No one likes planning for the worst (except perhaps, my Dad). But having a viable back-up plan in place in case events don’t go your way isn’t the same as planning for failure.
Especially in business. In fact, safeguarding your company’s information, correspondence, clients, and systems is vital for your long-term survival.
But if you’re a small business owner concerned about losing access to your data (or losing it all completely) you may have asked this question.
How do you go about creating a viable disaster recovery plan that will work just for you?
According to the National Archives and Records Administration, more than 90 percent of businesses that lose access to their data for one week go out of business within 12 months. I don’t want to be a scaremonger here, but what would happen to your business without your valuable data?
Related Article: Internet of Things: Security, Compliance, Risks and Opportunities
Assess Your Risks
Assessing your risks is the first step towards designing a disaster recovery plan that will rescue your business from the seen or unforeseen. To start with, if you’re not backing up your work or making sure your employees are, then the first risk to your business is you.
Alex Viall, CEO of Mustard IT Support Services says, "You should backup all important information regularly and copy files to a protected system that you can always access. After all, you never know what will happen and you have to be prepared." While you may have moved away from paper documents a long time ago, are you making use of cloud computing? And if so, are you backing up regularly? If your RFPs and RFQs are stored on your server or individual computers, then your company is at serious risk.
OK, so you may not be in an earthquake zone. There may be zero tsunami risk and the last hurricane to blow through your area was back in… wait, there’s never been a hurricane in your area. It’s true that some geographic regions are more at risk of natural disasters than others.
But what about an electrical fire? Terrorist attack? Or gas explosion? What if some unthinkable event tore your office apart tomorrow? Would you be able to salvage your core business from the ashes? You may have building insurance and a contingency plan for getting your employees out of a building fast. But what about your data?
Making use of cloud computing is an integral part of your business continuity and disaster recovery plan. Not only will your data be automatically saved, but you can also access it from anywhere. Share documents and collaborate with colleagues wherever you may be. So, if your building is inaccessible for any reason, you can still move projects forward.
Microsoft Office 365 is an excellent and easy package to start with that makes your introduction to cloud computing flawless, as you’re working with programs you already know. It allows you to keep all your Office software online and provides continuity.
Related Article: What's Your Disaster Recovery Plan?
Getting used to storing your work in the cloud gives you easy access and ensures that all the latest versions of Word, PowerPoint, Excel, and OneNote are up-to-date and backed up. You can also invite customers from outside your organization to share your documents, removing the need to send multiple emails.
“Companies these days are facing increasingly complex threats to their data security,” says Roy Castleman, CEO of Prosyn, experts in Business Continuity and Disaster Recovery Planning. Security threats and hazards used to be much simpler, such as a hard disk failure, or an entire server being wiped out in a natural disaster, flood or fire. But the truth is, these days, the enemy within has become a much greater concern.
Most IT managers worry more about security threats from their own employees than they do from external entities, like hackers and malware. Threats from internal security issues with a company’s employee have risen in recent years.
Although it isn’t always the malice of an employee as much as accidental behavior, unwittingly clicking on something they shouldn’t and unleashing a great threat to the business. Malicious viruses like ransomware, can infect a network with malware and effectively hold your system hostage in exchange for payment. The Washington Post reported that the FBI received as many as 2,453 complaints in 2015 alone about ransomware, with victims losing as much as $24.1 million.
Best Practices for Small Businesses
According to Ismail Jadun, World Backup Day founder, “the 3-2-1 rule is a pretty good rule of thumb” for small business to follow in backing up data. How does the 3-2-1 rule work? Companies should have at least three physical copies of their data (on three company computers, for example). Two copies should be stored in two different formats. And one backup copy should be off-site.
The Small Business
Protecting their cyber security can often be harder for small businesses. While your company may not be as targeted as a giant like Microsoft or Google, you probably don’t have access to a large IT department dedicated to data security. In these situations, you should outsource your IT security to a local company who can respond rapidly to any emergency. Not a one-size-fits-all solution, but as Castleman advises, a provider "who can understand the core critical failure points within your business.”
Often, small businesses fail to see the difference between storage and backup. In many cases, simply storing your documents in the cloud isn’t enough. You need to back them up as well. For example, if you’re making use of cloud computing, you also need to have a system in place that regularly creates copies up your data regularly. Being aware of the risks and setting best practices for all employees to follow is the best way for small businesses to develop an effective disaster recovery plan. Avoid potentially malicious acts and suspicious emails from causing havoc.
Related Article: Data Breaches: How To Deal With Them and Recover
Finally, as with any other business area, once you have a backup plan designed, you need to make sure that you test it. This means training your employees in their role in the event of any given disaster. Making sure that everyone has remote access to the right programs and that your backup system is effective. Remember that employee's change and technology advances, so your disaster recovery plan should be regularly reviewed to make sure it reflects these changes.