Maine Software and Information Technology Industry Association technology graphic















MESDA Compiler
Click for Writer's GuidelinesClick here for Editorial CalenderVisit MESDA.comReturn to Cover Stories
  MESDA's Online Publication - Cover Stories  
   
  Measure Twice, Cut Once
 __________________________
  Maintaining and Troubleshooting Your Laptop Battery
__________________________
  Strategy Before Technology: A No-Brainer?
__________________________
  Contingency Planning: How to Get Yourself Out of Hot Water when Disaster Strikes
__________________________
  MESDA's 9th Annual Conference
__________________________
  A Marketing Checklist for Freelancers & Consultants
__________________________
 
MEMBER SPOTLIGHT:
  Jesse Chunn - President of Standard I/O, Inc.  

Contingency Planning: How to Get Yourself Out of Hot Water when Disaster Strikes
By Scott Cook, Director of Customer Services for Workgroup Technology Partners

Disaster recovery is a scary phrase that conjures up images of blizzards, fires, and hurricanes. Yet, few business executives factor in the more common, but less publicized incidents such as power outages and viruses in their business contingency planning. A disaster doesn't have to be huge to be catastrophic to a company: a sudden power outage that damages your computer systems is problematic, but having no reliable back-up tapes when it comes time to rebuild your system could potentially put your company out of business. Contingency planning doesn't have to be expensive or complicated. Here is a checklist of things you can do now to protect your company.

Store Your Back-Up Tapes Off-Site. Keeping a daily copy of your business data is a simple step, yet it is so often overlooked. If your building burns down, so do your tapes. Your system administrator should always have yesterday's backup tapes in a safe, off-site place.

The tape rotation protocol I recommend is to have two sets of tapes -- one set for each month and one tape for each day. Yesterday's tape and the set of last month's tapes should be taken home daily by someone on the IS staff. At the end of the month, he or she brings in the second set and takes home the first set. The key here is to always have yesterday's tape off-site. The front seat or dashboard of your car isn't good off-site storage facility. Common sense goes a long way here.

Some banks offer a service for storing your backup tapes. I have one client who puts yesterday's backup tape in her daily deposit bag, which she puts into the bank's night deposit box. The bank stores her tape in the vault for a reasonable monthly charge.

Create and Enforce a Username and Password Policy. This is another step that's easy to implement. Don't give a disgruntled employee the opportunity to damage your network and data by having a loose or poorly enforced password policy.

Write a password policy that includes the following:

  • Passwords are never shared amongst employees.
  • Passwords should have sufficient complexity, use at least eight characters with numbers and capital letters.
  • Passwords should have a maximum age -- one month should be sufficient.
  • Enforce password history - don't let your users toggle between two passwords.

Don't forget to disable the account your network vendor uses after a service call is over, too.

Protect Your Company from Viruses, Worms and Trojan Horses. This step can be a bit expensive, but it's still a lot cheaper than getting a virus. It is absolutely vital that all of your computers, servers and workstations alike, use a real-time virus protection program. Symantec and McAfee both have products that are available for popular operating systems as well as some specialized applications like Microsoft Exchange.

It is equally important that the virus program is updated as much as possible. New viruses come out every day, and if your computer gets a virus it can't recognize, your computer will get infected. Updating is vital.

Install an Uninterruptible Power Supply. Powerstrips will protect your computers against power surges, but if your power goes out, your computer will crash, sometimes causing catastrophic disk failures. At a minimum, your servers should be running off an uninterruptible power supply.

A UPS is basically a big battery that powers your server in case electrical power goes out. Since your computer is running off a battery, which will eventually run out American Power Conversion and Best Power make UPS systems known as "Smart" UPS. Smart UPS systems will shut your server down gracefully if you are not there to do it, say at 3:00 AM.

Maintain Physical Security I am constantly surprised by how many computer rooms have little or no physical security. Often the server will be out in the open or, even worse, accessible by the public.

Someone could easily slip a backup tape with all your company information into his or her pocket if it is left out in the open. That same person, if given less than a minute could configure themselves with username and password that he could then use to gain access to your system.

Your servers should be in a secure place and under lock and key. Minimize the number of people that have physical access to your servers and make them accountable for the security of the data.

Notify Administrators of Down or Nearly Down Systems. It's a good idea to have a method of notifying your system administrator if one of your systems goes down during off hours. Media House has an inexpensive product that will monitor all your servers and email, beep, or even call your system administrator to tell her that the system is down. Some of the more complex packages from Silverback Technologies will even tell you what went wrong or what system is going to have problems days in advance, which shortens downtime even more.

Build a Firewall. A firewall typically sits between your company network and the Internet. Without a firewall, your company's computers and servers will be exposed to the world to see and destroy. If you have fulltime Internet access, a high quality, correctly configured firewall is vital to the security of your company.

Don't waste your money on the cheap firewalls you see on sale for less than $125.00. Expect to pay at least $1000.00 on a quality piece of equipment. Cisco has products that are very reliable and will keep your network secure from the bad guys. Your firewall is not a good place to skimp on money.

Doing all these things will not keep bad things from happening, as we just learned a few weeks ago. But good contingency planning can take a lot of the sting out of a bad situation and make those bad times a little less stressful. And, it just might mean the difference between being in business, and going out of business.

Scott Cook is the Director of Customer Services for Workgroup Technology Partners, a systems integrator based in Westbrook, Maine that helps companies achieve success with advanced information technology. In addition to selling, installing, and integrating computer hardware, software, IP telephony, and networking equipment, Workgroup's professional services team can help companies develop and implement contingency planning and data security policies. Reach Scott at 207-856-5300, at scott@wgtech.com, or on the web at www.wgtech.com.

top

 MESDA is now TechMaine  506 Main Street, Westbrook, Maine 04092   T | 207.857.3003   F | 207.857.3029    | info@mesda.com   | © 2008 |  Privacy

 Technology Association of Maine - Connecting Technology, Community & Education