With the exception of my husband, no one enjoys planning for a worst-case scenario; however, just because you have a backup plan in case things go awry isn’t the same as planning for something to fail.
This is particularly true for business. Your long-term survival as a business is heavily dependent on safeguarding its information, correspondence, clients and system.
If you are concerned about losing access to all of your data (or losing it all outright) and have a small business, you have probably wondered how you would go about setting up a workable disaster-recovery plan that best suits your current situation.
The National Archives and Records Administration reports that over 90% of businesses that experience a loss of access to their business data for a single week will go out of business within a year. Not to be negative, but if you didn’t have access to vital information, what would happen to your business?
Assess Your Risks
The first stepin formulating a disaster recovery plan from all possible scenarios is a risk assessment. To begin with, if you are not encouraging everyone (including yourself) to regularly backup their work, then you are the first risk to your business.
Mustard IT Support Services CEO, Alex Viall says, “You should backup all important information regularly and copy files to a protected system you can always access. After all, you never know what will happen and you have to be prepared.” While using paper-based documents are largely a thing of the past, are you taking advantage of cloud-computing technology? If you said yes, do you have a regular backup schedule? Your company is at a serious risk if you store your RFPs and RFQs on individual computers or your server.
Ok, so earthquakes may not occur in your area and you are so far inland that a tsunami isn’t a worry, and a hurricane has never happened where you live. Watching the news these days, you can tell that some geographic regions are at higher risks of natural disasters than others.
Despite this, are you worried about an electrical fire, or a gas explosion? What about a terrorist strike? These can destroy buildings anywhere, so would you be able to rescue your core business from the rubble? Building insurance and an emergency plan for evacuating your employees from a building is important, but what about doing the same for your data?
Cloud computing technology is now an integral part of establishing a business continuity and disaster recovery plan. Your data will be backed up automatically, but you can then access from anywhere. This means that documents can be shared from any new location while you rebuild, so this means that projects can move ahead while you relocate.
Prosyn are experts in Business Continuity and Disaster Recovery Planning. Their CEO, Roy Castleman, says, “Companies these days are facing increasingly complex threats to their data security”. The biggest threats and hazards of days gone by used to be fairly simple, such as a hard drive crashing or a natural disaster (or flood, fire, etc) wiping out an entire server. These days, the biggest concern comes from within a company.
The majority of IT managers are more worried about the security threat that comes from their own employees rather than external threats (ie hackers, malware, etc). Internal security threats and issues from employees have grown over the last few years.
This threat from employees isn’t always out of malice. Rather, an employee’s accidental behavior, such as clicking on a webpage or link that loads malware onto the company server or computers, is the greater threat. Malware viruses like ransomware is just what it says. It can hold your system a virtual hostage until a ransom payment is paid. The Washington Post noted that more than 2400 complaints to the FBI about ransomware were received. It was estimated that victims lost as much as $24.1 million.
Best Practices for Small Businesses
According to the founder of World Backup Day, Ismail Jadun, “the 3-2-1 rule is a pretty good rule of thumb” that small businesses should follow for backing up data. So how does this rule work? Companies should look to have a minimum of three (3) physical copies of their data (e.g. on three separate company computers), two (2) copies stored in different formats, and a single backup copy stored in an offsite location.
The Small Business
Smaller businesses may find it harder to protect their cyber security. While you may not attract the same attention as tech giants like Google or Microsoft, your IT department is probably not that large, so data security might be difficult. If this sounds like your company, consider outsourcing your IT security to a local company able to respond quickly to any emergency. Don’t go for a one-size-fits-all solution, but select someone “who can understand the core critical failure points within your business”, as advised by Castleman.
Storage and backup are not the same, but many small businesses can’t see the difference. Uploading your documents to the cloud is not enough in most cases. They also need to be backed up. If you’re already taking advantage of cloud computing, your system also needs to be set up to so that it creates copies of your data on a regular schedule. The best way for small businesses to come up with a viable disaster recovery plan to first be aware of the risks and then encouraging employees to follow best practices with regards to security, which includes avoiding malicious acts and not opening suspicious emails.
Lastly, as per other business areas, once you’ve come up with a backup plan, it needs to be tested. This will involve training all employees in their current roles to react to a given disaster. You need to ensure that all employees has remote access to the right software and that your backup system is effective. Don’t forget that technology and employees will change, so you should regularly review your disaster recovery plan to keep up to date with these changes.