Imagine if you lost all your data from one of your business computers or worse yet, your company server. Imagine if you lost all your accounting and financial history, all your customer information, and all the other work you took years to create? Imagine if suddenly you couldn't operate your business. What is the impact of lost revenue and productivity? Most businesses don't think about this until its too late. The time to plan is NOW.
Consider all the risks to your data. Cyber security is in the news all the time - major businesses such as Target, Home Depot, and Sony all had major breaches last year. "Ransomeware" viruses are making headlines. With this new type of virus, your files are sabotaged and you're asked to pay ransom to recover them. Scary stuff. Your business also faces risks from lost or stolen equipment, user error, hardware failures, site catastrophes, and even sabotage. Although many businesses get by and never experience a major event like this, if it happens to you, its too late to create a plan after the fact.
WHAT are you protecting? The first step in creating a disaster recovery plan to to fully understand WHAT you're protecting. This includes your financial information, customer information, line of business data, emails, and all the documents you've spent years creating. Over time, things keep getting added, and without a focused inventory, its easy to not fully understand what you have.
WHERE is your data? The next step is to evaluate WHERE your data is located. Is it centralized on your server? Is it distributed among many PCs and laptops? Are employees really following rules about where to store important data (hint: they're probably not). Asking where your data is sounds like a simple question, but when you take a serious look, its not that simple.
COST of downtime? Finally, your business will need to assess the COST of lost data, down time, lost revenue, and lost productivity. For example, you may have a rudimentary backup that protects your irreplaceable data, BUT recovering that data on new hardware could talk a week or more. What is your cost of down time? What are the compliance requirements in your industry?
What can you do? Your first line of defense is to put in as many safeguards as possible to protect your data. This includes perimeter security, antivirus protection, security patch updates, strong passwords, physical security, etc. We always advise to think about security as "layers" of protection.
However, keep in mind that there is no such thing as 100% security. Also, you still need to plan for hardware failures, human error, and site catastrophes.
With this in mind, your backup will save your business.... or not. It's time to get a solid plan. Recently at a local office building where one of our clients is located, during routine electrical work in the building, what was described as an "explosion" occurred and many systems were damaged. NO ONE was expecting this, but fortunately the client was prepared and recovered quickly.
Often when we meet with clients and suggest a data protection plan, we are asked why? Why isn't our old tape backup ok? Why isn't it ok to manually swap out drives? Why isn't it ok to just expect the backup software to work every day on its own unmonitored?
As a starting point, ANY backup is better than NO backup. Take a look at what you're doing. there are many choices a long the way
Local vs Off-Site: Local recovery is fast, but if you have a site catastrophe, you're not protected at all
"File and Folder" vs "Image": Its easy to miss important data with a file and folder backup and if you need to recover and entire system, you may take days or weeks to get everything installed again.
Manual vs Automatic: We meet many businesses who are diligent about running a manual backup, but the people who are diligent about taking the backup off site are rare. Often backups are missed, or the media is stored with the systems.
Unmanaged vs Managed/Verified: If you don't verify your backup, you can't be sure it is actually recoverable. If you're using tape (you shouldn't!), its estimated that around 40% of tapes aren't recoverable. If you installed software how do you know its actually working properly without checking every day.
Don't delay! Take an in depth inventory of WHAT you're protecting, WHERE it is, and the COST of losing data, or downtime during recovery (if you can recovery). Only with this information can you make a smart decision about how to protect your business.