We are just over a month into the 2012 hurricane season, but have you or your organisation established an IT disaster management and recovery plan?
Without exception, our homes and workplaces can be subject to disasters, be they manmade or natural. This being 6 July, the Caribbean is well into the 2012 hurricane season, which runs from June to November. Most countries, from Grenada to the Bahamas in particular, tend to be anxious about weather systems, such as tropical waves, depressions, storms and full-blown hurricanes, that might occur by the end of November.
Although the aftermath of a disaster is always uncertain, typically, persons who make early preparations tend to better manage the recovery. Many disasters occur with little warning. With earthquakes, for example, there is virtually no notice, but on the other hand, we might be well aware of an approaching storm days in advance. Below are five important practices you could adopt when preparing your organisation’s, or even your household’s, IT disaster management and recovery plan.
1. Collect and protect critical documentation
Although the main focus of disaster management and recovery for IT, might be the equipment and data, there is critical information and documentation that will be essential when repairs and/or restoration must be done. They include but would not be limited to:
- warranties and receipts for computers and peripherals
- data restoration instructions
- passwords for encrypted data
- login information for administrative accounts on all computers, and for web hosting and backup services
- software registration information, including authentication keys
- information about where, how, and how frequently the data is stored and backed up
- contact information for internal and external personnel who maintain your network/computing infrastructure (Source: TechSoup Global)
2. Back up data
It is crucial to make copies of critical data stored on all PCs, laptops, as well as file servers, web servers and any with other media where data vital to your organisation, business or household is stored. Ideally, images of all storage disks should be created, thus facilitating virtually seamless restoration should it be necessary. However, creating full copies of all existing storage media, does require ample storage, which must be considered and budgeted for. It is also important to note that backing up is most effective when done frequently, at least daily, again, in order facilitate seamless restoration and continuity.
While creating images of entire storage media (even networks) might be ideal, if that is not possible, at the very least, all user-generated or stored files, including the following, should be backed up:
- documents, which are typically stored in “My Documents” in Microsoft Windows
- downloaded or created images, music, videos, etc
- stored email accounts, including all messages
- stored web links
- any other important files not mention above.
Hence, in the event you have to re-install the Operating System (OS) and software applications, your user files could be copied back onto the device, virtually restoring it to its earlier state. However, again, it is important to have the latest version of your files backed up, and with prudent discipline, back them up frequently.
3. Have copies of all software
It is a good practice to ensure that you or your organisation have copies of all software that has been installed. This would include the OS and all applications. As stated in the first point, it is important to safely store all activation or authentication keys, as they will be needed when the software is being reinstalled or updated.
On a separate note, there has been a growing trend to eliminate optical disk drives from computing devices, especially portable devices. As result, applications must be downloaded, and even installed, directly from the Internet. For those that are downloaded in their entirety, they can be saved for future use. However, for software that is installed over the Internet, it would be advisable to maintain a current list of those applications, so that they can be re-installed when the requisite Internet connectivity is available.
4. Store data in a secondary location
Coupled with the second point on backing up our data, all copies should not reside at the same premises. If that location experiences a disaster, then all copies of the data could be compromised. Hence it is strongly recommended that a secondary location be identified.
The data stored in a tangible media (e.g. external hard drive, CD/DVD) can be physically transported to that secondary location, or alternatively, it is backed up directly to a remote location. Generally, it is considered good practice to implement the two options, as they act as a fail-safe should one of them be unavailable or has been compromised.
5. Ensure adequate provisions are made to protect equipment
Although every effort ought to be made to safeguard data, loss or damage to equipment is costly and will delay recovery. Hence consideration should also be given to preserving those devices, and should they be damaged, options that support restoration.
- Switch off and disconnect equipment from the electric supply – during storms and other weather systems, electricity tends to fluctuate, and there are power outages. Electric surges in unprotected devices are a key source of damage, which can be avoided.
- Provide weather-proof housing – in situations where equipment could be exposed to the elements, provisions should be made for some degree of protection. The options that could be implemented range in price, from the inexpensive plastic bag, to the considerably more expensive fire proof housing.
- Safely store the equipment – the locations where equipment is normally stored – on a desk or shelf – might be unsafe in a circumstance where the premises are breached. For example, during a hurricane, windows and roofs can be damaged, letting in wind and water and potentially destroying all furnishing and equipment. Hence it might advisable to relocate vulnerable equipment to safer areas to mitigate loss.
- Consider insurance – content insurance can appear to be an unnecessary expense – until your equipment and furnishings are damaged, and must be replaced. Organisations can consider securing loss of business insurance, which can cover (or reimburse) some of the operating expenses that would still be incurred, even when the business is not generating income and is recovering from the aftermath of a disaster.