The U.S. Small Business Administration, or SBA, doesn’t think the majority of small businesses do enough to prepare for data disasters—although they do report that smaller companies have gotten better about creating backups in recent years. However, the SBA questions the usefulness of these backups should critical systems actually get impacted by a virtual or physical threat. (Here’s looking at you and your recent flooding, Central Texas.) Take a gander (yes, a gander!) at why your company’s data recovery plan might itself be a disaster.
When recovery drives get stored in the same building as the source computers, they are vulnerable to the same physical threats. When they are left hooked up to the same network, they are also vulnerable to cyber threats that might use one point of entry to invade the entire system. Better backup storage choices could include offsite backup storage and keeping recovery disks attached to the local network as little as possible.
No IT professional would expect to develop production applications without testing them; your recovery plan shouldn’t be any different. The best time to find out that your backups aren’t readable, your recovery method takes too much time, or you need certain software to complete recovery is not after your data has been destroyed or compromised.
While it is important to use the latest technology to prevent cyber threats, security software may not be enough to prevent malicious data destruction from ransomware, theft, a disgruntled employee, or anything else that would compromise your data. Besides, software can’t protect your disk drives from physical threats like fires and floods. A surprisingly large percentage of small companies don’t have any recovery plan in place—and if they do, they’ve have spent very little time working on it, testing it, or revising it to keep up with changes to business processes or new applications.
In small companies, the IT person often wears a lot of hats. In many cases, there is no purely dedicated IT person at all. An employee who also has other job duties is expected to remember to backup data regularly—if you’ve ever tried to run any critical business process based on someone remembering and having time to do it every single time, you know this is a bad idea. Automated backups ensure that companies have access to the most recent critical information in case anything goes wrong with their computer systems.
Typical business property insurance should cover computer equipment. That doesn’t mean it should be expected to help reimburse your company for lost data, bad publicity because of a cyber attack, or work interruption in the event of a computer system interruption. Part of preparing your recovery plan should include learning how your current policies work and inquiring about cyber insurance.
The SBA also says that just about half of all small businesses are never able to reopen for business after they suffer from a disaster. It’s important to consider how lost, stolen, or compromised data would impact your business. At IT Freedom, we plan for data security, but we also plan for disasters and can get your company back online quickly. The best data recovery plan for your business could be working with us.