When we talk to business owners about disaster recovery, they often do not see it as an important aspect of their business. That is, until one considers the importance of technology to both customer service and internal operations. Interruptions to payroll or the processing of invoices and associated down-time could significantly impact both cashflow and client confidence.
A Disaster Recovery Plan is not only something that affects IT but every business process, from the ability to communicate with clients to being able to contact staff next of kin in an emergency. A simple operating procedure to follow during an IT disaster recovery situation needs to be available. This should highlight which key staff should carry out specific tasks that will get the business to a basic functioning level and eventually back to normal operation.
Businesses need to look at integrating their Disaster Recovery Plan with a viable insurance policy which will pay at least operating costs during the recovery process. Accurately estimating the amount of time required to recover completely is vital to ensure that enough cover is purchased.
A disaster is often perceived as a natural one such as a flood, hurricane or lightning strike. However, man-made “disasters” such as theft, severe power outages, protest action or service delivery interruptions are all possibilities in the South African context. How are your staff able to work if they are unable to get to work? It is a real possibility that at least part of your IT Disaster Recovery Plan may be required in the future.
Today’s criminals are not necessarily gun-wielding tough guys who force their way into businesses demanding money, but rather young, super-smart computer programmers that exploit software weaknesses and employee human error or vulnerability for their own gain. By this, they can plant malicious code into networks and steal or remove access to your own data, potentially crippling your business should you not bow to their demands.
In the past businesses had very limited and expensive options available to them when it came to disaster recovery. Today there are a range of options that even small businesses can easily afford and implement with help from their IT provider.
We have the following advice to companies looking to implement an IT Disaster Recovery Plan:
1 Simplify Your IT Environment
Consolidate your servers and virtualise as much as possible.
Move as many services to a secure cloud environment as possible.
Limit access to data to only those who absolutely need access. Do not apply an open-door approach to your data
2 Reduce Risk
Ensure that all hardware is under a service contract of some sort.
Store your business-critical services on your newest hardware.
Choose a reliable, accredited backup solution and not merely the cheapest option.
Test your Disaster Recovery Plan regularly. Does it actually work
3 Document Your Environment
Ensure that the IT department are not the only staff who know where and how everything works.
4 Train Your Users
90% of malware, phishing and other security breaches are due to a user clicking on a link, opening an email attachment or browsing a web site with compromising code embedded therein. Training users to identify warning signs could save your company from a technical meltdown.
5 Implement a Secure Environment
It is not only your IT perimeter that should be secure. Your internal devices – especially if these leave the office at any stage – should also be protected. A good firewall and a good anti-virus act as an alarm or electric fence. A Disaster Recovery Plan can be likened to an armed response.
How to Start Building a DR Plan
The best way to start your disaster recovery planning is to form a team within your business comprising individuals across all business units, including IT. Something seen as low-risk in one department may be a vital component to plan for in another. Document the risks then build a plan to cover these, categorising them from the highest to the lowest priority.
Engage with a company such as Coltek to help you with your plan and then update and test it at least once a year.
Coltek is a Technology consulting and solution provider for businesses of all sizes. We look at all aspects of Technology and recommend solutions, improvements as well as maintenance within the business.
We are concerned with your overall Technology footprint as well as your roadmap going into the future, so you are not left in the past. Contact us at firstname.lastname@example.org | www.coltek.co.za