By David Zimmerman, CEO of LC Technology
In the wake of COVID-19, businesses are revisiting their
disaster preparedness plans. Of course, the core part of such plans pertains to
human safety from the virus itself. However, COVID-19 also prompted concerns
about protecting data during a disaster. Businesses were thrown into array,
with remote working mandates, partners and vendors going bankrupt, and general
upheaval to the normal flow of business.
As the pandemic moves into a "new normal" stage, it is time
to revisit your company's data protection strategies. COVID-19 has made enough
of an impact already this year, so businesses that are not prepared for more
unexpected events like data breaches or hurricanes could be wiped out
completely. If a burglar takes 20 company laptops or the server room overheats,
a prepared company could mitigate the damage through proactive planning.
Here are six expert tips for protecting and potentially
recovering data after disaster strikes:
1.
Craft a Formal Written Plan
The typical office has a plan for disasters. If an
earthquake or fire occurs, the employees should know how to exit the building
safely and where to congregate outside. Besides keeping employees safe, the
second most valuable asset for many modern companies is data. Creating a formal
data management and protection plan is the first step towards data protection.
The very process of planning uncovers issues and concerns, so you can find data
management gaps and take proactive action.
A written plan provides guidance for all employees regarding
the creation, movement, and ultimate storage for data. For disaster planning,
detail the different types of possible issues (hurricane, flood, robbery, etc.)
and establish actions and a chain of command. Some disasters such as hurricanes
offer some lead time before they arrive. The plan should detail which
information should be saved and moved offsite. Should the company delete
sensitive data as a precaution? Provide step-by-step guidance for every team
(not just IT) that's tailored to each type of disaster to best mimic real-world
conditions. Keep in mind the limits of employee's actions during a disaster
such as a fire. If the fire alarm goes off, you cannot expect staff to download
their laptop data and carry external hard drives out the door.
2.
Collect the Information
Shift employee thinking to view data as a tangible asset:
one that warrants consideration and protection. Encourage deeper conversations
about all the sources of data the company collects. Not just transactions from
the website, but also surveys conducted on a salesperson's website or photos
and videos taken of product demos and stored on a DSLR. Centralizing and
formalizing the collection of all this data helps keep it secure and provides
downstream benefits in terms of using business intelligence tools or machine
learning platforms.
During this process, make sure all parties understand the
corporate policy for keeping information. You should understand where all the
data in your organization is coming from, and some might not even need to be stored
long-term. Cutting out some data can reduce your footprint and exposure, while
also streamlining the management process.
3.
Build a Network Map
If your company operates an on-site network, then you need
detailed network maps to prep for a disaster. Build the map with labels for
each component so you can recreate it at a different location. Work with the
team to create a clear and simple naming convention, and then share the map in
the cloud and over email to create multiple backups.
If your business is in a flood zone, then talk to the
building manager about temporary equipment storage, especially if your network
equipment is on the ground floor. Designate team members who can move the
equipment and put someone in charge who understands the priority for each
component and has "move or stay" authority. A network map is also invaluable
for insurance purposes.
4.
Test Your Plan
A test keeps employees on their toes about their knowledge
of the plan and ability to execute tasks under tight deadlines. Perform a
detailed question and answer session after the test. Did the team access cloud
or physical backups quickly? Did some members not understand their role? Did
their actions correspond to the exact type of simulated disaster?
Review the answers and adjust as necessary, especially if
the plan itself is flawed and needs correction. The testing might highlight
other issues such as the need for more cloud storage, weak password procedures
or too much local-device storage. Review the plan's language to see if you need
multiple versions for different workers. The development team will read the
plan differently than the graphic designers, so adjust the verbiage and
instructions accordingly.
5.
Utilize the Cloud's Capabilities
The modern office's data protection plan needs the cloud at
the forefront. After data is collected, organized, and unnecessary data purged,
moving to the cloud is the next logical step. Whether it's a public, hybrid, or
private cloud model, the data is secure and separated from natural disasters. Consider
using multiple cloud services to create more than one backup layer. Use
automated tools to flow information to the cloud and reduce the risks for loss.
Set rules for individual devices and content creation in terms of saving to the
cloud instead of local storage. Transition to online software platforms to
reduce the need for moving data and limit possible exposures. And your data
management plan itself should reside in the cloud, so it's accessible remotely.
6.
Embrace Proactivity
COVID-19 is a different type of disaster because it's
ongoing and pervasive. It's not a single tornado or fire. As we enter a "new
normal" for business, look closer at your partners and vendors in terms of their
economic viability. If they fold due to the pandemic, how does that affect your
shared data? And discuss their own disaster planning efforts to be sure they're
taking the right steps and not exposing your company to unnecessary risks.
With data planning during COVID-19 and any other disaster,
acting proactively is the best way forward. Develop a written plan, move
information to the cloud, and get employees on board with safeguarding a vital
company asset.
##
About the Author
David Zimmerman, CEO of LC Technology International, Inc., has
been in the hardware/software industry for over 30 years, specifically
in the data recovery software market for 18 years.