The 10 Disaster Planning Essentials For Any Small Business Network Little-Known Facts, Mistakes And Blunders About Data Backup, IT Disaster Recovery and Business Continuity Every Small Business Owner Must Know To Avoid Losing Everything In An Instant Discover How Quickly Your Business Could Be The Troy Back Area Up Business and Owners Running Guide After A To IT Support Services And Fees Natural Disaster, Server Crash, Virus Attack, Or Other Data-Erasing What You Should Catastrophe Expect To Pay For IT Support For Your Small Business (And How To Get Exactly What You Need Without Unnecessary Extras, Hidden Fees And Bloated Contracts) By Kimberly A. Nielsen President and Business Technology Strategist Computer Technologies, Inc. www.cti-mi.com Phone: 248-362-3800
The 10 Disaster Planning Essentials For Any Small Business (Discover How Quickly Your Business Could Be Back Up and Running After A Natural Disaster, Server Crash, Virus Attack, Or Other Data-Erasing Catastrophe) Don t lose everything you ve worked so hard to achieve in an instant! This report will reveal important planning strategies you should have in place now to protect yourself from common dataerasing disasters including natural hazards, human error, cyber criminals, hardware failure, software corruption and other IT failures. Read this guide and you ll discover: How fast you could realistically be back up and running in the event of any natural or human disaster. What backup, security and business continuity systems you currently have in place and determine whether they are sufficient. Is all of your critical data being backed up, every day? What are the largest threats to the security and integrity of your critical business data? Do you know what steps and costs would be involved to rebuild your server and recover your data if you had to? Provided as an educational service by: Kimberly A. Nielsen President & Chief Technology Strategist Computer Technologies, Inc. 500 Oliver Drive Troy, Michigan 48084 248-362-3800 www.cti-mi.com 2014 Computer Technologies, Inc. ALL RIGHTS RESERVED Page 1 of 7
About The Author: Kim Nielsen, is President and Chief Business Technology Strategist at Computer Technologies, Inc. and author of the book How to Avoid Being Squeezed By Your So Called Computer Expert. Kim is a Certified HIPAA Security Professional and in 2014 became a member of Homeland Security s Electronic Crime Task Force. She began her technology career in 1979 while attending college. A graduate of Walsh College, Kim founded Computer Technologies in 1991 in order to help local governments and small businesses simplify their IT while providing them with the same level of expertise and experience that, at that time, was only available to large, enterprise class organizations. Today the focus of Computer Technologies is to help small businesses and municipalities use technology to increase efficiency, reduce costs and increase profits/stay within or reduce budget. With over 30 years in the IT industry, she has gained extensive knowledge and experience in how technology can be used to help small businesses grow into sustainable and profitable companies and help local governments operate more efficiently and within budget. This experience, as well as her willingness to embrace the ever-present changes and challenges of the IT industry, have been instrumental in growing Computer Technologies into one of the premier consulting companies in southeast Michigan. Solutions offered by Computer Technologies include cloud computing services, managed services IT maintenance support plans, network support, business continuity and disaster recovery services, managed security systems, hosted email and backup solutions, VoIP phone systems and technology strategic planning. 2014 Computer Technologies, Inc. ALL RIGHTS RESERVED Page 2 of 7
Why You Desperately Need A Disaster Recovery Plan For Your Business In a 2005 study by Cummings, Haag & McCubbrey of companies that experience a major data loss, without having a solid disaster recovery plan in place, ONLY 6% survive; 43% close their doors immediately and 51% limp along and eventually close within 2 years. And the situation is getting worse as more and more companies store and rely on digital information and systems to serve customers and keep the doors open. Fact is, every business connected to the Internet with people accessing digital information is highly vulnerable to hackers, viruses, data corruption, data loss, system failures and downtime. A disaster can happen at any time, on any day, and thinking, That could never happen to me, is an open invitation for Murphy to visit you and wreak havoc on your business. (Murphy s Law: Anything that can go wrong, will.) The cost of a disaster is enormous and spreads far beyond simple downtime. Client data stolen can cost you big in reputational capital and easily turn into lawsuits and government fines. Extended downtime can cause you to lose customers and miss important deadlines, not to mention the lost productivity. And with more and more private data being captured and stored by companies, the long-term losses and legal challenges can have significant short AND long term impact. If your data is important to your business and you cannot afford to have your operations halted for days even weeks due to data loss or corruption, then you need to read this report and act on the information shared. A disaster can happen at any time, on any day, and is likely to occur at the most inconvenient time. If you aren t already prepared, you run the risk of having a disaster occur before you have a plan in place to handle it. This report will outline 10 things you should have in place to make sure your business could be back up and running again in the event of a disaster. 1. Have a written plan. As simple as it may sound, just thinking through, in ADVANCE, what needs to happen if your server has a meltdown or a natural disaster wipes out your office, will go a long way in getting your business back online fast. At a minimum, the plan should contain details on what disasters could happen, what data and systems are most important and a step-by-step process of what to do, who should do it and how it should be done. Also include contact information for your key vendors and username and password information for all key web sites you use. Writing this plan will allow you to think about what you need to budget for backup, maintenance and disaster recovery. If you can t afford 2014 Computer Technologies, Inc. ALL RIGHTS RESERVED Page 3 of 7
to have your network down for more than a few hours, then you need a plan that can get you back up and running within that timeframe. You may want the ability to virtualize your server, allowing the office to run off of the virtualized server while the real server is repaired. If you can afford to be down for an extended period of up to a couple of days, there are cheaper solutions. Once your plan is written, print out a copy and store it in a fireproof safe, at an offsite location (like your home) and provide a copy to your IT consultant. Here s a short list of what your Disaster Recovery Plan should include: An IT Asset Inventory of all hardware, software licenses and assets. A list of all the cloud applications you use, what data is stored there, how it s accessed (username/password) A process for how the data in these 3 rd party cloud applications will be backed up to a secondary location, to avoid losing it from the company closing, being hacked or having them simply deny you access to your data for any reason. This would include the data from your web sites, member portals, CRM systems, accounting systems, etc. A Break The Glass document of critical web sites, passwords and other information held only by key executives that are critical for running the business. If something should happen to that executive, you want to be able to keep the business running. A detailed process of how all your PCs, laptops, servers and other devices are being backed up AND who is responsible for backing them up and validating the backups through periodic test restores. A telecommunications recovery plan that would deal with a situation where all phone lines are down or your building is inaccessible. A high impact disaster plan for how your business would continue to operate if your building was inaccessible temporarily or permanently. A list of key vendors and their contact information. You should also have emergency contact information for each employee, in case of a major disaster where you are unable to access your office and you must contact them at their home. Information about your insurance policies, coverage, contact information for the insurance provider, a copy of the policy, etc. You should also have documentation (receipts) and pictures of the assets in your office in case you need to submit a claim. Having this is proof that you actually owned the assets you are claiming. 2014 Computer Technologies, Inc. ALL RIGHTS RESERVED Page 4 of 7
2. When writing your plan, think business continuity, not just backup. A HUGE mistake made by almost all small business owners is thinking that having a backup copy of your data will enable you to be back in business quickly. Not so. Business continuity is the process of planning and having systems to make sure your business continues operating after a disaster. We often see business owners shocked to learn that it may take 5-7 days, sometimes more, to get their operations back online and functioning because they only have a copy of their data. Don t make this mistake! With some simple planning you can make sure critical operations, e-mail and other functions don t go down for extended periods of time. 3. Hire a trusted professional to help you. Trying to recover your data after a disaster without professional help is business suicide; one misstep during the recovery process can result in forever losing your data or result in weeks of downtime. Make sure you work with someone who has experience in both setting up business contingency plans (so you have a good framework from which you CAN restore your network) and experience in data recovery. 4. Have a communications plan. If something should happen where employees couldn t access your office, e-mail or use the phones, how should they communicate with you? Make sure your plan includes this information, including MULTIPLE communications methods. 5. Automate your backups OFFSITE (to the cloud). If backing up your data depends on a human being doing something, it s flawed. The #1 cause of data loss is human error (people not swapping out tapes properly, someone not setting up the backup to run properly, etc.). Plus, local backups, on a different server or storage device and tape drives are NOT secure and can easily fall into the wrong hands, be misplaced, lost, etc. Onsite backups are good, but they won t help you if they get stolen, flooded, burned or hacked along with your server. That s why it s just smart to backup your data to a reputable, highly secure, highly available data center. Second, ALWAYS automate your backups so they run like clockwork. We further recommend that you have a professional monitor your backup daily to make sure all of your data is being protected as expected. 6. Have remote access and management of your network. Not only will this allow you and your staff to keep working if you can t go into your office, but you ll love the convenience it offers. Plus, your IT staff or your IT consultant should be able to access your network remotely in the event of an emergency or for routine maintenance. Make sure they can. 2014 Computer Technologies, Inc. ALL RIGHTS RESERVED Page 5 of 7
7. Image your server or consider cloud computing. Having a copy of your data offsite is good, but keep in mind that all that information has to be RESTORED someplace to be of any use. If you don t have all the software disks and licenses, it could take days to reinstate your applications (like Microsoft Office, your database, accounting software, etc.) even though your data may be readily available. Imagining is simply a process of making an exact copy of your server and everything on it; that copy can then be directly copied to another server saving an enormous amount of time and money in getting your network back. Best of all, you don t have to worry about losing your preferences, configurations or favorites. To find out more about this type of backup, ask your IT professional. Another option may be to simply move your network to the cloud and eliminate the onsite server altogether. Cloud technologies are advancing fast, offering more secure and less complex and expensive options to purchasing and maintaining a server onsite. Plus, Internet connectivity is getting faster and more reliable, which is making it easier for companies to utilize cloud technologies to run their business. Best of all, cloud technology offers built in business continuity and backup. 8. Network documentation. Network documentation is simply a blueprint of the software, data, systems and hardware you have in your company s network. Your IT manager or IT consultant should put this together for you. This will make the job of restoring your network faster, easier AND cheaper. It also speeds up the process of everyday repairs on your network since the technicians don t have to spend time figuring out where things are located and how they are configured. And finally, should disaster strike, you have documentation for insurance claims of exactly what you lost. Again, have your IT professional document this and keep a printed copy with your disaster recovery plan. 9. Maintain Your System. One of the most important ways to avoid disaster is by maintaining the security of your network. While fires, floods, theft and natural disasters are certainly a threat, you are much more likely to experience downtime and data loss due to a virus, worm, hacker attack or human error (be it intentional or accidental). That s why it s critical to keep your network patched, secure and upto-date. Additionally, it s important to monitor hardware for deterioration and software for corruption. These are often overlooked threat that can wipe you out. Make sure you replace or repair aging software or hardware to avoid this problem. 10. Test, test, test! A study conducted in October 2007 by Forrester Research and the Disaster Recovery Journal found that 50 percent of companies test their 2014 Computer Technologies, Inc. ALL RIGHTS RESERVED Page 6 of 7
disaster recovery plan just once a year, while 14 percent never test and that s the companies who actually HAVE one! If you are going to go through the trouble of setting up a plan, then at least hire an IT pro to run a test once a quarter, if not monthly, to make sure your backups are working and your system is secure. Revisit and revise, if necessary, the plan quarterly or every six months. After all, the worst time to test your parachute is AFTER you ve jumped out of the plane. Want Help In Implementing These 10 Essentials? If your e-mail, database, accounting data, client work products and other IT systems and digital information is extremely important to you and could not be easily (or cheaply) replaced, then call us about developing a simple IT-specific disaster recovery and business continuity plan for your business. Our process involves documenting all the hardware, software, data and critical systems you need to keep your business running, and then putting together a solid plan to make sure you can be back up and running again fast. We ll also audit your current security systems and virus and hacker protection to check for loopholes, oversights and gaps in your systems that would be access points for cyber criminals, hackers and disgruntled employees. To request a FREE, no-obligation Disaster Readiness Assessment, and to see if you are at risk, go online to www.cti-mi.com/drplan or call us at 248-362-3800. 2014 Computer Technologies, Inc. ALL RIGHTS RESERVED Page 7 of 7