6 Simple Steps to Business Continuity Planning in a Disaster

6 simple steps to business continuity planning in a disaster

Disaster can strike anytime, anywhere. No business owners likes to think of what may happen in the event critical processes and information are compromised, but creating simple steps for business continuity planning is the most proactive approach a company can take. Consider how your business might preserve core functions and integrity in the event of:

  • Data loss or damage
  • Flood or fire
  • Downtime of critical technology systems
  • Loss of key members
  • Loss of access to software and accounts
  • Hacking and data theft

Many companies tend to focus on the recovery stage, once the damage has been done. While coming back from a disaster is undoubtedly an important component in any business structure, at 4 Corner IT we are firm believers in active data protection and core process defense. That’s why we’ve put together 6 Simple Steps to Business Continuity in a Disaster. With your business is facing a cyber breach or a more tangible crisis, be sure to have a backup plan ready and waiting.

Prepare a Business Impact Analysis

Think of a business impact analysis, or BIA, as a fire drill for your company. A concise, predictive model simulates the likely impacts that may result from a potential loss scenario. Risk assessment may include any scenario from a direct loss of resources to failure of a major vendor or service. Items to consider when mapping a BIA include:

  • Lost sales and income
  • Delayed sales or income
  • Increased expenses (e.g., overtime labor, outsourcing, expediting costs, etc.)
  • Regulatory fines
  • Contractual penalties or loss of contractual bonuses
  • Customer dissatisfaction or defection
  • Delay of new business plans

Determining the financial and global impacts of each gives businesses direction when it comes to investing in recovery and mitigation.

Rate Your Readiness

Look for the weak links in your company chain. Grading your performance is never fun, but a thorough audit allows us to identify vulnerabilities before they become threats. Give your large or small business a health check by evaluating firewalls, network security, corporate protocol for sensitive information such as passwords and data, and overall readiness should a disaster strike. Assign a numerical grade to each item, with 1 being not at all prepared and 5 being fully ready to withstand a crisis.

Construct a Plan

Now it’s time to work out a plan. An effective disaster recovery plan should closely mirror the BIA you’ve prepared. For each scenario, include a triage approach to how your business will handle a crisis based on the severity and magnitude of the threat. A solid plan should include:

  • Communication
  • Delegation
  • Plan for hard assets (office equipment, electronics, furniture)
  • Plan for digital assets (data, passwords, accounts and software) 
  • Backup check
  • Detailed asset inventory
  • Vendor communication and service restoration plan

Specific details of each can be aligned to your business’ needs and priorities.

It Takes a Team

Do your employees know what to do in the event of a disaster? Is there a clear chain of command to delegate tasks if key members of the team are suddenly absent? Will key processes be able to continue in the event of a delivery delay or supply shortage?

These are the kinds of questions effective leaders need to be asking their team. Disaster recovery and preparedness is a company wide effort. Communicate a consistent protocol to all departments and be sure each member of your team understands the company’s plan of action when it comes to preserving business continuity in the face of a crisis.

Evolve Alongside Your Growing Business

Because your company is constantly growing and evolving, be prepared to review, test, and update your disaster preparedness strategy. A dynamic plan should be reevaluated every six months to take into account changing processes and functions. Make a checklist and involve department managers in the auditing process so that everyone is on board with a proactive approach to loss prevention and recovery.

Don’t Be Afraid to Ask for Help

Even the most disaster savvy businesses rely on experts to fill the gaps in their plan. Trusting in knowledgeable professionals allows you and your staff to focus on your own expertise — the success of the company.

Our IT team is available whenever our New York business owners need us with active solutions to data recovery and disaster preparedness. From managed IT services to support and consulting, we take the stress out of protecting your company’s valuable digital assets.

Contact us today to start preparing for your company’s future.

Backup Data Offsite to Thwart Cyber Criminals

backup data offsite to thwart cyber criminals

Time and time again, managed service providers have stressed the importance of completing regular data backups, even for very small businesses. As even these small businesses have come to rely on their data more and more, most companies do understand why backing up their data is a very smart move on their part. Unfortunately cyber criminals are always on the lookout for additional targets and they do seem to target businesses much more than simple personal users. While performing regular backups is still a must, it’s important to discuss one additional aspect of backing up data that can make or break a company if the worst should happen and they become a target of a cyber thief.

Onsite Backups

If a company never encounters a threat from a cyber criminal, an onsite backup would still be an invaluable asset to have in the event of equipment failure or some other internal failure. All a company would have to do is restore their most recent backup, check for any issues, and once given the all clear sign, employees could continue their work.

The problem with onsite backups is that once a cyber criminal gains access to a company’s network, they likely can gain access to their onsite backup as well. In the case of a ransomware attack, a cyber criminal could hold the data of an entire company hostage, including their onsite backup. Either the company pays the ransom or they face potentially losing all their vital business data.

Offsite Backups

The above scenario is precisely why service providers not only encourage regular backups, but they also encourage companies to store a copy of their backups in an offsite location. As everyone becomes more dependent upon their business data to function, it’s a perpetual race to see whether the cyber criminals will take advantage of vulnerable institutions, or whether companies will start taking their business data seriously and take concrete steps to protect this vital asset.

If you would like to know more about establishing an offsite location for your data backups, please contact us.

Also, checkout our cabling services!

Business Continuity – One of the Keys to Maintaining Success

business continuity one of the keys to maintaining success
Maintaining Success

In a global world, a company may find themselves competing with organizations, not just around the block or in another state, but perhaps with other businesses halfway across the globe. With more competition than ever, no reputable company wants to gain a fly-by-night reputation with the public. This is where focusing on business continuity comes into play. What does an organization need to do to cultivate a reputation that says they are reliable, trustworthy, and committed to fulfilling the needs and goals of its customers?

Understanding what contributes to the steadfastness of an organization can make the difference between being a company that quickly rose to the top, (and failed just as quickly), and is a company that truly earned its solid reputation.

Why Resiliency Matters

When the business climate is doing well, it’s relatively easy to rise to the top, perhaps even becoming a star performer. What often separates the wheat from the chaff is when there is a downturn in the economy or a business finds themselves in the middle of a natural disaster. Those who enjoyed success only on a superficial level often find their company’s reputation is in tatters, or perhaps the business simply folded altogether.

In contrast, organizations who incorporated the concepts of business continuity and resilience into their overall business plan may very well take some hits, but ultimately they will persevere through the down times because they used the right building blocks to create their foundation.

IT Providers – A Key Building Block

With today’s heavy reliance on information technology, any business that wants to ensure the resiliency and continuity of their organization must understand that selecting the right provider is one of the key building blocks for success. A successful business absolutely does need continuity in their information services in order to consistently provide the highest level of service to their customers.

It’s very important to find a provider who is not only reliable when business operations are running smoothly, but they are also ready to provide seamless support for your company if a less than desirable event should occur.

If you would like to know more about our commitment to providing outstanding reliable IT support, please contact us.

Early Preparation for the 2019 Hurricane

early preparation for the 2019 hurricane
Early Preparation

It is a great idea that everyone has a good plan in place for the upcoming 2019 hurricane to protect their IT systems. We understand the massive damages that hurricanes can do when it gets us unprepared.

Below are some steps you can follow in preparation for a hurricane:

  • Property check – Ensure your property is well protected from water damages as it is the main thing that affects IT  systems during a storm.
  • Regarding your building protection, ensure any openings near the IT systems are well covered to keep water at bay. These openings include doors and windows.
  • Disable the restart feature of your electronic devices. This is because, once power is back after a blackout, the presence of water can cause a short electric circuit. This, in turn, can lead to unexpected damages.
  • You can also back up your data and files in case computers fail. Offsite backup is more advisable since you’ll still retrieve them in case of damages at your data center.
  • Most importantly, have hard copies of some relevant documents that may be needed when your IT system is still offline after the hurricane.
  • Good communication plan

Check out 7 Tips for Preparing Your Business for a Hurricane

When disaster strikes, you’ll probably need a reliable way of communication for emergency purposes. That is why you are advised to use cell-phones as they are quick ii matters of emergency and you need immediate help.

Landlines and VoIP phones need aren’t much convenient during this time as they use electricity which is likely to be absent during a hurricane.

Remember to charge your cell-phones earlier before the hurricane.

To conclude, a hurricane is something that needs appropriate preparedness to avoid damages which means extra costs to repair and even replace some valuable assets. It is therefore crucial that you keep the above measures in mind and the earlier, the better.

Contact us if in need of professional information regarding hurricane preparedness.

Cloud Disaster Recovery: 5 Key Steps to Secure Your Data

benefits of using cloud servers
cloud servers.

Hosting applications on the cloud is tempting many IT organisations for sundry reasons like availing benefits from data centers, backup power sources and other capabilities that till lately only established IT organisations could afford. Pay-as-you-go culture or guaranteed availability makes cloud adoption an easy and unperturbed choice for many SMBs and large scale organisations. Many hosting providers maintain compound data centers, so decision makers often assume disaster recovery to be the inherent feature in the cloud culture that is offered to them. But little do they realize that this is a vital issue that warrants concern. Disaster Recovery (DR) is not a default configuration for many providers that offer cloud space in the IT market.

The 9/11 attacks cautioned many towards IT disaster preparedness (though probability of such disasters are extremely rare but not impossible). Before dealing with your cloud space provider and before signing on the dotted line, the DR diligence should be thoroughly assessed. The thought process should determine the risks, lay out the potential solutions and implement the plan that meets the required service level at reasonable costs.

This paper discusses the storage elements of disaster recovery planning process.

Step 1: Risks Assessment/Evaluating the Risks

Disaster risks can be perceived as a range of probability. They can be categorised into three major groups:

  • Site Disaster: Fire, short-circuits, or long-term power outages can render the data centre (or computer components) unusable for longer than the specified service agreement.
  • Area Disaster: Floods, tornadoes (we cannot forget the recent ‘Sandy’ that created much turmoil in US), hurricanes, snow storms can ruin a data centre completely.
  • Regional Disaster:  Terrorist attacks, financial failures, etc should never be under estimated.

An optimised data centre design softens various risks associated with all three of these categories. An appropriate data centre location can mitigate likely weather events, and other natural conditions that cannot be controlled or regulated.

Smart data centre designs have uninterrupted power supply sources for sudden power failures. Organisations that have a plan in place to re-host applications will experience less disruption and likely lowered costs. As a part of risk assessment, IT managers must consider how unavoidable statuses can met with just as ease.

Step 2: Determining Requirements

After implementing the risks assessment phase, IT organisations need to classify their recovery requirements for the applications that are hosted. Requirements should be developed under the guiding parameters of:

  • Recovery Point Objective (RPO):  RPO is the maximum tolerable period in which data might be lost from an IT service due to a major incident. The RPO gives systems designers a limit to work to. For instance, ‘quickest RPO’ indicates zero tolerance for data loss. A 24 hour RPO would indicate that restoring data as of yesterday’s backup is adequate, resulting in a loss of all transactions and data conducted after that time.
  • Recovery Time Objective (RTO):  RTO determines the maximum tolerable time for recovering the lost data and bringing the application back running like before. RTO indicates the time to restart systems, databases and applications on the server.

RPO and RTO requirements are directly proportionate to the cost of downtime. Cost of downtime can include actual loss of revenue, loss of employee productivity, loss of market goodwill and most importantly loss of reputation. If the cost of downtime is greater than the cost of Disaster Recovery Strategy, then (or any situation) strategy is always worth the cost.

If the cost of acquiring and treasuring the customer is high then a vigilant DR strategy is a must have on the ‘To-Do’ checklist.

Step 3: Understanding Disaster Recovery Options

Backup to tape and off-site storage: Tape remains the cheapest and most used method for moving data to a secured data storage facility or even for archiving it. Following are some issues that are related to tape and which should never be given a blind eye:

  • Tape format: The format compatibility between the source and the target should be taken good care of. Different generations of same technology can cause confusion too.
  • Magnetic disk drives vs tapes: The approach involves data redundancy in an offsite data storage facility to magnetic disk drives or magnetic tapes. Disk backups can potentially reduce recovery time in the event of any disaster. Most backup applications can be restored to disk using compression technology; therefore, the backup image is much smaller in size than the actual data image.
  • Note: Virtual Tape Libraries (VTLs) are specialised storage devices (disk only or disk -to-tape) that can further automate the Disaster Recovery process.
  • Synchronous Data Replication: Synchronous Data Replication ensures that every piece of data entered or changed is concurrently replicated. Although synchronous data replication is one of the most expensive off-site replication options.

Whatever the backup methodology, it is important to ensure that the operating system should have solid redundancy strategies so that the entire environment can be recreated even after the servers crash.

Step 4: Auditing Cloud Providers

Cloud providers should be willing to provide users with documentation regarding their data centre protection strategies. Location factor of the data centre is usually underestimated or ignored while introspecting disaster recovery strategies.

Clients should be vigilant towards exploring the range of data protection solutions offered by the provider. Most cloud space providers offer daily backup-to disk capabilities and some supplement that with periodic tape backup (e.g. weekly or monthly) but that ignores the need to create immediate data redundancy.

Off-site tape transfer facility should be checked under the DR strategy tools. On-site backups can help recovery from data corruption, and unintended data deletion, and allow quick restoration. Imperative elements that should be considered while auditing cloud providers are:

  • Location
  • Possible events
  • Power Grid/Communications Considerations and Contingencies
  • Proximity to ‘prone-to-danger’ locations (e.g. any water body or any potential terrorist target areas like airports, seaports)
  • Vendor’s DR emergencies

Step 5: Implementing and Managing Your Cloud Disaster Recovery Solution

As technological fluctuations will go round the world, cloud providers will likely be on the buying or selling side of the data centre acquisition or integration. Most important part lies in evaluating and selecting the right service provider with the right Disaster Recovery strategies, equally important is the step to review your DR requirements and solutions.

The Disaster Recovery solutions should be well tested and trusted by the provider to ensure the promised performance as the DR solution that was appropriate last might turn out to be non-operative over time.

Also, check out our cabling services!