Posts

8 Cold Hard Truths for SMBs Not Worried About Disaster Recovery and Business Continuity

27 The foundation of any successful business continuity solution is the ability to retrieve data from any point in time from anywhere. When the topic of data recovery and business continuity comes up, you get the feeling that many decision makers at smaller businesses and organizations wish they could channel their inner six year old, simply cover their ears, and sing “La, la, la. I Can’t Hear You. I’m Not Listening.” Everybody things bad things only happen to other people. Just because we hear about a fatal car accident on the morning news, doesn’t mean we fixate on that news when we ourselves get into a car and drive to work. So no matter how many times the owner or CIO of a small to midsize business (SMB) hears of other small businesses being crippled by hurricanes, tornados, fires, or flooding, they aren’t necessarily overcome with fear to the point that they feel an urgency to take action. Sure, they may think about backup and data recovery solutions a little more that day, but not enough to initiate immediate change or reverse a lenient approach to their processes. If you fall into this category, here are eight cold hard truths to consider

  1. It isn’t natural disasters or catastrophic losses like fires that take down small businesses but something far more sinister – malware. Cyber attacks through malware have grown exponentially in the past four years. Malware is hitting everything from PCs to Macs to mobile devices and it’s inflicting damage.
  2. Over half of the small businesses in the U.S. have experienced disruptions in day-to-day business operations. 81% of these incidents have led to downtime that has lasted anywhere from one to three days.
  3. According to data compiled by the Hughes Marketing Group, 90% of companies employing less than 100 people spend fewer than eight hours a month on their business continuity plan.
  4. 80% of businesses that have experienced a major disaster are out of business within three years. Meanwhile, 40% of businesses impacted by critical IT failure cease operations within one year. 44% of businesses ravaged by a fire fail to ever reopen, and only 33% of those that do reopen survive any longer than three years.
  5. Disaster recovery solution providers estimate that 60% to 70% of all business disruptions originate internally – most likely due to hardware or software failure or human error.
  6. 93% of businesses unable to access their data center for ten or more days filed for bankruptcy within twelve months of the incident.
  7. In the United States alone, there are over 140,000 hard drive crashes each week.
  8. 34% of SMBs never test their backup and recovery solutions – of those who do, over 75% found holes and failures in their strategies.

It’s critical that small businesses review their backup and disaster recovery processes and take business continuity seriously. Given the vulnerabilities associated with the cloud and workforce mobility, the risk of critical data loss today is quite serious and firms must be truly prepared for the unexpected.

CLICK HERE for a free network assessment.

The Basic Services of an MSP

18 Your peers are finding new technology innovations like virtualization and the cloud as a way to save money. Virtualization and cloud computing are a cost-effective means to move the contents of entire servers into one offsite virtual server or software bundle – this includes all applications, data, operating systems and patches. The need for fewer physical servers reduces hardware and energy costs, data size requirements and makes overall IT management and backup/recovery easier.

According to series of studies compiled by VMWare (a US-based cloud and virtualization software and services company), businesses that have implemented virtualization have reduced total cost of ownership in IT operations by up to 67%.

While there has been much attention called to the positives of these new innovations, SMBs owners and managers have little to no visibility to the new set of risks and the incremental costs that accompany this new technology.

This new technology, while highly productive, also has the potential to be disruptive given the increased risk for security breaches in the cloud and the learning curve of team members adapting to new technology and software applications. The life of a system administrator also becomes more complex given the demands of always-on employees/customers and the greater need to backup data and recover immediately in the event of an unplanned outage.

The reality is many of the headaches that come with new technology aren’t fully realized until months, if not years, into their implementation – and this may be too late.

 

Management today needs more visibility to the real risks at hand, along with new solutions and methodologies. Partnering with a managed services provider (MSP) is one new approach being used by many of your peers today. Experienced MSPs have access to newer tools that reduce costs by automating many routine in-house labor intensive processes. Break-fix is labor intensive, and labor is one of the most expensive operating costs within your IT infrastructure. These innovative tools generate real productivity increases and mitigate the risk of network failure, downtime or data loss from human error.

MSPs deliver a trusted foundation for your team and your customers – some of the services and tasks offered include:

  • Remote Desktop Management and Support
  • Predictable Management of Critical Patches and Software Updates
  • Fractional Resource Availability of Best-In-Class Expertise – scaled to your needs
  • Implementing and Testing Backup and Disaster Recovery Processes
  • Performance of Inventory and Audits of Computer/Network/Software
  • Enforcement of Network/Security Policy
  • Mobile Data Management and Monitoring
  • Monitoring of Network/Operating System and Alerts
  • Updating Anti-Virus Software and Detecting Spyware

Alert Monitoring – MSP automation of this task has led to an 80% reduction of in-house monitoring that delivers visibility to risks that were previously unidentifiable.

Service Tasks/Help Desk Requests or Ticketing – MSP automation of these tasks have led to a 30% reduction of in-house support ticket- related efforts – saving countless hours of paying for employees and team members to stand idle

Reporting – MSP service-level management tools and dynamic dashboards have led to complete automation of reporting and business communication efforts. Network trust increased and fear of unknown risks reduced so management can sleep at night?

 

Erase any misconception that MSPs are nothing more than “outsourced” tech help priced to displace your in-house IT technician or team. The new MSP has defined effective processes; methodologies and technology partnerships to offer valuable preventive services that proactively identify and eliminate threats before a bigger problem arises.

Whether an MSP assumes full responsibility for IT operations or acts as an ally to an in-house IT technician or team, the toolsets and education they provide to SMBs are invaluable. An MSP’s expertise and availability is what sets them apart from the “fireman-like” break-fix provider.

In an increasingly competitive environment where technology evolves at a rapid pace, businesses must fully leverage innovation to better meet the needs of their employees and the expectations of their customers. Much of this hinges on an organization’s ability to increase system reliability for their business continuity, team productivity and customer satisfaction.

CLICK HERE for a free network assessment, and choose Cognoscape as your trusted MSP.

Five Ways SMBs Can Minimize Data Loss

  1. Enforce Data Security – This is more or less the managing of the “human factor.” CIOs and those in SMB management roles must communicate data protection policies to staff and ensure their implementation. Rules must be set, particularly with personal devices, to enforce security policies. It can be as simple as sending reminders to not open email attachments from unknown sources, requiring passwords be reset every few months or the banning of specific file sharing or social networking sites. In May of 2012, security concerns led to over 400,000 IBM employees being banned from using the cloud storage service Dropbox and Siri – the iPhone personal assistant. While far from an SMB, if IBM can go that far and make such a demand to so many employees, an insurance agent can certainly remind his or her marketing representative to not play Farmville on Facebook if they’re using a laptop containing company and customer/client data.
  2. Stress the consequences – both personal and business – of not properly protecting confidential data. Encourage employees to make passwords difficult to crack. Patch holes in the infrastructure’s walls by identifying the most critical data. Perhaps a trusted IT advisor can help implement processes to better protect that data’s security perimeters.
  3. Mobile Device Management – Mobile Device Management grants SMBs a semblance of control over the mobile devices used within the company. Devices tapping into company system are identified and remotely monitored and managed 24/7. More importantly, they are proactively secured via specified password policies, encryption settings, and automated compliance actions. Lost or stolen devices can be located and either locked or stripped of all SMB-related data.
  4. Snapshots – Fully backing up large amounts of data can be a lengthy process. The data being backed up is also vulnerable to file corruption from read errors. This means sizeable chunks of data may not be stored in the backup and be unavailable in the event of a full restore. This can be avoided by backing up critical data as snapshots, which are read-only copies of data frozen to a specific point in time and stored using minimal disk space. These virtual snapshots are immediately available for restores in the event of data loss.
  5. Cloud Replication and Disaster Recovery Services – The cloud provides SMBs who consider data backup to be too costly, time consuming and complex with a cost-effective, automated off-site data replication process that provides continuous availability to business-critical data and applications. Cloud replication can often get systems back online in under an hour following a data loss.

6

CLICK HERE for a free network assessment.

Data Security Threats Every SMB Must Be Aware of

Human Error and Employee Negligence

1 Human error, by way of unintentional data deletion, modification, and overwrites, has become much more prevalent in recent years. Much of this is the result of carelessly managed virtualization technology. Virtualization and cloud computing have enabled improved business continuity by allowing entire servers – including all data, operating systems, applications, and patches to be grouped into one software bundle or virtual server and subsequently backed up. The catch is humans must still instruct this technology how to perform, which is why so much of today’s data loss is linked to human error. The complexity of these systems often presents a learning curve that involves quite a bit of trial by error. For example, a support engineer can accidentally overwrite his backup when he forgets to power off his replication software prior to formatting volumes on the primary site.

While most CIOs at SMBs are generally accepting and understanding that mistakes happen, they must be more stringent when it comes to managing risky negligent employee behaviors in this era of mobility and accessibility. Employee negligence puts a company or organization’s critical business data at risk of being stolen by cybercriminals or malicious employees. Examples of this negligent behavior include:

  • Leaving computer systems unattended
  • Weak passwords (“password” or “12345”) or passwords that aren’t frequently changed
  • Opening email attachments or clicking hyperlinks embedded with spam
  • Visiting restricted websites

5 Employee Mobility & Data Exposure

In the modern-day BYOD workplace, more people are doing daily business on their personal laptops, iPads and Blackberrys. They are also carrying around portable media like thumb drives, USB sticks and CDs.

These devices are not always backed up or secured by IT administrators. There is not only the potential for these devices to be lost or stolen but there is also a very high probability that employees using them are also accessing personal email, downloading music, browsing the web, playing games and hanging out on Facebook. This makes sensitive data susceptible to malware, viruses and hackers. All of this substantially ups the likelihood of data loss incidents.

Prevent data loss. CLICK HERE for a free network assessment.

Decreasing Business Costs and Risks of Costly Data Loss

4 We live in a 24/7 global economy that is more dependent than ever on technology. Even the technology of small and medium sized businesses (SMBs) houses sensitive digital data – employee and customer information, internal emails, documents and financial records, sales orders and transaction histories. Not to mention applications and programs critical to daily business function and services. Employees at SMBs require continuous access to the critical business data needed to meet the demands of the customers or clients they service. They even want this access while they’re at home or on the go running errands. To satisfy this demand, many companies and organizations now allow employees to BYOD (Bring-Your-Own-Device) and “do business” using their personal laptops, tablets and mobile phones. The web, Wi-Fi networks and mobile devices with robust memory and battery life have made this constant access to a SMBs back office infrastructure a reality. Regrettably this flexibility and freedom is accompanied by an ominous risk of data loss.

Just a single data loss or breach can be costly to SMBs. Data losses and leaks come with lingering continuous costs that many SMBs cannot easily shake or overcome. Revenue is lost if employee productivity and customer accessibility/service are stalled by data loss. The expenses associated with internal research and investigation, system repair and maintenance, and data security protection are another heavy price SMBs must pay. If cybercrime is involved, affected customers must be notified, the potential exists for litigation, and many customers will likely never return due to mistrust.

While corporate-level data losses are well publicized, many SMBs mistakenly believe their data isn’t at risk. This mistake can prove to be a costly one.

3 Why C-Suite Management at SMBs Can No Longer Ignore Data Loss

  • Following a significant data loss, it is estimated that SMBs can lose up to 25% in daily revenue by the end of the first week.
  • According to the National Archives & Records Administration in Washington, 93% of companies that have experienced data loss, and prolonged downtime for ten or more days have filed for bankruptcy within twelve months of the incident. 50% wasted no time and filed for bankruptcy immediately. 43% of companies with no data recovery and business continuity plan actually go out of business following a major data loss. How quickly can your business be restored if critical data is lost? When was the last time backup processes were tested to ensure all data is recoverable and business operations are quickly restored?
  • A survey conducted by Symantec SMB revealed that fewer than half of SMBs surveyed backup their data each week. Only 23% of those surveyed said they backup data every day and have a business continuity plan in place.
  • The percentage of cybercriminal attacks targeting businesses with fewer than 250 employees doubled in 2012. The vulnerabilities of naïve small business owners have been noted, and hackers have now placed the proverbial bull’s-eye on these perceived weak links.

If sensitive customer data is leaked, SMBs may face overwhelming financial liabilities, which could include reimbursing affected customers and legal fees.

2

Businesses today are playing on a much bigger playing field than they were two decades ago. Any SMB that trusts the security and backup of critical business data with a limited and overburdened in-house IT team, or forsakes internal IT support altogether for emergency on-call help when things go bad (Break/Fix Mentality), is playing with fire and begging to be burned.

Any disruptive or invasive technological event – even the smallest of incidents – can have an amplified impact on day-to-day business and profitability. Being proactive with data recovery solutions, and having emergency response procedures in place prior to a disruption or data disaster, is the only way to get critical data restored immediately to the data center, minimize downtime, protect customer and client data and soften the impact of such events.

Don’t let this happen to you. CLICK HERE for a free network assessment.

Cognoscape’s Michael St. Martin on KRLD last week “The Educated Investor”

Michael St. Martin, Cognoscape’s COO visited with Todd Volkman on Todd’s KRLD 1080AM radio show “The Educated Investor” last week to discuss how small and medium business owners and executives can leverage technology to increase revenues, productivity and cost savings. Listen “I had a blast speaking with Todd and hopefully explaining how to wade through the quickly changing and sometimes complex landscape of today’s technology” says Michael.   Topics covered include technology planning, back up and disaster recovery, hosted email, cloud computing, free or low cost web apps, and other nuggets of info for you.   Happy listening!

3 Points of Data Recovery

Doing data backup is easy.  Considering the needs for data recovery is where many go wrong.  There are 3 points of data recovery that must be considered when putting together a proper Backup and Disaster Recovery plan.

1. Recovery of a File – Very simple and straight forward, you must be able to recover data files.  Can you recover deleted files from every location people save files?  Most files reside on the server or in a document management system.  Are people saving these documents on their workstations while they edit them?  What happens if Microsoft Word crashes?  I am sure that the file server is backed up, but is it backed up often enough?  Daily backups taken over night are typically not sufficient in most modern networks.

2. Recovery of a Server – Many business owners take comfort in that fact their server is being backed up without ever considering what recovering the server really means.  How long will it take to get a replacement server?  Will the same type of server be available? How do people work while waiting for the hardware?  Once you have the replacement server, how long will it take to restore it to service?  With many backup solutions, restoring requires the server OS and applications to be reinstalled before the data is restored.  It adds another level of complexity (and time) when recovering to dissimilar computer hardware.

3. Recovery of a Site– Unfortunately, disasters do happen.  Here in Texas the media has been marking the ten year anniversary of the tornado that ripped through downtown Fort Worth destroying buildings and ravaging businesses.  We have also been seeing all the coverage of earthquakes.  And let’s not forget about fires.  A recent study discovered that, of companies experiencing a “major loss” of computer records, 43 percent never reopened, 51 percent closed within two years of the loss, and a mere 6 percent survived over the long-term.  Having a plan and being able to recover quickly can greatly improve the chances of the business surviving.

A Complete Solution that addresses all of these points –
A good backup system should allow for quick and flexible restores that allows for recovery of files, folders, partitions, mailboxes/messages, databases/tables using a quick and intuitive process.  A 15-minute incremental based backup allows restores to be done from any point in time, allowing for multiple versions of files, folders, messages/mailboxes, database/tables to be restored.

If any of your servers fail, a good data backup solution will include virtualization technology embedded in the Network Attached Storage (NAS) that allows customer servers and applications to be restored and rebooted in less than 30 minutes in most cases.  As you may sometimes wait several days in order to receive replacement servers from vendors, your NAS can have your business up and running.  The NAS multitasks so that, even while functioning as a virtual server, it can continue to back up data from other devices plugged into the NAS.  This technology thus allows you to remain in business without any significant loss of data backup, server functionality, or application downtime.  In case of a complete server failure the solution should support a bare metal restore to new hardware which has a different configuration, hardware and drivers as compared to the failed server.

Transmitting data to a remote site is another key component of a worthy Backup and Disaster Recovery Plan. It guarantees that, in case of physical damage to the client’s network or NAS, or even regional disaster, the data is safe. Encryption is required in transmitting data between the NAS and the remote sites, because it greatly reduces the risk of data loss incidents that plague magnetic tape and prevents man-in-the-middle attacks during transmission.  Of course a key consideration of off-site backup is the amount of time it could take to restore data over the Internet.   Solutions that offer both transmission as well as emergency delivery of a new device with the most recent image are doubly effective.

In summary, the most important aspects of Backup and Disaster Recovery are to first, have a specific plan, second have a well thought out and comprehensive plan that matches the requirements of your business and lastly, to consistently manage and test your BDR solution.   In an age of document management, EMR, paperless office, HIPAA, HITECH, Sarbanes Oxley, eDiscovery, etc., a reliable Backup and Disaster Recovery solution are paramount to the longevity of your business.

Data Backup and Recovery: 7 Questions to Answer

The statistics are gloomy: 50 percent of companies that loose their data for 10 days or more file for bankruptcy within that same time period.

Ninety-three percent file for bankruptcy within one year.

Now that I’ve got your attention, now’s the time to start preparing for disaster, before you become another statistic! The first step is

1. Who will be responsible for the plan and who will perform the actual recovery of the data? The time for pointing fingers is not when disaster strikes. The person who creates the plan and the person who performs the actual recovery may be the same—or not. Determine who’s responsible for what early in the plan to avoid confusion and misunderstandings.

2. How important is your data? Data varies in importance, helping you determine how and when it should be backed up. For instance, critical data, like a customer database, will likely require a plan that’s more elaborate, with more frequent and redundant backup sets that go back several backup periods. Less important information, such as daily user files, may simply need routine backups so you can recover the information when needed. Sift through your data and identify your most important and least important information.

3. What kind of information does your data contain? Data can contain everything from mundane, everyday information to highly sensitive and mission-critical information. Additionally, information that’s not very important to you might be important to someone else. Identifying the type of information your data contains will help you determine how secure your backup system needs to be, as well as when and how frequently your data should be backed up.

4. How frequently does your data change? The answer to this question determines how frequently you should back up your data. Information that changes daily should be backed up daily. Information that changes every few days should—at the very least—be backed up every few days. And so on.

5. When is the best time to schedule backups? Over the weekend? During the evening hours? In the morning? Backing up data generally takes less time when system use is low. Unfortunately, you may not be able to schedule backups to occur at these times. Carefully consider the best time and day to back up your information, keeping in mind that automated technology makes this easier while minimizing administrative time.

6. How quickly will you need to recover data? Apply the old adage here: time is money. Some businesses may function relatively well for a day or two without access to their systems and data stores. Others may crumble in a matter of hours. If you fall into the latter category and need to get access to critical systems immediately, create a plan that lets you do this. Prioritize which systems you need first, second and so on, and make sure your recovery solution delivers.

7. Should you store backed-up information off-site? The answer for most businesses: yes. This is especially important if you operate in an area prone to natural disasters such as tornadoes or hurricanes. In addition to storing your tapes or disks off-site, make sure you store copies of any software you need to re-establish operations, and that multiple people have the keys or access code for that location.

Avoid saying, “If only …”

No one anticipates a disaster. But we can plan for it. Today’s backup and recovery technology makes protecting your critical business information and systems easier and more affordable than ever. So stop making excuses. Start planning. Information is one of your business’ most important assets. Protect it.