Assess Your Own Disaster Recovery Prospects

Nearly all of us now operate businesses which rely increasingly upon electronic data processing and storage, but many have not given much thought to managing the risk posed by losing accounting systems, data storage, stock records, product pricing and strategic contact information, to name just a few of the prime “disaster” candidates.

Given the rise in computer viruses, Trojans, spyware, phishing, cyberfraud and a whole raft of other malware designed to infiltrate or damage any unguarded computer systems, the risk of data and function loss or corruption is rising.

Then factor in the increasing complexity of computer systems that we innocently regard as “plug and play” (it is a true miracle that anything that complex works with any reliability at all), and it’s another miracle that disasters are so relatively rare!

Rare, that is, until it happens to you!

So what are the basic steps that you should take firstly, to guard against system failure, sabotage and intrusion and, secondly, to recover from any event involving your access to and use of your commercial data?

I’m going to be a tough Coach on this one, and rather than provide a simple “checklist” answer, I’m going to do you a favour and ask you a few key questions related to Computer Disaster Recovery instead:

What would be the approximate cost in lost productivity if your business was unable to function for one day? For two days? For a week?
What would be the cost of losing access to your accounting system for a day? A week? For good? (not much point ringing debtors, with a, “Hi, I’d just like to ask you if you owe us any money. Do you?” ) No prizes for guessing the most common answer!
What impact would a computer disaster have on your sales? (I’ve seen a business grind to a halt in a simple blackout because the GenY staff did not know the price of anything – no scanners – and even when provided with pricing by an elder, could not perform mental math to calculate the bill – or to work out the change to give! What would a “system” meltdown create?)
If the hard drive on which your data is stored fails, how will you be able to restore your system? Your data? Your business? (Hard drive manufacturers expect their drives to last around 4 years under normal use. How old is yours?)
How is your data backed up? How often? How often is the backup verified? (I’ve seen too many disasters with backup systems that don’t! Back up, that is!)
Who has access to your critical business data? Do you have a firewall installed to prevent outside hacking? Do you have confidentiality clauses in your workplace agreements to preclude departing staff from taking data with them? (What is your customer or pricing file worth on the open market?)
How much of your data is out there, unprotected on laptops, PDAs, memory sticks, home computers?
Who in your employ knows what to do in the case of a system failure? If there’s not more than one you have a risk that needs to be managed. Is there a drill for disaster recovery? (Have you ever tested it, or are you hoping it will work when needed?)
When would be a good time to call a meeting of the team to talk about this?
Would it be a good idea to consult your/a system provider for advice on what you can do to manage the risk that your technology presents?

Did you know?

75% of your Intellectual Property is now contained in email?
79% of companies accept email as written confirmation of approvals, orders and other transactions?
Business email will grow by 25-30% annually through to 2009?
60-75% of email is spam?
80% of viruses enter through the email gateway?

And, according to a recent survey,

70% of businesses access their email via a phone or PDA, but
69% didn’t have password protection,
74% didn’t have Virus Protection and
77% didn’t have a firewall.

According to Symantec who put these numbers together, this indicates a huge security risk for the majority of companies in our economy.

Peter Rowe