Understanding Disaster Recovery
When the term disaster recovery comes to mind most people think about the slew of natural disasters -- tornadoes, hurricanes, blizzards, and more. However, in the small business world these types of disasters make-up only 10-14% of all disasters that severely affect businesses. The real question is: what makes up the other 86-90% of these disasters and how can I protect my company’s data?
You may have guessed it: the most common issues are human error, security breaches, and the unfortunate equipment failure are some of the top reasons companies suffer. It is easy to think these problems will not happen to you, but I assure you without a plan of action you are only hurting yourself. Len Oppenheimer’s near disaster story should become a reminder for all of us.
Len Oppenheimer, Chief Executive of the Golden Box, a company that supplies packing materials for its clients in the tristate area in NYC was almost out of luck when a power surge in his office damaged an essential server. He said, “We had started doing backups literally three days before the server went down”. The Chief Executive went on to say,“If we hadn’t had that safety net in place, I hate to even think about where we’d be right now.” Before all of this scares you too much, there is good news: disaster preparation is always available. Knowing exactly how to prepare is crucial. Most companies that have experienced a disaster would consider constructing a recovery plan to be the best way to solidify your company’s success while everything is collapsing.
Where to Begin:
First-things-first, define your need. Jennifer Walzer, an experienced small business owner and New York Times writer, asks the most important question,“If you walked into your office tomorrow and your data was gone, what would you miss the most?”
It may take some time to defined, but once defined you can create an action plan to make sure your data is recoverable. Sometimes this question is difficult to answer, and that is where an IT expert comes in. An expert can inform you on the best data backup support systems and design an infrastructure to fit your needs.
Perform an Audit:
Secondly, a recovery plan requires your company to perform an audit to determine answers to some of your business’ life-or-death questions. You should know how at risk your company will be if a disaster strikes and how much downtime is possible before matters become worse.
For example, you may have an employee that tends to cook soup or another lunch item on your company stove. Just this once she or he decides to leave the stove unattended to go to the bathroom. Only a minute or two later the food boils over and causes smoke to envelop the kitchen. Suddenly, the fire sprinklers rain down onto your in-house servers and company computers. Now, what?
If such a disaster strikes, it is necessary to create a fallback plan to keep your business running as smoothly as possible. A fallback plan should consist of a secondary location to do work or an alternative way to communicate with clients.
Disseminate the Information:
Next, before the plan is completely outlined with details and priorities it is best to give each employee a part of the recovery process, this distinguishes between what is supposed to be done and who is supposed to do it.
Owners and managers should disseminate this information to staff so they are in the know about recovery procedures. You may think it lacks importance, but communication is one of an essential aspects of the recovery process. For instance, if one of your employees clicks on a malicious link, instantly knowing their computer is infected with a virus you would rather them come to management instead of briefly glossing over the subject to another employee.
Practice, Practice, Practice:
However, none of this will work unless your company practices their plan alongside other mandatory mock natural disaster tests. Make sure your company is well-rehearsed, so employees can be held accountable for a real disaster.
Mock tests also include checking on backup systems frequently. All backup prevention support varies; therefore, your company should know how all your backup systems work.
Preparing for business continuity is becoming more imperative, especially for small businesses where a trivial disaster can put them out of business. However, disaster recovery plans can feel tedious and possibly a costly measure for something that may or may not happen. But, Len Oppenheimer can be our cautionary tale, by reminding us that unexpected things do happen.
The 3-2-1 Rule
Backing up your data is an absolute necessity. If a drive fails, a file becomes corrupted, or ransomware scrambles files, being able to recover them makes the difference between an inconvenience and a catastrophe. Losing data and not being able to recover is a common cause of business failure.
The key to successful backup is making it automatic. No one has the time to remember to run a backup every day; it should simply happen.
The 3-2-1 Rule
Having just a single backup volume next to the computer is insufficient protection. A widely recommended rule of thumb is the 3-2-1 rule for backup. It works like this:
Have copies of your data on at least three different devices, counting your active drive.
Keep the copies on at least two different storage devices. Having each copy on a different device is best.
At least one copy should be offsite. If a physical disaster ruins your entire office, there should still be a safe copy in another location.
Incremental Backup and Versioning
Backups should be frequent. One a day is a minimum; one every hour or less is better. Copying a whole drive on such a schedule is impossible but also unnecessary. Most backup software is designed to copy only files which have changed since the last time. In the case of very large files, they may copy just the parts which have changed.
Most backup software will keep old versions of files, up to the limit of their capacity. When the volume is full, the oldest versions will be deleted to make room for new ones. This provides multiple snapshots of the volume being backed up. If a file has been damaged for some time, or if the most recent backup is infected by malware, being able to recover an older version is a life-saving option.
To guard against dangers that affect an entire office or data center, there has to be an offsite copy. However, backing up to it requires special precautions. The backup needs to be strongly encrypted, both in transit and in storage. The offsite storage should be physically secure and well maintained.
Your backup plan needs to make sure that all important data is covered. The typical small business has files on multiple desktop machines and servers. As the network grows, so does the number of machines to back up. Forgetting one of these could leave a gaping hole in the company's data safety. Systems which hold infrequently used data are easy to forget. The files on them may be crucial even if they are less often used.
The other side of the backup equation is recovery. When data loss strikes, a quick recovery is important. Not only data files have to be restored, but applications and settings. The best way to avoid problems when recovering them is to store a full system image. It holds a complete representation of a bootable volume. After a disaster it can be brought up on the original machine if possible, or a failover machine if necessary. Restoring a system image is much faster than restoring individual files. It minimizes downtime and associated loss of business.
The Importance of Data Backup
If your business has never experienced data loss, then you might not fully understand the importance of data backup. However, you need to have reliable and efficient data backup systems in place as mitigation for any unfortunate eventuality. Here are some grim statistics on the disastrous nature of a possible data loss:
- 20% of small to medium business face the possibility of a critical data loss every 5 years, which often result in a disaster.
- 40% of the small to medium businesses using the internet will have their networks hacked by a cybercriminal. Worse still, 50% of them hardly realize their systems have been hacked.
- 93% of the businesses that suffered a data downtime of more than 10 days filed for bankruptcy in less than a year. 50% of these companies filed for bankruptcy on the spot.
How to Store Your Data Safely
You may have to invest in alternative data storage hardware, ranging from solid-state drives, hard disks, and servers. Remember that a backup copy of your files on your PC may not amount to much if the PC gets compromised.
However, you need to be aware that these physical storage devices have their limitations. They may malfunction, crash, or get stolen altogether. Besides, the initial cost of setting them up can be high. For these reasons, you have to consider another option – moving to the cloud.
Moving to the Cloud
You may already be in the cloud, if you are using Gmail, Microsoft's OneDrive, or Yahoo mail. If your business has access to a high-speed stable internet connection, consider investing in cloud storage. It involves storing and backing up your files on a virtual online location so you can access them whenever and wherever the need arises.
Cloud storage has the advantage of flexibility since you can access your information from any internet-enabled device connected to the network. Also, it is can be more secure since it has the security features of the cloud system which you can employ alongside those of your business.
Why You Need to Back Up Your Data
Continuity of your business
Every business requires continuous, uninterrupted access to its data. When your servers crash or get hacked, several critical activities of your business may come to a halt. These important activities include communications with your clients and suppliers and filing of business records. Disrupted communications may give your clients and suppliers a bad impression thus, casting the image of your business into disrepute. Backing up data means you can restore everything within the shortest time and get back to business as usual.
Safety Net Against Cybercriminals
The threat of data downtime is real. Cybercriminals have improved their skills and are now targeting any business. You may fall victim to a ransomware attack, and whether you pay the hackers or not, the harm on your business would be catastrophic. But storing your files in a safe and reliable backup would leave the hackers in dismay because you would only have to reconfigure your systems and retrieve your info within a short time.
Cutting Costs of Data Recovery
Once you have secured your data in an efficient backup system, it would be cheaper to recover it in the event of a downtime. If you do not back up your data, you may have to overhaul the entire system to get your business back on track, which could be very costly.
The Cost of Downtime
When your website or network goes down, it is a inconvenience to you, your employees, and your customers.
IT downtime is a common problem and can affect every part of your company. IT downtime costs businesses an average of $1.55 million in a typical year. Why, exactly, is downtime such an expensive problem?
- It annoys customers. A loyal customer not being able to get to your website once might not be a problem. However, even one outage that happens to coincide with a new customer's first visit can cost you that customer. Frequent or repeated downtime is likely to send customers elsewhere. If a customer has their email to you fail with a permanent error, they are unlikely to try again. Good, loyal customers may be the ones telling you about the downtime, but that does not mean they are happy about it.
- It damages your reputation. Annoyed customers complain. Sometimes they will go all over social media to do it. It might even be picked up by the media. A lengthy downtime makes you look bad, no matter what the cause. Short of a natural disaster, customers generally do not except excuses. Major outages can hang over you for months or even years. Many people still remember the British Airways crash that resulted in thousands of canceled flights right at Christmas. A small company might not have to worry about global reputation in the same way, but your reputation in your community can still suffer, costing you both new and existing customers.
- It wastes employee time. Most employees spend about 30 minutes a week just on fixing random PC problems. An unplanned reboot takes time out of an employee's day that they may or may not be able to use productively. Not all employees can continue to work without their computer, and they often end up waiting for it to be resolved. The average time it takes IT to resolve downtime is a little over three hours.
- It results in IT spending time on fixing downtime that they could be spending on optimizing and improving systems so that they are more efficient. Of course, downtime can also happen after an upgrade is installed, especially if IT is rushing to do it by a certain deadline.
- You may have to hire an outside person to fix the specific problem you are having, especially if you are a smaller company with little or no in-house IT. In general, it is a lot easier to prevent downtime than it is to fix it.
So, downtime costs are not limited to just the costs of fixing it, but also affect your reputation, your sales and your time. Because of this, it is vital for businesses to address the causes of downtime. For example, retail outlets most often experience problems on Black Friday and the following weekend or right before and after Christmas. This is caused by overload, which is one of the most common causes of downtime. The overload is often increased by "retry spikes," which is the traffic caused by people trying the site again to see if it is up yet. Ironically, this can keep it down.
Other examples can include poor coding, cybersecurity issues, hardware failures such as a hard drive dying, or natural disasters. The best way to deal with downtime is to have a solid plan to both reduce downtime and speed your recovery from it. Professionals best handle both of these things, and smaller companies benefit from outsourcing their IT to an experienced company which can handle the problem quickly.
Major Causes for Downtime
Downtime is inescapable. However, the top reasons for downtime are mostly IT-related. With issues ranging from Social Engineering to hardware failure, it is nearly impossible for companies to pay equal attention to every cause of downtime.
Fortunately, there are ways to limit the overall amount of downtime your company could endure. Here are the major causes and solutions for downtime:
- Social Engineering
If a person uses deceptive methods to pressure you into sending personal information for their gain, then they are using Social Engineering against you. Hackers tend to use big-name organizations to scam a larger population. For example, Dropbox, the file sharing Internet Company, has had its own share of Social Engineering attacks. One bad actor lured its users to sign into a fake login page that was set up on Dropbox itself. Scams, such as these, could install malware, a virus, or Ransomware on your network, causing it to be down until your company’s IT partner removes it.
- Hardware Failure
Hardware failure is a major cause for network downtime because it is unpredictable. Worrying about deadlines and planning can quickly become unimportant if you experience a large-scale equipment failure. For example, an outdated server or generator outage, can cost money, not to mention loss of reputation and unhappy clients.
- Software Failure
Another cause for downtime is software failure, which usually happens when a software provider does not test patches before clients receive them. Corruption of applications can occur from this, and eventually stop entire systems. Software failure can also happen when an operating system gradually dies, simultaneously causing the software to go too. Lastly, as always, viruses and malware can cause issues with software.
- Natural Disasters
When we think of disasters, our minds usually go to the natural ones, including earthquakes, tornadoes, and hurricanes. Though Natural Disasters account for only four percent of downtime, they are still an issue for organizations, especially since they are the least preventable incident.
Use These Three Ways to Cut Your Network Downtime:
- Disaster Recovery Plan
When an incident occurs, your organization should have a step by step plan of action. Crises are never easy, but a rehearsed plan will make the incident more manageable and will hopefully take less time to find a solution to the problem. When a solution is in place, it can limit your downtime, essentially cutting profit loss.
- Keeping Backups
Another important way to minimize the costs and consequences of downtime is to create backups. Keeping copies of data gives access to your work when the network is down. There are several ways to keep backups including the Cloud, Network Attached Storage (NAS), or Dedicated Backup Software.
Unfortunately, backups do not always work; therefore, one important thing to remember is to frequently test them. Not checking backups regularly could lead to data loss.
- Installing a Disaster Recovery System
A Disaster Recovery System (DRS) is similar to a backup, but a DRS helps with major incidents. This system takes snapshots of a computer, saving everything from data to applications. Therefore, you will not have to worry about losing anything necessary for work, even if downtime strikes.