Article Written by David
Zimmerman, CEO and Founder of LC Technology
The causes of corporate data loss can be
everything from rising hurricane floodwaters seeping into the server room to an
employee that introduces corrupting malware to the network. No matter the
cause, it's vital for companies to have in place a plan to quickly recover any
lost data so the business can continue with minimal interruption. Managing data
recovery requires a careful assessment of current data needs and risks.
This first point may seem obvious, but it
warrants mention that you should construct a formal written plan. Treat the
plan as you would a "mission statement" doc or a marketing plan by giving it
serious thought, and multiple revisions. You also want the buy-in and input
from multiple departments from the plan, so everyone across the organization
recognizes the importance of data protection. The very act of creating the plan
can also uncover some poor processes or even new opportunities. Perhaps there's
a subset of data which marketing or sales didn't know about that would allow
them to reach customers in a new way. Or the logistics and shipping departments
might find they're performing unnecessary steps due to the revelations found in
the data.
Here are some tips for crafting a complete
recovery plan that includes best practices.
1.
Identify the Existing (and future) Data
Sources.
The plan should detail the type and "location"
of all current data sources, whether they are coming from the BI platform, CRM,
sales data, financials, or customer survey inputs. You can only protect the
data that is known and readily available, so conduct a full accounting of all
data sources. The plan should include a breakdown of all of these sources,
including how/when the data is generated, how frequently it's updated, and
where it is currently stored.
2.
Detail data responsibilities.
A recovery plan should denote the role each
employee has in terms of protecting the company's data. Some staff members will
of course have a more involved role than others. For example, the IT director
will oversee all of the data and its storage, while a marketing associate will
need to watch how they disseminate and store company data. Each person's role
should be detailed in the recovery plan, along with what steps will be taken if
that person leaves the position.
3.
Access the Risks and Plan Accordingly
The risks for data loss or corruption should be
examined and put into the recovery plan. How at risk is your company for
accidental deletion of files or website data? Review any electrical, hardware,
or software risks, or the chances of fire or other natural disasters. It's
impossible to eliminate all risks, but they can be substantially mitigated in
order to greatly reduce the need for future data recovery. Look at each type of
risk and determine how your company would handle downtime, how it would
currently recover any lost files, and most importantly how you can plan to
improve the situation.
4. Determine
the Routes of Recovery
The recovery plan should naturally detail how
you will recover any lost or corrupted data. Start at the current day baseline,
and then see what best practices you can put in place to improve recovery time
or even the chances of successful recovery. Perhaps the company's backup
procedures are lacking, and the recovery plan should include a guide for using
redundant cloud storage. Recovery of mission critical data is easy through the
cloud, so consider creating "backups of the backups" by using multiple
reputable cloud providers to backup all data sources.
5.
Put in Place Access Controls
IT should set access controls and access
monitoring across the organization to manage data's usage among staff and any
third-party vendors. Firms can avoid time-consuming and costly recovery
measures if they practice access control and real-time monitoring that can spot
and stop any unauthorized or ill-advised data usage. Setting an access control
policy correctly means ensuring staff can use the data needed for their role,
but not have access beyond that point. For example, the individual running
email campaigns will need email and name data, but they don't need to access
customers' financial records. Monitoring solutions can detect instances where
previously terminated employees try to use their login credentials, or cases
where staff try to copy or share restricted data.
6.
Use Specialized Recovery Tools
If a single machine contains data and is
damaged or corrupted, then you need to bring in expert recovery help. Your
recovery plan should contain the name and contact information of a data
recovery company that specializes in multiple types of hardware and software
recovery scenarios. Do the leg work on the front end to find a company with a
stellar reputation, a clean-room environment, and the personnel expertise to
work on everything from a corrupted SD card to a hard drive exposed to flood
waters.
Taken together, these six tips and best
practices can provide companies with a data recovery roadmap. By acting
proactively, companies can safeguard their data with access controls and cloud
backups in order to reduce the need for recovery.
##
About the Author
David Zimmerman has been in the hardware/software industry for over 30
years, specifically in the data recovery software market for 20 years. During
this period, he has been involved in the creation; marketing and support of the
earlier drive recovery software products to enter the PC market and
successfully marketed them both nationally and internationally. His company
makes data recovery products for most of his competitors. His experience in the
market has made him uniquely familiar with the data recovery business.
LC Technology
International, Inc. (http://www.LC-Tech.com) is a global leader in data recovery, file system utilities and
data security technology. Clients include original equipment manufacturers,
local, state and federal law enforcement agencies, corporate security
specialists and IT consultants, among others. Available worldwide and published
in more than 24 different languages, LC Technology products are available
direct or through several major manufacturers of flash memory products. Founded
in 1997, LC Technology is based in Clearwater, Florida.