Depending where your business is located, the risk attached natural disasters can vary. To help, here is a survival reference guide to ensure your business can weather any storm. Since it is hurricane season, let's use hurricanes as a point of reference for this guide. Hurricanes and tropical storms wreak havoc through a combination of heavy wind and rain. They may also be accompanied by surging tides that flood that affected area.
The impact
Hurricanes and tropical storms impact businesses in the following 3 ways:
- Damage to the facility due to high winds, flooding, and objects that become high-speed projectiles capable of smashing through windows, roofs and other structures.
- Extended power outages, road closures, and other lasting damages can put a facility out of reach for at least a week.
- Regional impact can affect customers, supplies, and business partners - as well as the homes of employees.
The risks
On average, a dozen named storms occur along the Gulf and Atlantic coasts each year. Major disasters, such as Hurricane Katrina and Superstorm Sandy, illustrate the potential damage that can result when these events strike heavy populated areas.
Preparation
Approaching storms usually have an advance warning as they approach. However, because the paths of the storm are difficult to predict, these warnings can often be false alarms. THis si the reason why some businesses fail to respond to storm warning due to the "Cry Wolf" syndrome.
Technology Continuity
Hurricanes and tropical storms can put a data center out of commission for a day or longer. All businesses, especially those operating in hurricane-prone areas, should be prepared. Preparation should include the following:
- Continuous off-site backup of data and applications.
- The ability to restore IT operations in the cloud and/or site in an area less likely to be affected by the storm. This can be areas that are more inland from the coast.
- Website posting that alerts customers and partners about storm preparation-along with frequent post-storm updates to track the progress of recovery.
Personnel Continuity
Major storms can affect regions for an extended period of time. Business continuity plans need to include the following:
- Availability of a sufficient facility, away from the affected area.
- Temporary housing necessary for key employees whose homes are also in the path of the storm.
- Internal communications for keeping employees updated on resource availability and recovery status.
- Any required third-party contracting for key services, such as shipping & receiving, mail processing, etc.
Process Continuity
Aside from making sure their own operations continue uninterrupted in the event of a regional disaster, businesses should be prepared to help their nearby customers and partners to get through the crisis. Planning should include:
- Communications with local/regional customers and suppliers who may also be impacted by the storm in advance.
- Pre-determined policies regarding turnaround times, invoice processing, scheduled service visits, and other activities affected by the storm.
- Direct servicing of customers by supply chain partners, where feasible.
To learn more or obtain assistance for disaster recovery and business continuity, schedule a free technology assessment from QWERTY Concepts. We will help you determine the best strategy to weather any storm.
Ten years after Katrina devastated New Orleans, IT pros say being less dependent on physical locations is just one of the keys to ensuring your company doesn’t go out of business when disaster strikes.
It’s hard to be truly prepared to take the full impact of a Category 5 hurricane. Ten years ago, in the case of Hurricane Katrina and the city of New Orleans, there was the added devastation of flooding caused by failed levees. It will hopefully be a very long time before another disaster of that magnitude strikes New Orleans, or any other city for that matter, but organizations still need to be prepared for such an event. As it turns out, the cloud is an ideal tool for managing the risks associated with a hurricane or other natural disaster.
Even prior to Hurricane Katrina it was a security mantra and data protection best practice to ensure at least one backup of crucial data was maintained offsite. The logic being simply that you don’t want your primary data storage and all of your backups to be destroyed in the same hurricane, fire, flood or earthquake.
Offsite backups solve only part of the problem, though, if your servers and data are maintained locally. When disaster strikes and wipes out your primary data, you’ll have to acquire the backup data, deploy and configure new hardware at some secondary location, and restore the data. You’re still looking at days of downtime in a best-case scenario.
Embracing the cloud to reduce risk
The city of New Orleans and businesses like Entergy and DirectNIC that struggled to survive the devastation of Hurricane Katrina learned some valuable lessons. One of the primary caveats when it comes to business continuity is to mitigate risk by embracing the cloud.
Lamar Gardere, director of information technology and innovation for the City of New Orleans, admits that things were still in disarray when the current administration took office in 2010. The IT infrastructure was aging and many of the city’s critical applications were still being run on physical servers.
One of Gardere’s first tasks was to modernize onto a highly virtualized infrastructure to allow for servers to be quickly created, resized and moved from one site to another in the case of a major disaster. “We created a private cloud with the ability to leverage all the same capabilities as you might imagine are available if you were using Amazon’s cloud, for example. This flexibility is at the heart of our disaster recovery capabilities and allows us to quickly transfer/failover services to remote locations,” Gardere says. “During normal times, it also allows us to maximize our infrastructure investment, consolidate IT resources across areas of government, better manage resources remotely and respond more quickly to our customers.”
DirectNIC is one of a few businesses that managed to stay up and running during Katrina – partly a result of being prepared and partly a function of being safely on the 11th floor well above any flood damage. Even DirectNIC learned a thing or two from Hurricane Katrina, though. Vernon Decossas, CEO of DirectNIC explains, “We host our own operations, however, we also have the ability to move our operations onto cloud providers within the span of hours. It’s provided a peace of mind that we can keep our operations going regardless of external issues.”
Gardere also elaborates on the decision to implement a private cloud rather than simply provisioning services from one of the public cloud providers. He notes there are pros and cons to public cloud for any organization and that the city weighed those on a per-application basis to determine the best solution. “The City uses the cloud strategically and where appropriate to take advantage of its convenience while avoiding some of its problems. Perhaps most notably, the City has moved its payroll system to the cloud using ADP, ensuring that this critical but low bandwidth application is available regardless of the state of the City’s IT environment.”
Moving beyond the cloud
Leveraging the cloud and moving critical servers and data to a cloud-based infrastructure will help organizations in New Orleans mitigate risk and maintain business continuity the next time a major natural disaster occurs, but it’s not enough by itself. Beyond the cloud, organizations also must have a clearly defined business continuity and disaster recovery plan in place and have staff that are properly trained to execute it when the time comes.
“Entergy holds yearly storm drills to prepare all of our employees for what may come. We use that time to talk about ‘what ifs’ and come up with solutions to questions posed during the drills,” says Kay Jones, a spokesperson for Entergy. “We use this time to get better at responding and be prepared for any situation that can arise when a storm hits our service territory.”
Gardere stresses the importance of performing regular maintenance on backup equipment that rarely sees use and talked about how the City of New Orleans continues to strive toward more complete testing and monitoring procedures. “We perform semi-annual tests of basic back up functions and hold an annual table-top exercise simulating a hurricane to test strategy execution. We refresh documentation and review roles and responsibilities on an annual basis.”
Live to fight another day
For some companies even the best business continuity and disaster recovery plan won’t help. A local restaurant or the corner gas station can’t just continue operating from the cloud or move to an alternate location. No amount of practicing or preparing will enable such a business to remain operational while it’s literally under water.
Those businesses can still benefit from using cloud-based applications and data storage to ensure those things survive the catastrophe, though, and thankfully most businesses are not that dependent on the specific physical location. By moving critical systems and data to the cloud and practicing to smoothly implement business continuity and disaster recovery procedures organizations can mitigate the risk of the next Katrina-like event and be prepared to continue operations.
Data protection is highly relevant among businesses, especially in the growing digital marketplace. Data protection is viewed to include data privacy and security. It involves the collection and use of data and its accessibility for various users within the organizational network. Data protection systems are applied in every data storage infrastructure of organizations to ensure that data can be retrieved without the risk of losing them when the system crashes occur. There are different aspects of your data storage that need protection and small businesses need to identify the loopholes in their data safety and privacy protection system. This data protection guide can help businesses secure their data, whether they are stored within their internal data storage network or in the cloud.
Access controls on your network
Data are stored in different locations. Some businesses use laptops, computers and their own data storage center for keeping business information. Controlling who can access them is a basic security measure that business owners can do in order to protect their data. Once you know which data resides where, you can determine the extent of accessibility to be available within your system. The data may take different forms. It may be private company information, sensitive data involving trade secrets, customer profiles and other data collected needed for business operations. Each of them requires a different level of data protection and access. To limit data security breach within your internal structure, it is prudent to limit its access to authorized personnel only.
Use an automated backup system
Most small businesses manage their data backup center manually. However, higher volume of data floods their storage center and this will entail more backup efforts and time in performing backing up data centers. It is wise to automate the process to ensure that all data stored are protected, especially when disasters occur, such as system crashes and downtime issues. Cloud backups are getting more popular these days which help business owners eliminate the redundancy of performing manual backups of data. This is most useful to small businesses without enough cash flows to buy their own IT data infrastructure to collect, store and protect data.
Arm your data storage center with a protective suit
Backing up data is not sufficient to keep data safe. Business owners understand the risks of cyber breach and it is the most prudent step to insulate their data server against cyber attack, malware and viruses. Safeguarding data with reliable antivirus programs provides another security layer to all of your incoming and outgoing data. Establish a strong firewall between your internet and data storage center in order to block potential intrusions within the data network.
Identify the potential risk of data breach from bring-your-own-device (BYOD)
The integration of BYOD as part of an organization’s IT initiative to promote business productivity and cost efficiency may be beneficial but may also be a source of data security breach. Identifying the BYOD risks will help you address potential sources of data breach to help enforce more specific security measures. The use of BYOD can increase data security issue when it involves a geographic deployment of data access to mobile devices outside your internal organizational environment. Among the security measures that organizations can take to protect data include the following:
Invest in mobile device management (MDM) system that will allow the enforcement of data protection policy for employees’ mobile device with the ability to monitor data access from it.Evaluate the risks by investigating on the current data access system using devices within your organization and take measures to mitigate the risk based on the potential breach scenario.Use a data encryption process and industry standard data protection system, such as using PIN code access, remotely wiping data in case of intrusions, and data protection measure against a number of failed log in attemptsSet up a security baseline to limit data access of employees.Identify between secured and unsecured mobile devices before grant of data access.Implement a stringent authentication process, especially in accessing critical business applications.Use a mobile anti-virus program to counteract malware prone BYOD mobile operating systems data breach.
Employ reliable IT support
As your business begins to grow, you should expect a more data influx that makes the manual data protection processes and monitoring no longer viable. Hiring reliable IT professionals can help you expedite the implementation of your data protection and security policy. This will help you to focus on your business data value and translating them productively to your business operation with less worry on data security breach. However, make sure to hire reliable IT personnel because in-house data theft remains to be a big issue in most companies.
Consider the implications for cloud computing security
Cloud computing offers marketers a more cost efficient data storage option and it helps promote organizational efficiency with the ability to access data remotely in the cloud. However, this innovative technology comes with some security risk issues that businesses need to recognize and address. Among the concerns of transitioning from an in-house data storage center to the cloud is the major decision of transferring data security and protection responsibility to a third party – the cloud data storage provider. Among the considerations you need to take prior to embracing the cloud computing technology for data storage include weighing privacy issues, data access and control and security features of third party providers.
To secure data within the cloud environment, businesses can take the following measures to protect data privacy and security:
1. Implement governance and compliance processes against risks
The security environment in the cloud is similar to an in-house IT infrastructure, however, the potential risk on data privacy and security is far reaching because the storage center is moved to an external environment, the internet. A viable solution is to ensure that your cloud hosted applications and data are secured in accordance with your security agreement and verify compliance of the cloud data center provider.
2. Employee management on data access
Cloud computing provides an avenue for a more efficient collaboration of employees in sharing and accessing company data. Bigger companies probably have more than a dozen employees accessing their data center in the cloud. To prevent unnecessary access to data, implement a secure provisioning of identifying devices and employees that access to your data center and limit the extent of the accessibility of data only pertinent to their job functions.
3. Observe regular audit trails on data security compliance
This is a protective measure that you can implement regularly to monitor the high standard of IT security systems that operate within your company. This provides managers the ability to control and monitor the cloud environment that setups their data storage center and identify security agreement breach at the earliest stage.
Finding a good Backup and Disaster Recovery (BDR) solution is not as easy as it seems. With so many options and providers out there - it's easy to get lost in the hussle and bustle. And though many solutions are re-branded versions of the same product, they each offer unique advantages that may seem appealing. Below are 3 common BDR misconceptions.
A new disaster recovery solution will replace my current backup solution
Many business owners and managers hear backup and believe they already have a system in place, but that's usually not the case. They typically forget about the disaster recovery and business continuity aspect. In addition many customers believe a new BDR solution will simply replace their existing backup solution. The truth is, a BDR solution offers more, much more.
To properly protect a company's data, a full BDR offering includes not only backup, but disaster recovery and some form of business continuity, too. Because every company's needs vary - this cannot be done via a template. Picking the right IT solutions provider is a critical step to building a disaster recovery and business continuity plan.
Cloud-only solution
Many confuse a Backup and Disaster Recovery (BDR) solution to be a cloud-based backup solution. Because of the hype of the cloud, many simply fail to understand the importance of local backup and disaster recovery. One thing many don't realize, is that the cloud backup is only as good as the line sending the data - and speed is not the only critical factor.
Restoring an entire server from the cloud is not as quick as snapping your fingers. We are dealing with the natural inheritance of data transfer here. Potentially hundreds or thousands of gigabytes need to be downloaded back to a new server in order to restore from a cloud-based backup. Having a BDR solution will easily provide a much faster recovery time for this very reason, in addition to being able to act as the server(s) in the event there is a failure. This now saves time waiting on a new server/hardware replacement to arrive to only begin the restoration process.
I can be up in hours, not days
Many claim their existing backup solution will have them up and running quickly, within an hour or two. Most likely that is because of what has been advertised. And perhaps that can be achieved, assuming that you fit into the best case scenario. Many have not thought through the many scenarios and problems that could turn the assumption of a one or two hour restore into a day, a week, or even longer.
The truth is grim
If you Google "BDR restore success rate" you will be surprised not to find much, if any, information. That is largely because no one will advertise the failures, only the best case scenarios. Often backup restorations fail and QWERTY Concepts became a victim of this when providing a solution to clients that was over-promised. In the end, the clients were not happy because their expectations were not met, the employees were not happy because they had to work extra hours and deliver the bad news, and the management was not happy because clients and employees were leaving.
Because of this company's core values and integrity, they've changed focus to deliver on Clients' expectations and they found that challenging the industry status quo was necessary. After years of research, development, testing, and improvements the QWERTY BDR solution comes with something no one else can give, a promise. QWERTY Concepts offers a guarantee to restore your environment - locally or in the cloud - and if the restoration fails, they will dispatch all available resources and even install the required temporary hardware to ensure up-time and continuity.
Not all backup and recovery solutions are created equal. Without argument the most critical aspect of any successful business is the safety of their data and operational continuity under all circumstances. Data loss has been a reality of life and no amount of safety and security features could completely eliminate this possibility.
The reasons for this data loss might be anything from accidental deletion of files to system crash or maybe a power failure or a fire at the workplace, an act of nature or an actual accident. In any case, this threat has always been a great hindrance to business operations and there had been no credible tools to make complete recovery which at the best used to be partial and would result in heavy losses and other associated problems.
But these are now things of the past as new age technology and cloud computing has given us a fail-proof Backup and Recovery Solution which is safe, secure, and automatic - but most importantly is expected to work in all possible conditions. Always make sure your cloud data is stored in a certified, preferably SSAE16 Type II data centers and is available at all times without any breaks or interruptions.
The way this backup and recovery system works is simply amazing. With this backup and recovery solution in place, there is no need for numerous system back-ups and file duplications to alternative locations - saving you money. Once you invest in a reliable backup and recovery solution, your company is designated a space on the cloud which is a digitally safe and secure data center located at a remote location and where all your files, databases, emails, drawings and pictures or any other digital media are automatically transferred.
This is an excellent way to back-up all your files on individual machines and office servers as the whole process is online and no manual intervention is required. Moreover you have the flexibility to access these files from any location around the world through a mobile device or where you have access to a computer and an internet connection. With the digital data increasing at a huge rate each year, it makes sense to invest in cloud computing where you can choose a pay-as-you-go model and thus save on huge equipment investment as well as on the maintenance cost for the same.
Any organizations first and foremost priority is to ensure safety of their customer details and maintain continuity of their services at any cost. Although we all take adequate measures to protect ourselves and would like to believe that no harm would come to us but at the same time we also take insurance to protect against any unforeseen circumstances or accidents which might occur.
If we apply this principle to all aspects of our life, we shall also apply it for the purpose of data safety and business continuity so that our precious database and information is always effectively backed-up and recovered for us without any delays. This is not only critical from the point of productivity and maintenance of service to clients without any interruption but it is also crucial for the very survival of your organization as any delay in restoration of service or loss of data can result in terminal losses and other legal liabilities.
Depending where your business is located, the risk attached natural disasters can vary. To help, here is a survival reference guide to ensure your business can weather any storm. Since it is hurricane season, let's use hurricanes as a point of reference for this guide. Hurricanes and tropical storms wreak havoc through a combination of heavy wind and rain. They may also be accompanied by surging tides that flood that affected area.
The impact
Hurricanes and tropical storms impact businesses in the following 3 ways:
- Damage to the facility due to high winds, flooding, and objects that become high-speed projectiles capable of smashing through windows, roofs and other structures.
- Extended power outages, road closures, and other lasting damages can put a facility out of reach for at least a week.
- Regional impact can affect customers, supplies, and business partners - as well as the homes of employees.
The risks
On average, a dozen named storms occur along the Gulf and Atlantic coasts each year. Major disasters, such as Hurricane Katrina and Superstorm Sandy, illustrate the potential damage that can result when these events strike heavy populated areas.
Preparation
Approaching storms usually have an advance warning as they approach. However, because the paths of the storm are difficult to predict, these warnings can often be false alarms. THis si the reason why some businesses fail to respond to storm warning due to the "Cry Wolf" syndrome.
Technology Continuity
Hurricanes and tropical storms can put a data center out of commission for a day or longer. All businesses, especially those operating in hurricane-prone areas, should be prepared. Preparation should include the following:
- Continuous off-site backup of data and applications.
- The ability to restore IT operations in the cloud and/or site in an area less likely to be affected by the storm. This can be areas that are more inland from the coast.
- Website posting that alerts customers and partners about storm preparation-along with frequent post-storm updates to track the progress of recovery.
Personnel Continuity
Major storms can affect regions for an extended period of time. Business continuity plans need to include the following:
- Availability of a sufficient facility, away from the affected area.
- Temporary housing necessary for key employees whose homes are also in the path of the storm.
- Internal communications for keeping employees updated on resource availability and recovery status.
- Any required third-party contracting for key services, such as shipping & receiving, mail processing, etc.
Process Continuity
Aside from making sure their own operations continue uninterrupted in the event of a regional disaster, businesses should be prepared to help their nearby customers and partners to get through the crisis. Planning should include:
- Communications with local/regional customers and suppliers who may also be impacted by the storm in advance.
- Pre-determined policies regarding turnaround times, invoice processing, scheduled service visits, and other activities affected by the storm.
- Direct servicing of customers by supply chain partners, where feasible.
To learn more or obtain assistance for disaster recovery and business continuity, schedule a free technology assessment from QWERTY Concepts. We will help you determine the best strategy to weather any storm.
