How to Prepare your Business for Digital Disaster
Enduring a flood that wipes out your production facility is worse than losing some stored baby pictures, but disaster planning is essential for individuals and businesses of all shapes and sizes.
You don’t have to look hard to find tales of technological disaster. The Gauss virus infiltrated thousands of Middle Eastern PCs, where it could intercept online banking credentials. Apple iPhones were revealed to be vulnerable to spoofed SMS messages. Floods all but demolished Western Digital’s hard drive production facilities inThailand.
Closer to home, writer Mat Honan saw his digital life all but erased when a hacker used a couple of phone calls to order a remote wipe of his MacBook Air.Honansays that he lost more than a year’s worth of photos after the breach—photos that, of course, he hadn’t backed up.
These incidents—and to some degree, anything that goes wrong with your tech universe—have one thing in common: With careful planning, the victims could have rendered the problems much easier to recover from.
Sure, enduring a flood that wipes out your production facility is worse than losing some stored baby pictures, but disaster planning is essential for individuals and businesses of all shapes and sizes. The only real variable is the complexity of the necessary planning. For a small businesses, it’s essential to plan for disasters so that you won’t be completely crushed if catastrophe does strike. Here’s how to start.
You can sharply reduce the bad effects of most technology problems by adopting a single surprisingly simple precaution: Back up your data.
You’ve undoubtedly heard this advice before, but even computer users who have suffered crashes, malware infestations, and other data-killing disasters often find it hard to get started, fearing that regularly scheduled backups are too tedious to perform or too complicated to set up.
None of this is true today. Myriad solutions and systems have simplified the task of backing up, whether you're dealing with one computer or a dozen. Here are some strategies you can start with.
Local USB backup
This is the simplest way to perform backups, but it’s suitable for people with just one or two PCs. Plug a high-capacity USB hard drive into your computer, and set up a backup program. Windows 7 has one included—Windows 8 will add File History capabilities to the mix—and copious options exist online. If you arrange for automatic backups, so much the better.
Windows' Backup and Restore utility is fairly straightforward to use.
Another strategy is to keep two computers in sync so that if one goes down, the other is available so you can pick up where you left off. Again, this option is effective only for very small businesses or in environments where everyone uses the same machine. One big advantage of a sync strategy is that you can set up computers in different rooms or different parts of the building so that if something happens in one part of the workplace (or if a thief steals equipment from there), the other side of the building may still be safe. Check out GoodSync for a solid sync arrangement.
GoodSync helps you sync your data between two PCs.
When multiple computers need backing up, a network-attached storage (NAS) system makes excellent sense. A NAS device attaches to your router. You then use included software or your own backup program to back up to the NAS periodically. One drawback: Often, the backup software included with these drives is limited, and backup traffic can be so heavy that it floods your network. Check out the WD MyBook Live series for a great small-office NAS.
Western Digital's My Book Live NAS box provides mobile access to your files.
If you have plenty of Internet bandwidth available, backing up online can be the most secure way to protect your data against disasters such as a house fire that destroys everything on the premises. Online backup sends your files (usually automatically) to a far-off location, removing any risk of loss from physical theft, fire, or flood at your business. Onthe other hand, some online, cloud-based services have been victimized by security breaches. That risk is probably tolerable for most of us, but if you work with highly sensitive information such as customer credit-card data, you might be best served by backing up this information locally and securing at an offsite location, such as a safe deposit box.
Antimalware and data security
Another common—and oft-ignored—tip is to install antimalware software on all of your business's PCs and keep it up to date.
This measure isn’t terribly onerous if you're dealing with a single PC, but things can get complicated and expensive if you're trying to safeguard a small-business network. Any number of paid and free single-computer security solutions are available. If you have more than a few computers, you can save money by opting for a small-business security suite package. Some of these packages are no more than a bundle of licenses for the individual suite, each of which must be installed and maintained separately. Others offer a central management console for pushing updates out to users' PCs and receiving notifications about threats found on the network. Shop around to determine the approach that works better for you.
Software safeguards aside, a thug with a crowbar can inflict massive damage on your business. That's why physical security should be a major consideration, whether you’re a one-person shop or a company with a hundred employees. Every business owner knows to lock the doors and install an alarm system if there are valuable assets on the premises. But you should also take specific actions to protect your computer equipment, in addition to securing your building proper.
Cable locks are a simple way to increase any computer's security at very low cost. Almost all laptops have a special Kensington lock port, and most desktops have a metal loop that extends from the back and through which you can run a security cable. (Computers that don't have a lock port can instead use a “universal” lock system that attaches directly to the chassis.) Connect the computer to a desk with the cable, and you’ve added sufficient security to thwart most smash-and-grab operators. Be sure to store the keys to the cable locks in a secure location. You should also use a cable lock whenever you take a laptop out of the office.
Kensington ClickSafe combination locks can anchor a laptop to your desk.
LoJack for Laptops is software that runs unnoticed in the background but lets your laptop broadcast its location when you report it as lost. This helps law enforcement locate the computer more easily and enables you to wipe its hard drive remotely if recovery seems unlikely. Tools like Find My iPhone offer similar features to smartphone and tablet users. Install them before your device goes missing.
Video surveillance systems
The all-seeing eye of a camera won’t prevent determined thieves from breaking into your office, but remote surveillance systems may help you catch them red-handed. Video surveillance with motion detection will show the scene of a crime in real-time and record footage to help you pursue the bad guys later.
Logitech Alert video surveillance system is a good choice for monitoring several locations.
Fire, floods, and acts of God
We’ve dealt with thieves, but what about interventions of overwhelmiong magnitude? The general preparedness tips outlined above—especially the use of offsite backups—will help mitigate damage due to natural disasters, but a few devices can do even more, if you’re concerned that a fire or flood might whisk away your life’s work.
For digital storage, ioSafe makes a range of external hard drives designed to resist both fire (at up to 1550 degrees Fahrenheit) and water (a water column of up to 10 feet for 3 days). Keep analog essentials such as paper documents (and printouts of essential data) either offsite in a safe deposit box or in a sturdy fire safe on the premises. These inexpensive safeguards are well worth the investment.
And of course, you should include high-quality surge protectors or UPSs on all high-tech equipment for protection against power surges and lightning strikes.
You can replace computer equipment, but that costs money. And if your business is out of commission for a month or two while you rebuild from a fire, you won’t be earning anything along the way. That problem can destroy a company that might withstand the physical damage caused by a disaster.
Generally, insurance is the best safeguard against financial ruin. Standard property insurance will cover the loss of hardware, but business interruption insurance is essential if you want a safety net to preserve your company against lost sales.
One other component of your small business needs to be protected: you. Do you want your business continue to operate after you’ve shuffled off this mortal coil? If the plan is to shut it down, how will that happen? How will ongoing ownership issues be determined? Who’s going to run the show?
These are complicated issues that any small-business owner should discuss with a qualified estate planner to resolve, and any protégés being groomed to take over when you’re gone need to be aware of the plans well in advance. Software such as Quicken WillMaker steps an individual through basic estate planning. It's a serious subject, but tackling the creation of a will and a succession plan while you’re young and healthy is far better than waiting until you’re lying in a hospital bed. Make it a priority to create a continuity plan (or a dissolution plan, if you aren't going to pass the business along to an heir), and revisit it annually to ensure that it’s up to snuff.
No enterprise is an island. In a connected world, a business cannot function without multiple relationships with third parties--outside vendors, contractors, affiliates, partners, and others.
The typical organization loses 5% of its revenues to fraud by its own employees each year, with most thefts committed by trusted employees in executive management, operations, accounting, sales, customer service or purchasing, according to the Association of Certified Fraud Examiners (ACFE).
It's an increasingly mobile world -- and the mobile future of Windows is dubious. To better accommodate end users, CIOs would be wise to consider these three alternatives to Windows on the desktop -- Chrome, Android and Ubuntu.
How do you know your employees retain what you teach them in company-required security awareness training? You don't -- unless you regularly test their security savvy and effectively address their mistakes during post-test follow-up sessions.