Why Small Businesses Shouldn’t Avoid Making Disaster Recovery Plans.

Entrepreneurs and small businesses, especially ones that are fairly new, often don’t think about making plans to recover in case of a disaster. However, it is the smallest business that most likely has the fewest resources to fall back on in case of disaster.

Why does this happen?

1. It isn’t on an entrepreneur’s radar – The challenge and hurdles of starting out are what drive small business owners. The excitement that comes with getting a new client or releasing a new product are what motivates them. To be honest, things like disaster recovery plans are a little dull and aren’t part of the exciting day-to-day hustle of running a company. As a result, these issues get put on the back burner.
2. Planning tools can seem too complex – Ideas like “risk assessment” and “business impact analysis” can be intimidating. Many SMBs may just feel the whole area is overwhelming and leave it to another day.
3. It is perceived to be unaffordable – Many owners may believe that putting disaster recovery plans into place involves a lot of additional spending on consultants, backup hardware and more software. That isn’t true. With cloud technology and the use of a managed service provider, disaster recovery doesn’t need to be an intimidating or expensive proposition.

To learn more, see our e-guide “Staying Alive: The Definitive Guide to Business Continuity and Disaster Recovery for Small Businesses“.

If the power in your office fails tonight, and all of your computers crash, how quickly can you recover? And more importantly, at what cost? According to the U.S. Department of Labor, 93% of companies that experience a disaster go out of business within 5 years – even if they can recover in the short term. 

We’re here to ensure your business doesn’t become another statistic. Our business continuity solution is about more than just backup – it’s designed to quickly revive your network following any unplanned downtime, and ensure your employees are operating productively in almost no time at all.
 

Loss of Data: Causes and Prevention

The adoption of technology from the simplest of matters to the most complex problems has rendered us heavily dependent on it. We love paying our bills minutes before they are due. We enjoy seeing loved ones face-to-face on our computer screens. We can access and print our extremely sensitive records from government and financial websites in a matter of minutes instead of waiting for the mail for days. The time and resources that technology saves are invaluable, but this convenience has a very ugly side. This convenience brings costs, which could include irreparable financial, professional, and social damage. The technology that is designed to make life easier can also wreak havoc when criminals use it to breach secured, personal information. So how do we tame this beast called ‘breach of data security’?

Background: The gravity of the problem: To look for a solution, we first need to understand how serious this problem is. Breaches in data security and loss of data could spell imminent demise for many small companies. According to the National Archives & Records Administration in Washington, 93% of companies that have experienced data loss resulting in ten or more days of downtime have filed for bankruptcy within a year. 50% wasted no time and filed for bankruptcy immediately and 43% that have no data recovery and business continuity plan go out of business following a major data loss. In the past, small- to medium-businesses (SMBs) thought that data security problems were reserved for large corporations, but cyber criminals are finding out that SMBs are more complacent in securing their data thus making themselves easier targets. More importantly, the lightly guarded SMBs can provide backdoor access to the large entities hackers really want to hit. Fewer than half of the SMBs surveyed said they back up their data every week. Only 23% have a plan for data backup and business continuity. That is why the number of cyber attacks on SMBs has doubled in the recent past.

Causes of lost data: Loss of data can be attributed to two factors.

• Breach of data security: As we discussed above, theft is the main reason for loss of data. Hackers can get into networks by installing their own software hidden inside emails and other Web content. They take over PCs and networks and then access files containing personal information. They can then use that information to empty people’s bank accounts and exploit data for other purposes.

• Human error and employee negligence: Humans still have to instruct technology to perform as desired. Examples of negligence include unattended computer systems, weak passwords, opening email attachments or clicking the hyperlinks in spam and visiting restricted websites. Fortunately, this type of loss of data is easily preventable, but it is just as detrimental and can bring your business to a halt. Downtimes can be very harmful to your business continuity and revenue.

Five ways to minimize data loss

1. Enforce data security: More than technology, this is the management of human behavior. SMB management must communicate data protection policy to the entire staff and see to it that the policy is adhered to. Rules and policy must be enforced very strictly regarding the use of personal devices. Tell employees to create passwords that are hard to crack and change them frequently.
2. Stress the consequences: Rules are only good if there are consequences for not following them. Define what those consequences mean for the both the individual and the organization.
3. Mobile device management: Mobile devices may be the weakest link in data security. “Mobile device management” refers to processes that are designed for the control of mobile devices used within the company. Devices tapping into company systems are identified and monitored 24/7. They are proactively secured via specified password policies, encryption settings, etc. Lost or stolen devices can be located and either locked or stripped of all data.
4. Snapshots: Fully backing up large amounts of data can be a lengthy process. The data being backed up is also vulnerable to file corruption from read errors. This means sizeable chunks of data may not be stored in the backup and be unavailable in the event of a full restoration. This can be avoided by backing up critical data as snapshots.
5. Cloud replication and disaster recovery services: For SMBs who consider data backup to be too costly, time consuming and complex there is an answer. The Cloud provides a cost-effective, automated off-site data replication process that provides continuous availability to business-critical data and applications. Cloud replication can often get systems back online in under an hour following a data loss.

To conclude our conversation, it is very important to understand the causes and consequences of data loss. Be proactive and minimize the likelihood of a data breach and data loss, so you can stay in business without interruption. Make sure you have a solid data recovery and business continuity plan so you don’t become another statistic about small firms who didn’t make it.

Be Proactive: How to Avoid Potential Network Failures

For small- to medium-sized businesses (SMBs), an IT network failure can be devastating because they don’t have the resources of large corporations to bounce back from such disasters. Preparation against such devastation may be the only course for them to avoid failure and survive with the least damage if failure occurs. SMBs must be proactive in recognizing the eventuality of a cyber attack or human error that can cause data loss and disrupt business continuity. This is what needs to be done to help prevent a potential failure.

Be prepared: Being proactive is an essential step for preparation against a disaster. There are two ways to determine how to best prepare to prevent potential failure of your infrastructure. First, you need to identify the weaknesses throughout your systems, and second, determine how you are going to eliminate those weaknesses and protect your network.

Identify the weaknesses: Determine how and why your system could fail. Examine all aspects of your hardware and software. Assess all the internal and external factors that could contribute to failure of your networks. Here are some questions you need to know the answers to.

• Does customer access and/or employee productivity often stall because of downed systems? In these situations, how quickly is your IT support able to minimize the damage?
• Can you say with certainty that your business will be back on line and be able to access lost data with minimal disruption in case of failure?
• Your critical data should be backed up frequently. The data on personal laptops, iPads and other mobile devices should also be backed up. Are all these steps being taken, and how often?
• Are all backups stored in a location off-site and are they quickly accessible in the event of corruption, fire or flood?
• Are you using any custom made software? Can it be reinstalled and updated when needed?
• Are your systems truly protected from hackers and viruses? Do you change passwords when employees leave the company?
• How often do you test your backup processes?

The answers to all these questions should give you a clear picture of your network’s ability to survive in case of a catastrophe.

Here are five steps that you can take to protect your networks

1. Backup files every day: There are a large number of businesses that never backup data. Only 23% of SMBs are backing up their data daily, and only 50% are doing it weekly. A number of issues can result in loss of data. You should backup data every day.
2. Check backup procedures regularly: Don’t find out accidently that your backup system is not working properly. By then it could be too late. It may seem like your data is being backed up normally, but check frequently if it is backing up the way it should be. In this age of BYOD make sure all employees are also following procedures to backup data on their laptops, iPads, etc.
3. Make sure virus protection and firewalls are always enabled: Many companies either don’t have virus protection installed or it is disabled. That renders their networks vulnerable to virus attacks from emails, spam and data downloads. Corrupted files will not only bring your systems down but they can spread to your customers and email contacts. That will spell disaster for your reputation. Hackers are always looking for unprotected and open ports online that they can attack with malicious code or files. That can cause permanent data loss.
4. Monitor server drives: Dangerously full server drives can cause many problems, ranging from program crashes to sluggish email delivery. Servers should be monitored and maintained regularly to avoid these problems.
5. Check built-in logs: Frequent reviews of built-in logs can reveal small issues. You will have a chance to prevent them from becoming bigger, harder-to- manage problems that can bring your systems down.

Summary: We now know IT system failures have very serious consequences for SMBs. We also know that they can avoid such failures by being proactive. Many SMBs are now turning to cloud-based services and virtualized backup solutions to mitigate downtimes and network failures. Virtualization and cloud computing have enabled cost-efficient business continuity by allowing entire servers to be grouped into one software bundle or virtual server – this includes all data, operating systems, applications, and patches. This simplifies the backup process and allows for quick data restoration when needed.

Is That a Business Continuity Plan in Your Pocket or a Bunch of Jargon?

Technology is full of difficult jargon. To further complicate things, certain terms are often used in a different context between one publication or service provider and the next. An example of this is the usage of backup, disaster recovery, and business continuity. These terms are commonly used interchangeably, often resulting in confusion. In an effort to alleviate some of this confusion, let’s describe each physical process. You will see an overlay among all three, although they are each different processes.

Backup – In IT lingo, the most basic description of backup is the act of copying data, as in files or programs, from its original location to another. The purpose of this is to ensure that the original files or programs are retrievable in the event of any accidental deletion, hardware or software failure, or any other type of tampering, corruption and theft.

It’s important to remember that the term “backup” refers to data only and doesn’t apply to the physical machines, devices, or systems themselves. If there were a system failure, disk crash, or an onsite physical disaster, all systems would still have to be replaced, rebuilt, and properly configured before the backed-up data could be loaded onto them.

Disaster Recovery – Backups are a single, albeit crucial, component of any disaster recovery plan. Disaster recovery refers to the complete recovery of your physical systems, applications, and data in the event of a physical disaster like a fire; hurricane or tornado; flood ; earthquake ; act of terror or theft.

A disaster recovery plan uses pre-determined parameters to define an acceptable recovery period. From there, the most satisfactory recovery point is chosen to get your business up and running with minimal data loss and interruption.

Business Continuity – Although backup and disaster recovery processes make sure that a business can recover its systems and data within a reasonable time, there is still the chance of downtime from a few hours to many days. The point of a business continuity plan is to give businesses continuous access to their technology and data, no matter what. Zero or minimal downtime is the goal.

Critical business data can be backed up with configurable snapshots that are instantly virtualized. This allows files, folders and data to be turned on and restored in seconds. Bare metal restores of hardware, where an image of one machine is overlaid onto a different machine, is also utilized along with cloud replication for instant off-site virtualization.

Many businesses also keep redundant systems and storage at a different physical location than their main site as part of their business continuity process. They may also outline procedures for staff to work remotely off-site. Some businesses or organizations may go as far as to have printed 

Breaking News: Downtime Kills Small Businesses

Downtime is bad news for any business whether big or small.

A recent two-hour New York Times’ downtime occurrence sent Twitter ablaze and their stock price plummeting.

Google going down for one to five hours resulted in lost revenue up to $500,000 and decreased overall web traffic by 40%.

We know what you’re thinking. Holy crap, Google makes $100,000 an hour? Yeah… insane, huh?

While the hourly cost of downtime for a small-to-medium sized business won’t be nearly as large as that astronomical Google figure, downtime is often more detrimental to smaller companies. Smaller enterprises are more susceptible to downtime and are neither large nor profitable enough to sustain its short and long-term effects.

Downtime Leads to Unhappy/Unproductive Employees

Even the happiest of employees become dissatisfied when they can’t perform basic day-to-day job functions or properly service customers or clients.

While some employees may use downtime as an excuse to lean back, put their feet up, and comfortably collect their hourly pay, we’re talking about those employees who come to work to actually work.

And don’t forget your IT guy or tech crew. They can’t necessarily sit back and twiddle their thumbs when downtime occurs because they’re typically taking the brunt of the storm. They will ultimately grow tired of the daily routine of having to put out fires and having neither the additional manpower nor resources to change things for the better.

These things lead to high employee turnover and the expenses that come with training and re-training a revolving door of employees.

Downtime Leads to Customer Dissatisfaction

Customers and clients grow weary whenever critical components of your operations – or the services they either expect or pay for – cannot be accessed.

Nearly 50% of customers will move on to a competitor if they encounter downtime of five minutes or more. These customers represent significant lost revenue.

While some suggest this is a bigger problem in the retail sector, other types of businesses are impacted as well. Have you ever clicked a link from search engine results only to quickly bolt when the page didn’t load, you couldn’t complete an online transaction, or you were greeted with a “Technical Difficulties – Be Back Up Soon!” message?

Did you give up on finding what you were looking for or did you wait it out? You did neither. You went back to Google and found someone else offering a similar service or product that satisfied your yearning for instant gratification.

Downtime Ruins Your Reputation

One of the most commonly overlooked consequences of downtime is the hit your company’s reputation takes online. In this age of social media, one person’s bad experience is broadcast to dozens or even hundreds of followers. Bad news spreads faster than ever and has lasting repercussions.

Small business owners are often worried about data loss. Rightly so, because data loss has the potential to wipe out a business. We have identified the most common forms of data loss so you can see how they fit into your business and assess the risks related to each of these pitfalls.

1. Human Error – Human error – by way of unintentional data deletion, modification, and overwrites – has become much more prevalent in recent years. Much of this is the result of carelessly managed virtualization technology. While virtualization and cloud computing have enabled improved business continuity planning for many businesses and organizations, humans must still instruct this technology how to perform. The complexity of these systems often presents a learning curve that can involve quite a bit of trial and error. For instance, a support engineer may accidentally overwrite the backup when they forget to power off the replication software prior to formatting volumes on the primary site. They will be sure to never do that ever again, but preventing it from happening in the first place would be more ideal.

2. File Corruption – Unintended changes to data can occur during writing, reading, storage, transmission and processing – making the data within the file inaccessible. Software failure is a leading cause of data loss and is typically the result of bugs in the code. Viruses and malware can also lead to individual data files being deleted and hard drive partitions being damaged or erased.

3. Hardware Failure – Storage devices may be at risk due to age, or they may fall victim to irreparable hard-disk failure. Viruses and hackers can also potentially shut down a hard drive by inserting undeletable malicious code and huge files via open, unprotected ports. If these malicious programs cannot be deleted, the entire hard drive may have to be reformatted, wiping out all the data.

4. Catastrophic Events/Theft – The threat of catastrophic events such as fire, flooding, lightning and power failure is always a concern. Such events can wipe out data in a millisecond with no warning. Theft is also a data loss risk that companies must address. While advances in technology like anytime/anywhere connectivity, portability and the communication/information sharing capabilities of social media and crowdsourcing have revolutionized business – the risk for theft is even greater due to this increased accessibility. More people are doing daily business on their laptop, iPad and mobile phones. They are also carrying around portable media like thumb drives, USB sticks and CDs. Physical theft of any of these devices can spell big trouble.

Data loss is as unique as the various sources from which it comes. The key is to identify the areas in which your business is weak and work towards a mitigation plan for each one of them. An MSP can act as a trusted partner in such cases, holding your hand through the process of safeguarding your data.