Disaster Recovery: Preventing loss

Have you ever lost an hour of work on your computer?

Now imagine if you lost days or weeks of work – or imagine losing your client database, financial records, and all of the work files your company has ever produced or compiled.

Imagine what would happen if your network went down for days, where you couldn’t access e-mail or the information on your PC. How frustrating would that be?

Or, what if a major storm, flood, or fire destroyed your office and all of your files? Or if a virus wiped out your server…do you have an emergency recovery plan in place that you feel confident in?

How quickly do you think you could recover, if at all?

Many small business owners tend to ignore or forget about taking steps to secure their company’s network from these types of catastrophes until disaster strikes. By then it’s too late and the damage is done.

But That Could Never Happen To Me!

(And Other Lies Business Owners Like To Believe About Their Businesses…)

After working with a number of small and mid-size businesses in Escambia and Santa Rosa counties, I found that 6 out of 10 businesses will experience some type of major network or technology disaster that will end up costing them between $9,000 and $60,000 in repairs and restoration costs on average. 

That doesn’t even include lost productivity, sales, and client goodwill that can be damaged when a company can’t operate or fulfill on its promises due to technical problems.

While it may be difficult to determine the actual financial impact computer problems have on your business, you can’t deny the fact that they do have a negative effect. If you’ve ever had your business grind to a screeching halt because your server crashed, you must have some idea of the frustration and financial loss to your business even if you haven’t put a pencil to figuring out the exact cost.

Most Computer Problems Are Hidden And Strike Without Warning, And At The Most Inconvenient Times

Hardware failure, viruses, spyware, and other problems usually aren’t detectable until they strike by causing a server to go down, data to be lost, or some other catastrophe. Viruses and spyware are particularly sneaky because they are designed to hide themselves while they do their damage. For example, spyware can secretly transmit information about you and your company to an outsider without being visible to you.

Even if your network was recently audited by a computer consultant, viruses, spyware, and hackers are constantly attacking your network (that is why we constantly monitor our clients’ networks because you never know when a new virus is going to strike).

Unfortunately, most computer consultants only offer “break-fix” services. That basically means when something breaks or stops working, they come in and fix it. While this may seem like a good setup for you, it actually leaves you wide open to a number of threats, problems, and other disasters because it is reactive rather than proactive maintenance.

Take a look at these statistics:

 Companies experience an average of 501 hours of network downtime every year, and the overall downtime costs an average of 3.6% of annual revenue.  (Source: The Costs of Enterprise Downtime, Infonetics Research)

 93% of companies that lost their data center for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster, and 50% filed for bankruptcy immediately. (Source: National Archives & Records Administration in Washington.)

 20% of small to medium businesses will suffer a major disaster causing loss of critical data every 5 years. (Source: Richmond House Group)

 This year, 40% of small to medium businesses that manage their own network and use the Internet for more than e-mail will have their network accessed by a hacker, and more than 50% won’t even know they were attacked. (Source: Gartner Group)

 Of those companies participating in the Contingency Planning & Management Cost of Downtime Survey: 46% said each hour of downtime would cost their companies up to $50,000, 28% said each hour would cost between $51,000 and $250,000, 18% said each hour would cost between $251,000 and $1 million, and 8% said it would cost their companies more than $1million per hour. (Source: Cost of Downtime Survey Results, 2001.)

 Cyber-criminals stole an average of $900 from each of 3 million Americans in the past year, and that doesn't include the hundreds of thousands of PCs rendered useless by spyware. (Source: Gartner Group)

What These Failures Are REALLY Costing Your Business

Even if you don’t factor in the soft costs of lost productivity, there is a hard cost of repairing and restoring your network. Most major network repairs will require a minimum of four to eight hours on average to get the network back up and running. Plus, most consultants cannot get on-site to resolve the problem for 24 to 48 hours. That means your network could be down for one to two days.

Since the average computer consultant charges over $100 per hour plus a trip fee and a surcharge if it’s an emergency, the average cost of these repairs is $600 to $1,000; and that doesn’t even include any software or hardware costs that may also be required. Over a year, this results in $1,800 to $3,000 in costs without even considering hardware and software costs, or other soft costs of lost sales and work hours. Of course, those numbers quickly multiply with larger, more complex networks.

What’s most exasperating about this situation is that 100% of these disasters and restoration costs could have been completely avoided or greatly mitigated easily and inexpensively with a little planning and proactive maintenance.

Why Small Business Are Especially Vulnerable To These Disasters

With the constant changes to technology and the daily development of new threats, it takes a highly-trained technician to maintain even a simple 3 to 5 person network; however, the cost of hiring a full-time, experienced technician is just not feasible for most small business owners.

In an attempt to save money, most try to do their own in-house IT support and designate the person with the most technical expertise as the part-time IT manager. This never works out because this makeshift IT person has another full-time job to do and is usually not skilled enough to properly support an entire computer network anyway.

This inevitably results in a network that is ill-maintained and unstable. It also means that the backups, virus updates, and security patches are not getting timely updates, giving a false sense of security.

Visit our website www.youritpensacola.com to learn more about our Disaster Recovery services.

FAQs: Regulatory Compliance

What regulations am I likely to encounter?State and federal regulations often set rigorous standards for data protection and privacy. Depending on your industry, your IT infrastructure will need to meet these requirements, and Your IT Cloud Backup can help. Most often, regulations govern industries and the way information is kept and transmitted. Some industry-specific regulations include:

• Sarbanes-Oxley (SOX) Section 404 for Accountants
• PCI DDS Requirements 3, 4, 7, and 9 for Retailers
• Gramm-Leach-Bliley Section 501 (b) for Bankers
• HIPAA’s Security Rules for Medical and Dental Offices
• State Legislation like MA 201 CMR 17 and similar laws 

How do these regulations impact data security, storage, backup and recovery?
While these laws govern different industries, all address three common, key items:

• Protection of data from loss/destruction
• Encryption of data over open networks
• Limited physical access to stored data

Regulations prescribe standards for how information is stored, secured, archived and accessed. In some cases, companies are required to maintain records for a period of years and ensure they’re well safeguarded. Working with Your IT Cloud Backup, you can create the IT infrastructure you need to support relevant compli­ances. Your IT Cloud Backup can be a key part of your overall solution, as it offers a highly secure backup supported by redundant data centers that meets or exceeds regulations regarding protection, encryption and physical access. 

What’s my risk if we’re not compliant with industry regulations?
If you fail to comply with relevant regulations, you could face heavy fines and penalties. The U.S. Department of Health and Human Services is responsible for HIPAA-compliance enforcement. Credit card providers will fine retailers who don’t follow PCI guidelines. The SEC oversees Sarbanes-Oxley, which can carry criminal penalties for violations.
Penalties can be substantial. Several multi-million dollar fines have been issued against healthcare providers and insurers found in violation of HIPAA guidelines. In 2012, the agency started turning its attention to smaller providers; a five-physician practice based in Phoenix was fined $100,000 in 2012 following an investigation that found the practice failed to safeguard patient information and take other security measures. PCI violations can often carry five-figure penalties against small, independent retailers who don’t safeguard consumer credit card data. In short, the risk is substantial and real.
Beyond fines and punitive action, you can face the risk of lawsuit liabilities and the damaging impact to reputa­tion and lost business that negative publicity would inevitably bring.

Will I be compliant if I use Your IT Cloud Backup?
Your IT Cloud Backup is a cloud backup, archiving and recovery solution that automates the processes of securely backing up elec­tronic data and file recovery. It was created with these data protection regulations in mind to satisfy the broad need for a safe, reliable, and cost-effective method of backing up data offsite and allowing full file restoration at any time from any authorized location. Your IT Cloud Backup provides a highly secure solution that can be used to meet or exceed regulatory compliance when scheduling, encryption, and archiving rules align with regulations.

Network Security Diagnostic

A Network Audit is an intensive diagnostic and planning service designed to check the critical components of your computer network for security, reliability and performance. To make sure your network is running at peak performance and protected from data loss, downtime, viruses and security breaches, this audit should be performed at least once a quarter if you are not having your network regularly monitored and maintained.

By evaluating your network once a quarter and reviewing your future business goals and objectives, we can ensure that one of your most valuable business tools, your network and the information it holds, is performing at peak efficiency and safety. One of our trained engineers will perform this audit, and then alert you to any potential problems they discover. We will then advise you on your options for remedying the situation.
The following components will be audited:

• File servers
• Backup system
• Network infrastructure and configuration
• Workstations, laptops and smart devices
• Foreseeable company growth and expansion

Within each of these components, a plethora of issues will be investigated and any potential problems will be resolved.
Here are the five most important reasons to perform network auditing:

1. Vulnerabilities: Using network auditing to assess the security of your systems and identify vulnerabilities is one of the most useful forms of preventative security available to you. These weaknesses can include firewall holes, unapproved services or weak or blank passwords and can be used to assess both workstations and servers. Identifying these issues is the first critical step towards remediating them.
2. Patch Management: Network auditing can play a key role in your patch management efforts as well. You and your IT expert at Your It Solutions can use network auditing reports not only to identify systems that need to be patched, but also to confirm that patches are successful.
3. Hardware Inventory: Network auditing can help maintain an up-to-date inventory of all the hardware on your network so you know exactly what you have  and can therefore enable you to easily make hardware related decisions, such as which systems are getting old and need to be updated to keep up with the ever-increasing workload.
4. Software Inventory: Hardware isn’t the only thing that is important to your workstation. Knowing what is running on your workstations and servers is just as important as knowing what hardware is running. How many Macs still need to be upgraded? Who is still running CS4 or hasn’t updated their PDF reader since 2009? Network auditing can give you a clear and complete view into what software is installed on your workstations and servers so you know just what you have and what needs upgrading.
5. Compliance: One of the most useful things network auditing can assist you with is your compliance activities. You can quickly and easily ensure that all systems are compliant with your internal policies, and can also be sure that you have licenses for all the software in use on your network. Too often companies find out too late that an open share enabled everyone in the company to install software that was only licensed for one or two users, and have to scramble to upgrade your licensing.

Network auditing may sound like an arduous task, but with the right tools and the right approach, provided by Your IT Solutions, it can be an easy to perform and critical aspect of your network management toolbox.