Backups should be done at least daily, preferably overnight – but some industries may require continuous data protection options or higher frequencies.
5) Data restoration tests
Whether tape backup or disk to disk, the backup software and the hardware it resides on, needs to be checked daily to verify successful backup, and that there are no hardware issues. Tapes need to be stored offsite and disk systems need offsite replication (if the backup is run offsite). Monthly tests on restoration are recommended to ensure restoration can be actually completed viably.
6) Desktop and laptop backups
It’s likely that many of your staff are storing vital files directly on their computers or local systems, rather than on the network – even if it’s against policy. The reality of today’s mobile workforce and competition sensitivities means that fail-safes need to be established for backups of laptops and desktops – in case they’re ever lost, stolen or damaged. Automatic systems are the preference for such instances.
7) Redundant servers
Set-up redundant servers in professional third party data centres to assure there is a way to access critical data. This can reduce recovery time, down to minutes rather than days, in the event of catastrophies,
8) Data delete or theft recovery laptop solutions
As laptops and tablets replace traditional PCs, the office is becoming more mobile. The potential for data to be lost in transit (whether accidental or deliberate) is increasing the need for data deletion and theft recovery software initiatives and procedures to be put in place. This allows location, recovery and return of hardware, or the ability to wipe sensitive information, should devices go missing.
9) Installation of virus software
Regular virus updates are needed to reduce the spread of email viruses, spyware lags and malware damage that can grow into large problems. Installing regular virus pattern updates can help situations from getting out of hand.
10) Consultancy and Managed IT services
IT Disaster Recovery Plans often become too time consuming for small to medium businesses. Lack of up to date knowledge and technical skills can hinder implementation, which is where consultants or managed IT services may be an option. These operations specialise in providing the services you need, and have the servers, storage, manpower and network infrastructure to handle disaster recovery.
Hosting services may provide the solutions your business needs to make your plan work, as you may wish to outsource the whole process, so it’s one less thing to worry about in the event of a crisis. It’s all about economies of scale, so choose the right combination of services to outsource for your business.
All companies are exposed to experiencing a disaster – but prevention and continuity are what separates the outcome. Downtime and potential data loss need to be weighed up with cost factors.
Virtual servers are an ever-increasing option as technologies improve, hardware becomes more cost effective and software advances. This allows for consolidation onto one host server, giving you more affordable operations and redundant systems. However, you have to overcome the conceived risk of having just one host server!
In the current era of terrorist attacks, crime and growing natural disasters, you can never be too prepared for whatever may lay ahead. It’s all about strategy, structure, and anticipation – so you and your business colleagues can rest easier, with the plans in place to protect your confidential businesses information. Quick and effective response plans laid out for disasters will be well worth the investment, should the worst ever arise.