Posts

Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe

69 Not too long ago, the New York Times’ website experienced a well-publicized attack, which raises the question – how can this happen to such a world-renowned corporation? If this can happen to the New York Times, what does this bode for the security of a small company’s website? What’s to stop someone from sending visitors of your site to an adult site or something equally offensive?

The short answer to that question is nothing. In the New York Times’ attack, the attackers changed the newspapers’ Domain Name System (DNS) records to send visitors to a Syrian website. The same type of thing can very well happen to your business website. For a clearer perspective, let’s get into the specifics of the attack and explain what DNS is.

The perpetrators of the New York Times’ attack targeted the site’s Internet DNS records. To better understand this, know that computers communicate in numbers, whereas we speak in letters. In order for us to have an easy-to-remember destination like nytimes.com, the IP address must be converted to that particular URL through DNS.

Therefore, no matter how big or small a company’s online presence is, every website is vulnerable to the same DNS hacking as the New York Times’ site. The good news is the websites of smaller companies or organizations fly under the radar and rarely targeted.  Larger targets like the New York Times, or LinkedIn, which was recently redirected to a domain sales page, are more likely targets.

For now… There is no reason to panic and prioritize securing DNS over other things right now. But there is a belief that DNS vulnerability will be something cybercriminals pick on more often down the road. Here are a few ways to stay safe:

Select a Registrar with a Solid Reputation for Security

Chances are, you purchased your domain name through a reputable registrar like GoDaddy, Bluehost, 1&1, or Dreamhost. Obviously, you need to create a strong password for when you log into the registrar to manage your site’s files. Nonetheless, recent DNS attacks are concerning because they’re far more than the average password hack.

It was actually the security of the registrars themselves that was compromised in recent attacks. The attackers were basically able to change any DNS record in that registrar’s directory. What’s particularly frightening is the registrars attacked had solid reputations. The New York Times, along with sites like Twitter and the Huffington Post, is registered with Melbourne IT. LinkedIn, Craigslist and US Airways are registered with Network Solutions. Both had been believed to be secure.

So what else can be done?

Set Up a Registry Lock & Inquire About Other Optional Security

A registry lock makes it difficult for anyone to make even the most mundane changes to your registrar account without manual intervention by a staff registrar. This likely comes at an additional cost and not every domain registrar has it available.

Ask your registrar about registry locking and other additional security measures like two factor authentication, which requires another verifying factor in addition to your login and password, or IP address dependent logins, which limits access to your account from anywhere outside of one particular IP address.

While adding any of these extra safeguards will limit your ability to make easy account change or access your files from remote locations, it may be a worthwhile price to pay.

CLICK HERE for a free network assessment and avoid cybercrime with Cognoscape.

3 Steps to Improved BC/DR Planning


Step 1 – Recognize the Need and Importance

Business continuity and disaster recovery strategies tend to be on the to-do lists of many SMBs, but they are often delayed as more urgent business issues emerge. U.S. businesses lose roughly $1.7 billion in profit each year from network outages according to the same 2011 CDW business continuity survey referenced earlier. Obviously, it isn’t smart business for an SMB to let business continuity and disaster recovery planning become an afterthought.

To structure a solid business continuity plan, SMBs must be prepared for all possible disruptions. It is important to note that business continuity goes beyond being prepared for natural or man-made disasters. We are now so technologically dependent that BC/DR plans must be in place to counter any disruption – big or small – that threatens business and profitability. Internal technical or infrastructure failures or cyber-attacks are obvious examples. Small internal “single-points-of-failure” can bring down an entire operation.

 

Step 2 – Impact Analysis and Risk Assessment

Constant availability is critical to success. In order to minimize downtime, it’s important to determine what technology is behind each phase of your business operations. Knowing the technology infrastructure of your business allows for a comprehensive impact analysis and a better grasp of the impact on business operations when specific technology fails or becomes unavailable – even for a short period of time.

Determining what could unexpectedly bring down each piece of that infrastructure is risk assessment. Risks come in the form of either internal or outside threats. Internal threats can be anything from an application failure, disk crash, and server malfunction to human error or a bitter employee. External threats can vary depending on location – natural disasters like hurricanes, earthquakes, tornados, floods, and fires, as well as man-made events like power outages, acts of terror, and accidents can knock out services. Additionally, our dependency on technology leaves firms susceptible to cyber-attacks like malware, computer viruses, phishing schemes, and the theft of personal mobile devices used for work purposes.

While major disasters do occur, and shouldn’t be overlooked, it is the smaller everyday disruptions like power outages, server crashes, email issues, equipment failure, and lost or corrupted data that pose the bigger risk to business.

Doomsday prepping may be the rage these days, but a sound BC/DR plan typically begins by focusing on addressing the day-in and day-out disruptions first. Documenting, reviewing, communicating, and testing the effectiveness of smaller response scenarios will better prepare businesses for potential disasters and longer-term disruptions.

 

Step 3 – Look to Recent Tech Trends That Simplify Planning

Recent technology developments like server and desktop virtualization, cloud computing, and mobile devices are beneficial to SMBs looking for BC/DR solutions.

Virtualization – BC/DR preparedness may be the most compelling reason to consider virtualization. Virtualization allows businesses to condense data and applications onto fewer servers – taking up less space and consuming less power. Virtualization allows small-to-medium sized businesses the benefit of high availability (HA) without the added expense of building a backup data center. Operations can be restored faster as the entire system can be brought back in a single virtual container.

Cloud Computing – More firms are moving to the cloud for backup services. The cloud has enabled small and medium sized businesses to backup operations away from their primary location and enhance their business continuity process at a reduced cost.

Cloud-based Software-as-a-Service (SaaS) packages often come with built in business continuity solutions that can automate data backup processes onsite or off-site – spreading out risks and minimizing the impact of a disaster. Data, servers, software, and tools can be stored in the cloud and remain safe if a business is hit by a computer virus or disaster. The cloud also allows remote workers to access an organization’s communication and collaboration tools, further allowing for “business as usual” in the event of a serious disruption. 32

Although it is understandable that ownership and upper management at small to medium sized businesses are hesitant to spend money, BC/DR planning is a lot like insurance. It is human nature to think that bad things won’t happen to you, but the investment pays off the when you’re hit by an extreme event or emergency.

New technology trends and the back-up-as- a-service, remote backup, and online backup services provided by MSPs have given SMBs the ability to safeguard their business operations at a reasonable cost. Money and resources can no longer be an excuse for a lack of solid BC/DR solutions. There is way too much at risk. Plan now and CLICK HERE for a free network assessment.

Business Continuity and Disaster Recovery for Small Businesses

31 As a small business owner, you owe it to yourself, your employees, stakeholders, and any customer you serve to honestly answer this one question: Is your business resilient enough to withstand short or long-term interruptions to its operations?

The answer should be immediate. If you have to pause or think for one second before responding, the answer is no. Each day of business brings with it unforeseen risk. Whether it’s catastrophic weather conditions, cyber- security threats, or the vulnerabilities of the technology we’re dependent on to perform daily work functions, there must be both a business continuity (BC) and disaster recovery (DR) plan in place. There must also be complete confidence in the effectiveness of the BC/DR strategies that are implemented.

The truth of the matter is most small-to-medium sized businesses (SMBs) aren’t doing nearly enough when it comes to continuity and disaster planning. It’s inconceivable that in this era where smaller businesses store more sensitive data than ever before, and the risk of losing this data is so great, that a 2011 Systematic survey revealed that up to 57% of small businesses still have no business continuity or disaster recovery plan in place.

A few years ago, a study conducted by Forrester Research concluded that 66% of businesses with fewer than one hundred employees admitted to having no tested response to not just tech issues like a downed server or network but disasters, emergencies, and power outages.

Let’s break down some of the potential costs of short and long-term business interruptions, why far too many SMBs don’t have a solid business continuity/recovery plan in place, and the necessary steps SMBs can take to get prepared.

 

A Competent BC/DR Strategy Is a Must

Often misconceived as a problem for the “big guys,” business continuity is a concern for businesses and organizations of all sizes – whether there are 5 or 5,000 employees. The costs of having no solutions in place are too high for many smaller companies to rebound from.

Several hours of unplanned downtime can result in thousands of dollars lost each hour. That’s the kind disruption a small business may face from a shorter-duration tech issue or power outage. Imagine the consequences of longer lasting outages, where a business may be down for days or weeks, as seen in natural disasters like Hurricane Sandy and Hurricane Katrina, or acts of terror like the 2001 World Trade Center attack.

Beyond the immediate tangible costs of outages like lost productivity and revenues, there is also an intangible domino effect that may be harder to quantify. The repercussions can greatly exacerbate the total losses over time, for instance:

  • Customers/Clients Jumping to a Competitor: The web hosting company1&1 Internet, Inc. reported that 72% ofweb users admit to abandoning a businessfor a competitor if they can’t instantlyaccess a company website or encounternumerous error messages, problemsplacing an order, or issues accessing onlinefeatures/support. People want immediategratification today and will take theirdollars elsewhere if they don’t get it.Even more alarming is the fact that 58%are likely to never return, which meansthe loss of long-term revenue streams.Perhaps they may be more forgiving inthe event of a crisis like a natural disasterbut there will still be those who go to acompetitor and never come back.
  • Word-of-Mouth/Negative Brand Reputation: Thanks to the power of socialmedia, those frustrated by instances ofdowntime will take to Facebook or Twitterto quickly spread their vitriol. Brandbuilding and reputation managementare critical to small businesses. Anynegative attention and publicity broughton by downtime can have long lasting consequences.
  • Disgruntled Employees: In small companies or organizations, the burden of troubleshooting recurring tech issues or getting a system back online will typically fall upon the shoulders of an already busy, possibly overworked, employee. This multi-tasking employee will have to sacrifice bigger priorities to constantly play damage control. He or she will sometimes have to do this outside of normal work hours and may be pulled away from projects that generate revenue. If they aren’t happy about this, they may seek employment elsewhere. Both high turnover and the inability to use an employee’s knowledge and skill set for revenue generating tasks are costly to small-to-medium sized businesses.

Too Many SMBs Aren’t Prioritizing BC/DR Plans

Businesses are fueled by information. They are defined by their ability to efficiently and safely handle the data and vital information they generate or process on a daily basis. It is this data that keeps their day-to-day business functioning, ensuring optimal customer service and interaction. While protecting data is a priority for large enterprises, small-to-midsize business owners have the same responsibility but are challenged by limited budgets. For a start-up, the entire focus must be customer-facing, with few resources directed at anything not driving short-term revenues.

This means far too many SMBs today are failing to employ some very basic safeguards to ensure BC/DR.

A September 2011 CDW Business Continuity Straw Poll suggested that 82% of U.S. service disruptions could be reduced or altogether eliminated by even the most basic BC/DR plan. So why aren’t more SMBs taking these precautions?

  • Failure to Recognize a Problem: Most SMBs don’t think about business continuity or disaster recovery until it’s too late and they’re scrambling to recover after being taken down. It’s ironic since so much focus goes into keeping a business sustainable by growing sales, or outdoing the competition, yet a vital part of “staying in business” is overlooked when it comes to their supporting technology.
  • Intimidating and Complex Planning Tools: SMBs looking to streamline costsand simplify procedures will sometimeswrite off BC/DR practices as unnecessary.Those who do recognize the importanceof preparedness are often overwhelmedby the complex technical jargon thataccompanies business continuity planningand don’t know where to begin when theyhear terms like “business impact analysis”and “risk assessments.”
  • They Feel as if They Can’t Afford It and They’re On Their Own: Decision-makers may know they’re living on theedge without a tested strategy, however,they don’t realize that new technologytrends, and the availability of productslike managed service providers (MSPs),can reduce costs and save on resources.MSPs can leverage their knowledge of anSMB’s specific needs with the numerouscloud and hosted backup and recoverytools currently available today.

Create a plan. CLICK HERE for a free network assessment.

 

8 Cold Hard Truths for SMBs Not Worried About Disaster Recovery and Business Continuity

27 The foundation of any successful business continuity solution is the ability to retrieve data from any point in time from anywhere. When the topic of data recovery and business continuity comes up, you get the feeling that many decision makers at smaller businesses and organizations wish they could channel their inner six year old, simply cover their ears, and sing “La, la, la. I Can’t Hear You. I’m Not Listening.” Everybody things bad things only happen to other people. Just because we hear about a fatal car accident on the morning news, doesn’t mean we fixate on that news when we ourselves get into a car and drive to work. So no matter how many times the owner or CIO of a small to midsize business (SMB) hears of other small businesses being crippled by hurricanes, tornados, fires, or flooding, they aren’t necessarily overcome with fear to the point that they feel an urgency to take action. Sure, they may think about backup and data recovery solutions a little more that day, but not enough to initiate immediate change or reverse a lenient approach to their processes. If you fall into this category, here are eight cold hard truths to consider

  1. It isn’t natural disasters or catastrophic losses like fires that take down small businesses but something far more sinister – malware. Cyber attacks through malware have grown exponentially in the past four years. Malware is hitting everything from PCs to Macs to mobile devices and it’s inflicting damage.
  2. Over half of the small businesses in the U.S. have experienced disruptions in day-to-day business operations. 81% of these incidents have led to downtime that has lasted anywhere from one to three days.
  3. According to data compiled by the Hughes Marketing Group, 90% of companies employing less than 100 people spend fewer than eight hours a month on their business continuity plan.
  4. 80% of businesses that have experienced a major disaster are out of business within three years. Meanwhile, 40% of businesses impacted by critical IT failure cease operations within one year. 44% of businesses ravaged by a fire fail to ever reopen, and only 33% of those that do reopen survive any longer than three years.
  5. Disaster recovery solution providers estimate that 60% to 70% of all business disruptions originate internally – most likely due to hardware or software failure or human error.
  6. 93% of businesses unable to access their data center for ten or more days filed for bankruptcy within twelve months of the incident.
  7. In the United States alone, there are over 140,000 hard drive crashes each week.
  8. 34% of SMBs never test their backup and recovery solutions – of those who do, over 75% found holes and failures in their strategies.

It’s critical that small businesses review their backup and disaster recovery processes and take business continuity seriously. Given the vulnerabilities associated with the cloud and workforce mobility, the risk of critical data loss today is quite serious and firms must be truly prepared for the unexpected.

CLICK HERE for a free network assessment.

Stay Secure My Friend… More Hackers Targeting SMBs

Many SMBs don’t realize it, but the path to some grand cybercrime score of a lifetime may go right through their backdoor.  SMBs are commonly vendors, suppliers, or service providers who work with much larger enterprises. Unfortunately, they may be unaware that this makes them a prime target for hackers. Worse yet, this may be costing them new business.

Larger companies likely have their security game in check, making it difficult for hackers to crack their data. They have both the financial resources and staffing power to stay on top of security practices. But smaller firms continue to lag when it comes to security. In many cases, the gateway to accessing a large company’s info and data is through the smaller company working with them. Exposed vulnerabilities in security can lead cybercriminals right to the larger corporation they’ve been after.

25 Cybercriminals Target Companies with 250 or Fewer Employees

In 2012, Symantec research confirmed that cybercriminals are increasingly targeting smaller businesses with 250 or fewer employees. Attacks aimed at this demographic practically doubled from the previous year. This news has made larger enterprises particularly careful about whom they do business with. This means that any SMB targeting high-end B2B clientele, or those seeking partnerships with large public or government entities, must be prepared to accurately answer questions pertaining to security. This requires an honest assessment of the processes taken to limit security risks.

View Security Measures as Investments

CIOs must start viewing any extra investment to enhance security as a competitive differentiator in attracting new business. Adopting the kind of security measures that large enterprises seek from third-party partners they agree to work with will inevitably pay off. The payoff will come by way of new revenue-generating business contracts that will likely surpass whatever was spent to improve security.

Would-be business partners have likely already asked for specifics about protecting the integrity of their data.  Some larger entities require that SMBs complete a questionnaire addressing their security concerns. This kind of documentation can be legally binding so it’s important that answers aren’t fudged just to land new business. If you can’t answer “yes” to any question about security, find out what it takes to address that particular security concern.

Where a Managed Service Provider Comes In

Anyone who isn’t yet working with a Managed Service Provider (MSP) should consider it. First, a manual network and security assessment offers a third-party perspective that will uncover any potential business-killing security risks. A good MSP will produce a branded risk report to help you gain the confidence of prospects to win new business.

A MSP can properly manage key elements of a small company’s security plan. This includes administrative controls like documentation, security awareness training, and audits as well as technical controls like antivirus software, firewalls, patches, and intrusion prevention. Good management alone can eliminate most security vulnerabilities and improve security.

Stay secure and CLICK HERE for a free network assessment. Managed IT could prevent a security breach.

The Technology Pains of Small Business

Small business owners are faced with quite the dilemma these days. While a reliable and secure network is a critical component to success, business owners are also being forced to scale back on costs and overhead as a means of basic survival in today’s economy.

Having a fully staffed IT department simply isn’t a viable option for a majority of small business owners. Many small businesses either have one full-time employee devoted to IT services or none at all. Both scenarios are recipes for disaster in an increasingly complex high-tech society.

One IT person, even a very small team, will likely be overworked and burdened by too many responsibilities. This can make a company’s business infrastructure increasingly vulnerable to breakdown, not from technology, but from human error.

13 A recent study conducted by Gartner projected that through 2015, people – not technology, will be responsible for up to 80% of technology failure. This number coincides with findings reported in the IT Process Institute’s Visible Ops Handbook stating that 80% of unexpected outages are due to poorly planned changes implemented by administrators and developers.

The forecast is even stormier for businesses with absolutely no IT support on payroll. These business owners have subscribed to the break/fix model of technology management. While this model can sometimes be out of necessity due to budget restraints, it can also stem from a state of ignorance or denial that their business is truly susceptible to technology failure. The overall health and profitability of their business is directly affected by the performance, reliability and security of its technology systems.

With the break/fix model, there is absolutely no proactive monitoring or management of their network. The only emergency plan for data loss or downtime is to call upon an IT specialist in an emergency 9-1-1 situation.

On average, these IT consultants charge $100 an hour. This doesn’t even factor in trip fees, surcharges, and standard repair costs in the range of $500 to $1000, or the costs of hardware and software upgrades. This method also results in more downtime, lost productivity, lost revenue, and a loss in overall customer satisfaction. Major network repairs require a minimum of 8-24 hours on average and most on-call IT consultants cannot get on site for up to 24-48 hours.

One has to also wonder if these consultants truly have the business owners’ best interest in mind. After all, they make their money when technology breaks down. Are they truly motivated to keep a client’s network running optimally and efficiently?

Well Cognocape is. CLICK HERE for a free network assessment.

Common Causes of Downtime

Chart Zero In On Infrastructure Vulnerability to Data Center Downtime

Leading Causes of Downtime

  • Power Outages – 48%
  • Accidental Data Deletion – 31%
  • Employee Created – 29%
  • Virus/Malware – 25%
  • Application Failure – 20%

Power Related Outages – Vulnerabilities to a data center’s power still rank as one of the leading causes of unplanned network outages and can often be catastrophic. Particularly costly are UPS (Uninterrupted Power Supply) related failures (this includes batteries) and generator failures.

ZERO IN

To minimize the impact that power outages have on data center operations, and to prevent a potentially catastrophic unavailability of the data center, a dependable backup system is needed. This ensures the backup of critical data and applications is always in place in the event of equipment failure.

The integration of comprehensive infrastructure monitoring and management tools also minimizes the costs associated with identifying and repairing power system failures. Accidental Data Deletion and

Employee Created Downtime

Simple human error is a prevalent cause of downtime. Whether months of data is unintentionally lost in a backup error, a power cord is unplugged, a busy IT technician overlooks routine maintenance and alert monitoring, or there is an error in judgment during an emergency, to err is human and apparently quite frequent as well.

A study by the Gartner Group, an IT research and advisory firm, projected that through 2015, 80% of downtime will be due to people and process issues.

In the fall of 2010, foursquare – a widely used mobile check-in app – had a highly publicized outage of eleven hours, followed by another shorter service disruption the next day. All three million users of the app were affected and it was a chain of human mistakes that led to both outages. IT techs noticed that a server was storing too much data, but as the support team tried to resolve the issue, all the servers went down.

9 ZERO IN

Regardless of proper training, or the quality of IT technician hires, human mistakes will likely always lead to instances of a downed data center or network, especially considering the expected learning curve of adapting to new technologies. Ensuring proper communication amongst team members and adequate training at all levels is critical. Of course, it goes without saying that having a comprehensive backup strategy is also a necessity to counteract downtime and ensure business continuity regardless of who is having a bad day.

 

Virus/Malware/Hacks – SMBs are often guilty of thinking they are immune to hackers, viruses and malware. According to a National Cyber Alliance and Symantec survey, 77% of SMBs don’t believe they’re at risk for cybercrime while 83% admit to having no formal measures in place to counter these threats. This isn’t merely a threat to your data; it puts your bank account and the sensitive data of your customers at risk.

ZERO IN

Passwords should be regularly changed every few months. They should also be strong. This means no more passwords like “password” or “1234567.” Employees must be educated on security and precautionary measures. And there is no excuse for not having data backed up in this era of cloud computing and virtualization – where the entire contents of physical server – including the operating system, applications, patches and all data – can easily and cost-effectively be grouped into one software bundle or virtual server.

 

Application Failure – Many applications or their components contribute to recurring downtime. While virtualization offers many multi-faceted advantages it has also further exacerbated overlapping applications in the infrastructure. One small application component failure is now likely to impact many applications.

ZERO IN

It is critical that all components are profiled and there is a general understanding as to what each application does – the hardware resources used by the application and the software it integrates with. Identifying an owner will allow for better monitoring and recognition of failure points.

10

SMBs can benefit from a little help when it comes to properly implementing and leveraging this new technology to strengthen their disaster recovery efforts. Access to a 24/7 NOC (Network Operations Center) team offering remote monitoring and management solutions, along with a 24/7 help desk, can help SMBs improve backup, monitoring and troubleshooting processes for maximum uptime and business continuity.

CLICK HERE for a free network assessment.

 

Can Your Business Afford Downtime?

Calculate the True Cost of Downtime

According to the Aberdeen Group, a business intelligence research firm, downtime is costing companies 65% more per hour these days than just two years ago. 2012 data calculated downtime costs at the $165,000 mark compared to the $100,000 of 2010.

According to Symantec’s 2011 SMB Disaster Preparedness Survey, small businesses lose an average of $3,000 each day from owned systems and networks. Medium sized businesses bleed even more money, losing an average of $23,000 each day. 8

C-Suite management at SMBs must consider both the direct and indirect costs of downtime. Direct costs are:

  • Wasted wages paid to idle employees
  • Sales lost during the outages
  • The expensive emergency service/repair bill issued by the on-call IT technician brought in to get your business back up and running.

Indirect costs, such as lost customers who have moved on after one too many “Our server is down” messages, are more difficult to quantify but more costly – equating to roughly 62% of all network downtime costs. A specific dollar amount cannot be placed on lost productivity, the long-term consequences of damaged reputation and wasted opportunities that accompany each downtime event.

This is why Chief Information Officers (CIOs) and IT support alike don’t have the visibility or insight to understand what the average downtime event truly costs them. The residual effects of a network outage are typically much more costly than costs related to identifying the root cause of the failure and repairing or replacing any physical hardware.

But so many C-level executives remain mindful of only what downtime costs them in terms of repair or replacement costs. They also tend to gloss over the fact that their day-to-day business processes are more susceptible to outages and inaccessible data than they think.

CLICK HERE for a free network assessment.

Cognoscape’s Michael St. Martin on KRLD last week “The Educated Investor”

Michael St. Martin, Cognoscape’s COO visited with Todd Volkman on Todd’s KRLD 1080AM radio show “The Educated Investor” last week to discuss how small and medium business owners and executives can leverage technology to increase revenues, productivity and cost savings. Listen “I had a blast speaking with Todd and hopefully explaining how to wade through the quickly changing and sometimes complex landscape of today’s technology” says Michael.   Topics covered include technology planning, back up and disaster recovery, hosted email, cloud computing, free or low cost web apps, and other nuggets of info for you.   Happy listening!

3 Points of Data Recovery

Doing data backup is easy.  Considering the needs for data recovery is where many go wrong.  There are 3 points of data recovery that must be considered when putting together a proper Backup and Disaster Recovery plan.

1. Recovery of a File – Very simple and straight forward, you must be able to recover data files.  Can you recover deleted files from every location people save files?  Most files reside on the server or in a document management system.  Are people saving these documents on their workstations while they edit them?  What happens if Microsoft Word crashes?  I am sure that the file server is backed up, but is it backed up often enough?  Daily backups taken over night are typically not sufficient in most modern networks.

2. Recovery of a Server – Many business owners take comfort in that fact their server is being backed up without ever considering what recovering the server really means.  How long will it take to get a replacement server?  Will the same type of server be available? How do people work while waiting for the hardware?  Once you have the replacement server, how long will it take to restore it to service?  With many backup solutions, restoring requires the server OS and applications to be reinstalled before the data is restored.  It adds another level of complexity (and time) when recovering to dissimilar computer hardware.

3. Recovery of a Site– Unfortunately, disasters do happen.  Here in Texas the media has been marking the ten year anniversary of the tornado that ripped through downtown Fort Worth destroying buildings and ravaging businesses.  We have also been seeing all the coverage of earthquakes.  And let’s not forget about fires.  A recent study discovered that, of companies experiencing a “major loss” of computer records, 43 percent never reopened, 51 percent closed within two years of the loss, and a mere 6 percent survived over the long-term.  Having a plan and being able to recover quickly can greatly improve the chances of the business surviving.

A Complete Solution that addresses all of these points –
A good backup system should allow for quick and flexible restores that allows for recovery of files, folders, partitions, mailboxes/messages, databases/tables using a quick and intuitive process.  A 15-minute incremental based backup allows restores to be done from any point in time, allowing for multiple versions of files, folders, messages/mailboxes, database/tables to be restored.

If any of your servers fail, a good data backup solution will include virtualization technology embedded in the Network Attached Storage (NAS) that allows customer servers and applications to be restored and rebooted in less than 30 minutes in most cases.  As you may sometimes wait several days in order to receive replacement servers from vendors, your NAS can have your business up and running.  The NAS multitasks so that, even while functioning as a virtual server, it can continue to back up data from other devices plugged into the NAS.  This technology thus allows you to remain in business without any significant loss of data backup, server functionality, or application downtime.  In case of a complete server failure the solution should support a bare metal restore to new hardware which has a different configuration, hardware and drivers as compared to the failed server.

Transmitting data to a remote site is another key component of a worthy Backup and Disaster Recovery Plan. It guarantees that, in case of physical damage to the client’s network or NAS, or even regional disaster, the data is safe. Encryption is required in transmitting data between the NAS and the remote sites, because it greatly reduces the risk of data loss incidents that plague magnetic tape and prevents man-in-the-middle attacks during transmission.  Of course a key consideration of off-site backup is the amount of time it could take to restore data over the Internet.   Solutions that offer both transmission as well as emergency delivery of a new device with the most recent image are doubly effective.

In summary, the most important aspects of Backup and Disaster Recovery are to first, have a specific plan, second have a well thought out and comprehensive plan that matches the requirements of your business and lastly, to consistently manage and test your BDR solution.   In an age of document management, EMR, paperless office, HIPAA, HITECH, Sarbanes Oxley, eDiscovery, etc., a reliable Backup and Disaster Recovery solution are paramount to the longevity of your business.