Posts

The complete DIY disaster recovery guide for SMBs

What’s inside:

  • What your people need to know about disaster recovery
  • The essential components of disaster recovery for SMBs
  • Why you need a disaster recovery plan (even if you think you don’t)
  • How to test your disaster recovery plan

Chapter 1

Why you need a disaster recovery plan (even if you think you don’t)

When you’re a small business owner, you absolutely need a disaster recovery plan. Unfortunately, a surprising number of owners shrug off this fact. Here are a few of the most common reasons we hear:
  • Nothing bad will happen . . . or if it does, it won’t be too bad
  • Time is better spent focusing on today’s issues and not on “what ifs”
  • A disaster recovery plan is important, and it’ll get done soon (rinse and repeat)

You see where this is going. A disaster hits the business, and, just like that, months or years of hard work disappear. It’s nothing short of tragic. Particularly because there are things you can do to prepare.

But first . . . what is a disaster recovery plan?

Before we get into the nuts and bolts of disaster recovery, let’s make sure we’re all on the same page. What is a disaster recovery plan?

It’s a plan to help your IT systems get back on track after an emergency. You may sometimes hear the term “business continuity,” as well. The two are not the same thing. Business continuity addresses everything necessary to keep a business running, no matter what. Part of that is disaster recovery.

The likelihood of a disaster

Ready for some less-than-pleasant news? It’s likely your business will experience a disaster.
Oh, you may never have to endure a tornado or a hurricane, but something will eventually take your entire business offline unexpectedly. Disasters come in different forms and vary in severity.

There are natural disasters such as earthquakes, fires, floods and blizzards. And then there are technological disasters such as cyberattacks, phishing scams, internet outages, and power failures. There are even man-made disasters such as civil unrest, terrorism and explosions. Not to mention the “small” stuff, like simple blackouts.

And the more unprepared you are, the more costly downtime is. Even one hour of downtime could cost your business several thousand dollars.

Take a look at these stats

You don’t have to take our word for it about the high cost of poor preparation. The numbers tell the story just fine on their own.

40-60%

After a disaster, 40 to 60% of businesses fail to reopen. Of those that do reopen, 25 percent go out of business within a year.

Statistic Graphic

90% of small businesses close within a year if they cannot get their operations back up within five days.


Statistic Graphic

46% of businesses have incomplete disaster recovery plans or no plan at all.

Statistic Graphic

22% of businesses have declared a disaster in the past five years. The top causes were IT failures (hardware failures, network failures, etc.), power outages, floods, cyberattacks, natural disasters and human error.

How disasters affect your IT systems

And here’s where things get real. Let’s look at how a lack of preparedness could potentially affect your business.

  • A hardware or software failure could severely impact employee productivity and lead to disgruntled customers.
  • One of your employees could fall for a phishing scam and give cybercriminals access to sensitive company accounts, which are drained. Your business is then out thousands of dollars.
  • The space where your data center is stored could experience a burst water pipe that destroys the equipment housing your data.
  • A fire could burn your business down to the ground, completely wiping out your IT infrastructure.
  • A lightning strike could create a surge and fry critical equipment, forcing you to close for just a few days. In that short time, your business could get a reputation for being unprepared or unreliable.

That’s why you need a plan

A disaster recovery plan doesn’t stop the disaster. That’s not its purpose. But it does give you a way to bounce back. When you’re facing downtime, that’s what matters—how quickly you can get your network back online.

A disaster for your business won’t necessarily come in the form of a raging inferno or thundering hurricane. Rather, it may have more mundane roots, such as a power outage or human error. Whatever form the disaster takes, your hard work could go down the drain if your business lacks a recovery plan.

Chapter 2

The essential components of disaster recovery for SMBs

Now that we’ve explained why it’s important to have a disaster recovery plan, what exactly should your plan include? Here’s a look at essentials such as backups, communications and employee training.

Backups

Your business data can be lost or destroyed in many ways. Here are just a few examples:

  • Accidents, such as a liquid spill, a laptop drop or accidental deletion
  • Disasters, such as a fire, flood or tornado
  • Cybercriminal activity, such as malware, ransomware or a virus
  • Theft, even as small as smartphone theft

Part of the goal for your disaster recovery plan is to protect your data. One way to do that is to make sure everything is backed up. That way, even if something wiped out your entire office, you wouldn’t lose the information you depend on to run your business.

The 3-2-1 rule

Aim to follow the 3-2-1 rule.

3

Three backup copies

2

In two mediums such as the cloud and hard drives

1

One copy stored offsite


The cloud is an essential player in data backups because you can continue work outside of the office and retrieve data from anywhere. Think about other things that contribute to your backup plan, as well.

  • Do you have “backup vendors” (like an ISP) should you need to quickly move from one service provider to another?
  • Do you have a backup or redundant power supply source, like an onsite generator? (If you keep a backup server onsite, you may need one.)
  • Do you have backup supplies (like food and bedding) for employees who might need to stay at the office in the event of an emergency?

Most SMBs work with a managed services provider or an offsite data center provider instead of managing their own data center onsite. Before selecting a provider, ask about their plans to prevent and mitigate disasters.

Communications plan

It’s easy to focus too much on IT in a disaster recovery plan and to forget about the human aspect. Ensure that your plan incorporates the many types of communications that may be necessary. Some things to think about include:

  • Who speaks for the company to the media, emergency responders, third-party vendors and others? (It can be a different person for each.)
  • Who reaches out to clients or customers? And how?
  • Who reaches out to employees? And how?
  • How much information do you plan to reveal in the event of a disaster? And how will you reassure those who need encouragement?
  • Do you have contact numbers (work and personal) for everyone on your staff?
  • Who are the critical members of your staff and/or what are the critical roles that have to be covered to keep your business going?

Priorities

Which systems are most critical to your mission? How much time can go by before disruption to the business becomes a serious issue? How can you protect proprietary information?

Your plan should be designed in terms of priorities. There are undoubtedly normal functions in your business you could skip or go without if you had to. As you build out your plan, make it a point to attend to the necessary stuff first.
High-priority functions should have built-in redundancy.

Your “go team”

One component of your plan is to establish a “go team” that springs into action quickly in the event of a disaster. Here’s what you’ll need to do to prep your go team.

Go team prep

Tranning Icon

Train regularly so they’re prepared to act efficiently in various scenarios

Cross training icon

Receive cross-training so they can perform multiple roles

Work relationship icon

Establish relationships with third parties such as the fire department and your data center provider

It’s also important for regular employees—those not necessarily at the forefront of disaster response—to receive training. We’ll look at that more in-depth in part 3 of this ebook.

In addition, disasters aren’t necessarily in the form of fires or hurricanes. For example, a phishing scam or a set of weak passwords could cripple your business. Disaster recovery also includes disaster prevention and mitigation.

Educating your employees on strong passwords, ransomware, phishing and more can prevent disasters and keep your employees calm and your data secure when one does occur.

Prevention

Just like you can prevent the likelihood of disasters with good employee education, you can also minimize the odds with regular maintenance and testing of your IT infrastructure. The same goes for testing your disaster recovery plan.

Say a fire breaks out at your workplace and it’s been a while since sprinkler systems and fire detection systems were tested. Will they work? Maybe. Maybe not.

Regular testing ensures everything is operating as it should. 52 percent of businesses test this kind of thing just once a year or less. We’ll look more at what complete testing of your disaster recovery plan looks like in part 4 of this ebook.

Chapter 3

What your people need to know about disaster recovery

Training your small business employees to deal with disasters can minimize the effects of a catastrophe, and it could be the difference between a quick recovery and devastating damage.

How to stay safe before, during and after

Employee safety comes first. Being able to access business email and VOIP telephone systems won’t matter if your people are injured. And while your data is certainly valuable, your people are irreplaceable. Make sure your disaster recovery plan includes emergency safety procedures.

You’ll also want to give some thought to alternative work locations and security practices in the wake of a disaster. If your office is unusable, where will your people go? Are you equipped to work from home? And how will you maintain data security in the interim?

Why disasters wear different faces

Most people immediately think of weather and natural disasters when they hear the phrase “disaster recovery.” But disasters come in all shapes, sizes and forms. And an IT-specific disaster can be just as costly as a fire—or even more costly. Make sure your employees have a well-rounded idea of the potential disasters you face as a company. That list should include:

  • Hardware failure
  • User error (a major cause of IT disasters)
  • Power outages
  • Software problems

Some employees may not even know a disaster has occurred until after the fact. Clarifying the definition of “disaster” helps employees get on board more with prevention training.

How to prevent disasters

Use onboarding and continuing training to cover the essential topics. Any new employee should go through disaster recovery training, but don’t assume everyone will remember all those details. Be sure to do periodic refresher training sessions, as well.

Disaster prevention topics

Scam email icon

Recognizing phishing scams

Password Icon

Using strong passwords

Download icon

Downloading attachments

Laptop icon

Following the BYOD policy

WiFI moden icon

Browsing safely on public Wi-Fi while working

Mobile devices icon

Securing laptops, smartphones and other devices


Slipping up in any of these areas can lead to an IT disaster that severely harms your business. Explain the why and how so employees know why this training matters. After all, you’re not trying to dump extra work on them. You’re trying to protect the business.

Where to go and what to do after a disaster

Suppose a disaster compels your business to move to alternative offices or to switch to telecommuting for a while. Your employees need to know a few things.

How to communicate with the company

Should they wait for an email from their team leader? Or proactively call in themselves? Or something else?

Where to go

Are you prepared to work from home? Or do you have an alternative office site B? And how soon do you expect employees to check in? To be available to work?

How to get to work

If there are folks who absolutely have to come to an office, will your business provide alternative transportation? If a critical staff member cannot get to that office, what’s your secondary plan for that?

How to access company programs and equipment

If a cloud computing service is down, what’s the next option? If a laptop is at the office and that has become an unsafe site, what should your employees do?

Who to contact

Who should everyone reach out to with questions, concerns or critical information? Make sure this list is longer than one name—and you almost certainly don’t want to be the point person here if your team is bigger than 10 people.

Are there any temporary policies or procedures?

Any different data security protocols to follow? Should they make adjustments to how they work normal tasks or prioritize things differently during the recovery period?

Everything else

To make sure you’ve covered all the other topics listed above, make sure you’ve considered the following.

  • What technology will be accessible during an emergency?
  • How can the business keep its data secure during an emergency?
  • What happens if the offsite data facility is destroyed?

Looking at the last question, if your business and/or employees have been following the 3-2-1 rule, there are copies of employee data that survived the facility being destroyed. Remember, disaster recovery isn’t just about getting data back—it’s also about mitigating risk and preventing data from being compromised in the first place.

Test both your business continuity and disaster recovery plans

You never fully realize everything your employees need to know until an actual disaster strikes. That’s where testing comes in.

Testing helps everyone in the business better understand how to deal with various types of disasters and how to prevent them. It also pinpoints weaknesses in your current plan, including what employees need to know and do. Test regularly! Don’t be one of the 23 percent of businesses that leave themselves unnecessarily vulnerable.

Chapter 4

How to test your disaster recovery plan

You know the saying, “Practice makes perfect.” So it goes with testing disaster recovery plans. Companies that regularly test their plans, making necessary adjustments based on feedback, are in a much better position to get through extreme weather, hardware failures, human error, cyberattacks, and other types of IT disasters.

However, not enough businesses test their plans (or they don’t test often enough). In fact, one study shows that 23 percent of companies don’t test at all due to reasons such as plan complexity and a lack of time and resources. If this sounds like your company, find a way to address these issues or you may lose revenue or even go out of business. Here are a few tips for your disaster recovery testing.

Determine the scope

Your managed services provider, if you have one, can help you figure out the scope of your testing. If your business is small, it may be that spinning up virtual machines locally or in the cloud is sufficient for some rounds of testing. If the business is larger, testing may entail unplugging a server or intentionally causing downtime in some other way.

Consider factors such as the time and resource needs of testing plus any disruption that testing would cause your customers and how much disruption they could tolerate.

Set goals

Design each DR test with a goal and figure out the results you expect. Who is involved, and what exactly is being tested? Consider other questions such as the date of your last DR test and any IT changes since then that may require updates to the plan before testing takes place.

Document the process

There’s little point in running DR tests if no one documents the processes or acts on feedback to make adjustments. Designate one person in the business to observe and document the test.

Point person tasks

  • Record how long each step takes
  • Record any missing steps not already documented for restoration, data recovery, and emergency communications
  • Record any unexpected failures in detail
  • Record the human performance of your team

To expand on the latter point, how did your employees do when faced with a bewildering turn of events? Were there parts of the DR plan that remained unclear to some employees or that caused them undue angst? Did internal or external communications fall through due to human error?

Implement feedback

Your testing may have gone well—even perfectly. If so, congratulations. Otherwise, act on the feedback you receive to make any necessary changes.

For instance, maybe several of your employees need a better understanding of their role in DR, and they need to be trained. Perhaps your systems take unacceptably long to get back online—why? How can you shorten that time frame?

Test regularly

At the bare minimum, test your plan once a year. Even better, practice it once every quarter (four times a year). Testing every month or every week may even make sense depending on the size of your company, the IT infrastructure, regulatory requirements, and how reliant your company is on IT.

You can test different elements each time with a full-scale run once a year. Remember, a disaster doesn’t have to be a full-blown act of God to make an impact. Downtime a few times a year due to internet outages can erode client confidence over time and result in clients leaving.

It can also be a good idea to run a DR test when new people step into roles. For instance, if your lead IT employee leaves and someone new steps in, don’t wait too long before doing DR testing with this new person. Otherwise, your business could be vulnerable if disaster does strike.

For guidance putting all this information to good use in your own disaster recovery plan, get in touch with one of our business continuity professionals at ISG Technology.

Benefits of superior business continuity management and how to enhance it

Having a business continuity plan isn’t an option, it’s a necessity. If disaster strikes, you have to get back up and running as soon as possible. As a small business, you can’t afford downtime or its negative impact on your operations and your customers.

That’s why business continuity management is critical. It looks beyond dealing with the emergency itself—whether that’s a natural disaster or cyberattack—and takes into account what is required to get everything up and running again. Business continuity management is more than just a risk management process and data backup, it’s part of having a sustainable, reliable and thriving business.

Benefits of a superior business continuity management plan

Let’s look at some of the key benefits of having a superior business continuity plan.

Reducing financial risk

Consider this—according to a recent survey, 80% of businesses require a guaranteed uptime of 99.99% from their cloud service vendors. This correlates to about an hour of downtime annually, which can cost a business as much as $260,000. The further you can minimize any downtime, the less risk you run of losing money.

Preserving your reputation

Your reputation is on the line. In addition to operating losses, repeated occurrences of downtime can cause erosion of your brand. Your customers and partners could lose confidence in your ability to serve them, damaging your business relationships and referrals.

Delivering on expectations for recovery

With a comprehensive business continuity plan, you can also enable the recovery of mission-critical systems in the agreed timeframe. This sets expectations for your staff, your customers, and others. Having this well documented puts a threshold on what’s an acceptable timeframe to get back up and going. According to a recent ransomware report, 96% of businesses with a plan in place fully recover operations.

Complying with legal obligations

Another benefit is compliance with any legal or statutory obligations. Depending on your industry or the industries you serve, you may have to meet certain guidelines for business continuity. For example, financial firms have more and different regulations than other types of businesses.

Even if you are not legally obligated to meet certain standards, proving to stakeholders that you are running your business responsibly is vital to sustainability.

Offering a competitive edge

Not all your competitors will have the same robust continuity plan that you have. This could be something very important to your customers. Use this to your advantage as a strong differentiator that you have well-designed plan to deal with any disruption quickly and effectively.

How SMBs can build or enhance their business continuity plan

If you don’t have a plan, it’s time to work on one. If you do have one, it can be optimized. For help, contemplate these tips:

Business continuity is NOT the same as disaster recovery

Many companies use these terms interchangeably, but they aren’t the same. Disaster recovery focuses on restoring IT and technical operations. Business continuity is much more broad and detailed and usually includes IT disaster recovery. It outlines procedures and processes to preserve and restore business operations after a disaster, including facilities, communications, human resources, partners, customer service, and more. You need both types of plans ready to go.

Remember your plan should be fluid

Business continuity plans aren’t something you can create and then forget about. Many things will change that will need to be addressed or updated in your plan. You may add more infrastructure or need to comply with new laws. You should revisit your plan regularly to ensure it is still relevant to your current business model and customer commitments. As your company changes, it might be useful for an IT consultant to provide an assessment.

Test your business continuity plan

A plan is great on paper, but what about real life? You need to accommodate testing of your plan, which could include:

  • Table-top exercises: Your team goes through the plan looking for gaps
  • Structured walk-throughs: Every team member does a step-by-step review of what they would do and how to do it
  • Disaster simulation testing: Your team simulates an environment where a real disaster has occurred

Communicate your plan with all

A business continuity plan must be shared with all your employees. It needs to be discussed regularly so your entire team understands its importance.

If you’d like to optimize or build your business continuity plan, you may want help from an IT services and technology provider.

At ISG Technology, we have over seven decades of experience and serve a variety of industries with thousands of clients all over the world. Contact us today to see how we can serve you.

What to cover in your business continuity plan

What would your company do to maintain operations after a disaster?  

This is an important question to consider, as FEMA states that between 40% and 60% of businesses never reopen after a disaster. Many businesses have a disaster recovery (DR) plan, but that’s not the same as a business continuity (BC) plan. Let’s look at how they’re different – and 6 items your BC plan must cover.

HPE Platinum Partner
Written in Partnership with Hewlett-Packard Enterprise

More than a disaster recovery plan

First things first: while a DR plan is crucial to maintaining data integrity, a BC plan is more than that. Disaster recovery is often integrated into business continuity, but a BC plan specifically looks at how your business will continue to serve its customers during recovery from a disaster or event.  

Know your data centers

Knowing your data centers is crucial. After all, not all disasters happen to a business’s operating location, especially if companies are heavily invested in cloud computing, offsite and virtual servers, and other factors. Make sure you’re aware of your data center’s disaster plan. Do they have multiple fuel providers in case of interruption? Are they geographically diverse so that one disaster won’t wipe out all of their data distribution? Do they have their own safe backups of information? How will they communicate with you in the event of a disaster?  

Knowing these details makes the transition during an issue much smoother.  

Have alternate locations ready

If your primary business location is flattened by a tornado or flooded by a hurricane, where will your employees report to work? Can your customer service reps work from home or other housing using VoIP while facilities are rebuilt? Will your cloud services remain sufficiently secure if your staff need to access them from less secure connections? Can you quickly rent a space in a less damaged area for your most crucial personnel? By building these answers into your BC plan, you will have an easier time responding to any problems.  

Have key information in separate storage facilities

Businesses should have insurance policies, numbers to call in case of disaster, and so forth. Make sure there are copies of these documents stored in multiple locations. Having them in your desk at work won’t be helpful if your building has been destroyed by an earthquake.

HPE Platinum Partner
Written in Partnership with Hewlett-Packard Enterprise

Identify key players and who can assume their roles

Remember the recent case when a cryptocurrency CEO died unexpectedly and took the passwords to his hard drives with him? Roughly $145 million of cryptocurrency disappeared with him since he had the only password to the relevant hard drive.  

Unfortunately, there are unexpected and sudden deaths in the business world. Part of your continuity plan should address key players in the company and consider who would assume their roles until a permanent decision was made. Don’t just assume that a VP can step into the CEO’s role without planning for who will take over the VP’s role as well.  

Engage in regular testing

The most crucial element of any business continuity plan is testing. Companies should start by addressing the plan on paper with all key players to identify any gaps or immediate concerns. Then, they should reality test the plan, addressing it again with any outside stakeholders. If changes are made, it should come back to the table for further discussion. Finally, live-testing a disaster recovery plan will identify any last minute weaknesses. It will also give stakeholders a sense of how a real event would proceed.  

Business continuity plans are crucial to the operation of a successful business. It is often assumed that disasters will happen to other companies; in reality, however, disasters happen to all businesses, sooner or later. What separates those that survive from those that do not is, quite simply, their preparedness.  

To get help designing or refining your business continuity plan, contact your managed services provider today. Power your enterprise with proven, industry-leading IT infrastructure solutions, products, and services with HPE. Find out more here.

How to build a disaster management plan

Computers and IT systems are integral to every part of a business, with downtime and disruptions likely to cause productivity losses and economic damage. Whether it’s a natural event, a cyber attack, or simple human error, when disaster strikes, solutions are needed fast. In the context of IT, a disaster management plan is a set of strategies and procedures that attempt to restore hardware, software, and data in order to ensure fast and effective business recovery.

Benefits of a disaster management plan

An IT disaster management plan should always be developed to ensure fast and effective recovery. While data backup is an important part of this process, additional measures need to be taken to ensure compliance and the continuity of critical business systems. When implemented alongside a continuity plan using accurate information from a business impact analysis, disaster management has the ability to reduce data losses, minimize downtime, and promote a healthy business reputation.

Actionable steps to ensure containment and recovery

Managing an IT disaster is a complex and challenging task, with many issues to consider and lots on the line if something goes wrong. Success depends on organization and management before, during, and after the disaster takes place. While being able to react effectively to a situation is crucial, proactive measures are just as important. From carrying out a business impact analysis and documenting risk assessment through to containment and recovery, let’s take a look at the steps you need to take.

1. Business impact analysis

A comprehensive business impact analysis lies at the heart of every successful disaster management plan. It’s no use waiting until disaster strikes. An impact analysis will allow you to research the potential impact of disaster events. Businesses that understand how much they have to lose are much less likely to fail when a disruption occurs.

An analysis is responsible for identifying critical business functions, measuring impact events, and defining recovery strategies. Generally carried out before a risk assessment, this analysis defines critical systems and quantifies internal and external risks that may affect business data and processes.

2. Risk assessment

Once a business impact analysis has been conducted, it’s time to carry out an IT risk assessment. While these two processes are linked, a risk assessment is more concerned with describing potential threats and measuring their likely impact on business processes and resources. A business impact analysis defines your potential losses, and a risk assessment identifies and quantifies actual disaster events. Successful disaster management requires both of these steps, with businesses able to dedicate resources more effectively when they link specific disasters with specific outcomes.

3. Respond quickly and contain

While planning and organization are all well and good, action is more important than anything else when disaster strikes. Having the ability to respond quickly and effectively is critical before additional problems develop. Check on people first if a natural disaster strikes, review physical damage to computer and network resources, and ensure open communication channels at all times. The extent of data loss often depends on how quickly you respond and contain the threat.

4. Recover and minimize downtime

When the actual threat has been neutralized, it’s important to stay calm and recover quickly according to your established plan. It’s important to stay productive if possible, with some businesses able to carry out manual operations, communicate via telephone rather than computer, or initialize cloud-based backup solutions.

According to Wikibon, enterprise cloud spending is predicted to grow by 16 percent annually between 2016 and 2026. It’s important to distinguish between internal recovery and cloud-based recovery, and get access to critical business systems as quickly as possible. Downtime represents the most significant cost of disaster events, at an average of $5,600 per minute according to Gartner.

5. Protect your business reputation

An IT disaster has the potential to adversely affect your reputation, especially if it’s linked to cybercrime or network security breaches. It’s important to be proactive after a disruption event and do everything you can to protect your reputation. Regular and ongoing communication with customers and other stakeholders plays a big role at this stage, so keep people in the loop and be honest about the situation. With the right preparation and the ability to respond quickly when disaster occurs, any business can face their challenges head-on and emerge with something resembling a smile.

5 straightforward disaster recovery options for SMBs

In a digital environment that’s unforgiving when it comes to downtime and outages, planning for IT disaster recovery is a critical responsibility of the modern business owner. Despite this, an astounding 75 percent of small businesses have no disaster recovery plan in place.

If your SMB isn’t prepared for a disaster, it’s important to start by understanding the basic tools that will help you navigate and mitigate a crisis.

Here are five straightforward disaster recovery solutions your SMB should consider as part of an overall recovery plan.

Cloud backups

Cloud backups can be an excellent tool for protecting your data in the event of a disaster.

A data loss event can impede a small business’s operations and drastically increase its chances of closing within six months. By performing continuous backups to the cloud, your business can safeguard its data and reduce the potential impact of a disaster.

For this reason, cloud backups are becoming increasingly popular among SMBs. Approximately 78 percent of such businesses are expected to back their data up on the cloud by 2020.

Cloud backups also have the advantage of letting you keep data geographically remote to avoid complications from natural disasters. Experts recommend keeping your backups 200 miles or more from your actual location.

Virtualization

Like cloud backups, server virtualization is useful for keeping data safe, as well as for limiting the amount of downtime that your business will experience during a disaster.

Virtual servers allow businesses to create exact copies of their data centers. If a disaster strikes, this copied version can be used to maintain essential functions while the problem is solved. As a result, SMBs can maintain high levels of availability.

Virtualization is also extremely useful for disaster recovery testing, as tests can be run in the virtual environment instead of in your business’s main system.

Mobile communication and collaboration systems

When a disaster strikes, it’s critical that your team members remain in contact. By maintaining communication through mobile devices or social media platforms, your team can coordinate its disaster recovery efforts and minimize the amount of downtime that will occur without having to be in the same place at the same time.

With good remote communication and collaboration systems in place, your business can mobilize more quickly and launch a coordinated effort to mitigate the damage.

Uninterruptible power supplies

Disaster recovery solutions tend to focus strongly on software and data, but protecting business hardware is also an important consideration. For this reason, an uninterruptible power supply (UPS) can be a very useful tool in an emergency.

A UPS is a battery device that will provide temporary power and allow you to properly power down your hardware assets.

Monitoring solutions

Disaster recovery is often a race to keep downtime to a minimum. If you are forced to deal with a disaster involving your network, monitoring software that logs changes and unusual activity can help your team identify and quickly resolve the problem. In some cases, you may even be able to head the threat off before it develops into a full-blown disaster.

With proactive security monitoring, you can keep your business safe and keep your IT systems running more smoothly.

Ready for anything

Using these five tips, your business can begin to craft a basic plan for disaster recovery.

The more you can prepare now, the less likely your company will be to experience catastrophic failures when a disaster does occur.

 

5 ways Veeam backup boosts your overall cybersecurity

Cybersecurity is a big topic in every industry due to the increase in threats and the escalating costs of recovering from a breach. If you can protect every device on your network, you’re lucky.

However, an even smarter strategy is to focus on following best practices for protecting your data, regardless of where it resides.

Veeam backup in the cloud provides an exceptionally strong backup and restoration capability.

Backup is critical for cybersecurity

Threat prevention is a valuable part of a cybersecurity strategy. On the other hand, in today’s security environment, many threats come from places that are difficult to control.

For example, research shows that 90-95 percent of cyberattacks start with a phishing email. Educating employees on the threats that may appear in their email inbox is a good first step, but hackers are very clever and many employees can be fooled.

In addition, all organizations are vulnerable, including schools and educational organizations. For example, the Department of Education issued a warning letter to schools based on several successful attempts to extort money from school districts. The personal information schools store in their records make them a prime target.

Surviving a cyberattack by using strong backup and recovery procedures becomes even more important as hackers get better at what they do.

How Veeam backup makes a difference

The Veeam software is unique in that the company developed it in the era of the cloud. This allowed the company to create a backup process that easily outperforms legacy backup software.

In fact, the International Data Corporation (IDC) market share numbers for 2017 show that Veeam leads the industry in terms of market share growth.

Here are 5 ways that Veeam backups boost your cybersecurity.

Lightning fast recovery

Provides hyper availability.

Data loss avoidance

Streamlines disaster recovery.

Verified recoverability

Guaranteed recovery of every file, application and virtual server

Leveraged data

Includes safe deployment with production-style testing

Complete transparency

Ongoing monitoring that provides alerts before operational impact

The ISG Technology and Veeam partnership

ISG Technology established Platinum status agreements for both the Veeam Cloud and Service Provider Program and the Veeam Reseller Program. According to ISG Chief Revenue Officer, Jon Bierman “The partnership goes beyond strengthening our technical team. Our sales and customer-facing teams will also be better equipped to serve our customers as we increase our alignment with Veeam.”

The partnerships allow ISG Technology to provide managed cloud backup services that take full advantage of the Veeam backup technology. For many organizations, online backup services are a cost-effective insurance policy.

With the Veeam technology, we can effectively provide backup as a service both on and offsite.

Final Thoughts

In today’s environment, organizations face several data challenges:

  • They need to gather information and offer user-friendly tools to use it
  • They need to ensure that the data is always available for internal and external users
  • They need to protect the data from cyberattacks
  • They need to ensure quick restoration of data when any type of disruption occurs

Veeam backup meets the need for keeping data available and restoring it quickly and accurately.

In addition, organizations that take advantage of Veeam technology through a managed service provider can have the same high level of capability without the capital outlay required to develop cloud backup capabilities.

3 things you might be forgetting about disaster recovery

When things are good, it’s hard to imagine how the world could ever wrong you. But when something goes wrong, it’s nearly impossible to see the sun through the clouds. Disasters happen without warning, and they can cripple a company if you’re not ready.

This is the entire reasoning behind investing in a disaster recovery plan. These procedures help companies get back on their feet after a major catastrophe, and they’re often the reason businesses don’t go belly-up following such an event.

That said, a large number of companies aren’t properly prepared for the worst. They may have disaster recovery solutions, but they haven’t fully worked them out. This can be just as dangerous as not having any plan at all, and we would like to rectify these issues by discussing some aspects of disaster recovery that you may not be considering.

1. You need to test constantly

“Everyone has a plan until they get punched in the face.” That’s a quote from Mike Tyson, and it’s just as true in boxing as it is in disaster recovery planning. Actually coming up with a plan is great and puts you ahead of the companies that haven’t, but it’s impossible to know if your procedure will work until you’ve put it through its paces.

“A huge portion of organizations just aren’t putting any priority into testing.”

Sadly, a huge portion of organizations just aren’t putting any priority into testing. Some test once or twice and think they’re done, while other literally never test at all. Therefore, it’s up to you to ensure that your company’s plan actually works.

TechTarget recommends starting with a test that checks data recovery, application recovery and communications. That last aspect is the most important, as not being able to discuss issues with your team can lead to widespread panic and confusion. The site states that these tests should happen on a “regular basis” all throughout the year, so don’t think you can do it once and be done.

Finally, you’ll want to examine audit logs to see exactly what worked and what needs some more tweaking. With enough patience and testing, you can come up with a procedure that will hopefully see you through the worst disasters.

2. What about your employees?

Although most people think of data systems and downtime when discussing disaster recovery, it’s important to realize there is a much more human element to this process that you’re want to consider. Specifically, you need to figure out what your employees will be doing during such an event.

Of course, the first step is to make sure everyone is alive and well following a catastrophe. After this, you’ll need to think about where these people can work. Will they be able to simply log in from home? Do they need access to data systems stored in the office? Do they have all the equipment they need at home?

After considering this, TechTarget asks administrators to consider the possibility of employees being displaced from their homes. In such situations, work is the last thing on an employees mind. While there’s nothing wrong with that, it’s up to you to figure out what the next step is. TechTarget recommends gaining access to trained psychological professionals in order to help workers mentally readjust.

What happens if your employees lose their homes? When an employee loses their home, they generally don’t worry about work.

3. Your workers are a major threat

Clearly, your employees are a valuable asset. That said, they’re also often the ones most responsible for disasters in the workplace. According to a 2014 report from IBM, 95 percent of data security disasters can be traced back to human error.

Although you trust your employees, this statistic shows that the best way to avoid a disaster may be to better train your employees. Exactly what that means depends on your industry and what employees have access to, but the point is that thinking about external factors like tornados and earthquakes while ignoring human error can have disastrous results.

Top things to consider in a colocation site

More data is being generated, collected and analyzed than ever before. Data storage options are also becoming major centerpieces for business continuity and disaster recovery strategies. As time progresses, it will be significantly more difficult for in-house IT to manage it all. Colocation has become an answer for organizations to achieve security, easy access and ample data storage alongside optimal uptime levels. Let's take a look at the top considerations in a colocation site:

1. Location

Where you decide to colocate is a major decision. Kansas City Business Journal contributor Dan Kurtz suggested choosing a facility close to your company's headquarters or near the majority of your employees. Having a colo facility in close proximity allows leaders to go check on their systems and manage them appropriately. It will also help provide the connectivity and latency that users require. The facility should also be in a place that is protected from severe weather events and disperses water away. Details like these will enable organizations to avoid disaster and drive continuous operations.

The facility's location could impact your decision.The facility's location could impact your decision.

2. Security

Your colocation site should give you peace of mind that your data is protected. Data Center Journal noted that there should be multiple levels of security externally as well as internally. This could include monitoring systems, physical barriers and layered security zones. Keycard access, staffed checkpoints and alarm systems should all be standard features. Guards can constantly monitor visitor access and ensure that no unauthorized personnel are able to access your hardware or data. Ask what types of safeguards are in place as well as what Tier compliance the site has. These considerations could make a big difference in where you decide to colocate and what vendor you choose.

"Compare vendor prices to quote comparable facilities and support services."

3. Pricing

The cost associated with colocation services can be a major factor in your decision. TechTarget contributor Julius Neudorfer noted that while this shouldn't be the crux of your choice, you should compare vendor prices to quote comparable facilities and support services. The amount of power and cooling required will play a big part in your price, and each provider will have its own formula for supplying these utilities. Carefully consider your options based on the solutions provided, history of success and industry costs. These factors will help narrow down your options to the best colocation facility for your requirements.

As data becomes more of a priority for businesses, it will be important to store, manage and protect this asset effectively. It's often time-consuming and expensive to build and manage a data center on your own, but with colocation, you can have a data center without all the cost. The facility itself is governed by the provider, while you maintain your hardware. It will be important to look at the facility's location, security capabilities and service pricing compared to other vendors to guide you to the best solution. For more information on choosing a colocation site, contact ISG today.

Backup and Disaster Recovery: What's the Difference?

Unexpected downtime and compromised files are major threats to modern businesses as attack vectors continue to expand. As a result, many organizations are working to better protect their information through backup and disaster recovery. While these two initiatives have similar goals – protecting a company and its data – they should not be used interchangeably.

Backup and disaster recovery are two separate assets that can be used in tandem for an effective business strategy. Knowing the differences between these initiatives will help managers understand what they entail and where they fit into the grander scheme of business continuity efforts.

Backup business data

Backups are essential to disaster recovery strategies, but not every situation that calls for backups happens on a disaster scale or causes major business downtime. For example, if an employee accidentally deletes an important file, he or she can easily retrieve it if the document was archived or backed up. A backup initiative is the first line of defense against losing files due to human error or equipment failure, BizTechMagazine contributor James E. Gaskin noted. Backups are the most basic form of file security and accessibility that an organization can utilize.

Backups are the first part of a disaster recovery strategy.Backups are the first part of a disaster recovery strategy.

Traditionally, companies would back up their important data onto tapes on a scheduled basis. However, the physical nature of this technology made it vulnerable to adverse conditions and prolonged use. Once security in the cloud improved, a new doorway was opened up for businesses to store and access their critical information. It's highly advised for organizations to evaluate their documents and back them up according to priority. Backup initiatives should follow the 3-2-1 rule: three backup copies, stored across two different mediums like hard drives and the cloud, with one stored offsite. Using this method, organizations can ensure that they always have an up-to-date version of their data available.

Prepare with disaster recovery strategies

As noted earlier, backups are a significant part of disaster recovery, but they are just the beginning. In order to have a truly effective disaster recovery strategy, businesses must have the right recovery systems connected to its data to reflect the production environment as well as the right people and processes in place when needed, Forbes contributor JP Blaho noted. Such a plan improves resiliency against events such as adverse weather events, cyberattacks, outages and other disaster situations.

"It's vital for operations to get back on track."

Disaster or unexpected downtime can severely impact a business's ability to recover and retain its unblemished reputation. It's vital for operations to get back on track as soon as possible, and a comprehensive disaster recovery strategy is the guideline that will help organizations get there. An industry survey of IT professionals found that 54 percent of respondents had a data outage of at least eight hours within the past five years, The Wall Street Journal reported. These events happened for a variety of reasons, including hardware malfunctions, power outages, human error, malware attacks and data corruption. However, despite these events, 40 percent of participants didn't have a documented recovery plan. Organizations must not only ensure that they create a comprehensive disaster recovery plan, they must also train employees and test their strategies at least once a year to identify any gaps that need improvement.

Protecting a business is no easy feat, but backups and disaster recovery are major pieces needed for this effort. Understanding the differences between the two initiatives and the situations where they are used will help organizations utilize them more effectively and establish a clearer strategy for business continuity. Preparing today can help avoid critical events in the future.