Business Interruption Protection Strategy

We often forget how important our business IT systems are – and how much impact they would have on our essential business operations if they failed catastrophically.

Every interruption to you daily business operations costs you money.  Some, like incoming telemarketing calls, are annoying and difficult to avoid.  But what if you always had someone to screen those calls, to ensure you never got disturbed again, and that only what you needed got through.

Computer networks – an unavoidable and essential part of running any modern business – suffer from the same interruptions.  From the annoying telemarketing call – or SPAM, through to vandalism, theft, and fire.

However, the days of simply having anti-virus software, a backup and a UPS, are almost last century.  Both the threats we are exposed to today, and the methods for protecting your assets from those, have evolved.

In addition, the threat landscape is also not entirely of a malicious or intentional nature.  Events such as earthquakes and floods, accidental loss or corruption, and power events (lightening, blackouts) continue to inhabit the landscape.

And in your capacity as an officer of the business you work in, ensuring the ability of that business to survive these threats critical. Correct?

What you need is a strategy to protect your business from these threats in a reliable, low maintenance, with lost, but high coverage.  But to provide the coverage for the range of threats that exist today, this strategy will need to consist of multiple systems, working together, to protect you and your business.

Sounds easy enough doesn’t it?

 

But where do we start?  To help, we have put together the following assessment which is designed to highlight areas in your business that are important to you, and how well you feel your business is protected in these areas, and then help identify areas that may need attention.

Once we have identified the areas which need attention, then the next step is to match possible solutions to these to remedy each area, if required.

 

Simply enter your score from 1 to 5 (1 – Low, 5 – High) in the “Importance to me” and “My current satisfaction” columns.

Once complete go back and review your answers, and anywhere your score in column two, is lower than you score in column one, then tick the box “Needs attention”.

Click here to open the Threat Assessment questionnaire.

From your assessment, you should now in a better position to appreciate what areas need more attention, if any.   Now we can prepare a “Threat Protection Framework” that can be employed in your business to protect your systems.  This will be made up of multiple components, some of which you will already have in place.  To help simplify process of selecting what is needed we have created “templates” for two distinct levels of protection -Level One – Standard (for most businesses) and Level Two – Enhanced (for businesses which are more at risk).  The following is a comparison of the three levels and what is covered.

Click here to open the Threat Protection Framework guide.

 

Whilst the base level Protection Frameworks are adequate for most businesses, the following items may also be needed to provide specific coverage for risk exposures that exist in your business.

Critical Systems Imaging

Should a critical machine fail catastrophically – total loss of all hard disk information, then most standard backups will only recover some of the information, as they are not setup for bare metal recovery i.e. start from scratch.  This is because in most cases, this kind of backup is not practical on a daily basis.  Where critical systems imaging works, is that it creates a full recoverable image of the system so that in the event of a catastrophic failure the protected system can be recovered in a fraction of the time that would be otherwise possible.  In some cases this may be hours, instead of days.

For further details contact us….

According to the Ponemon Institute, 59% of people who lost their job admitted to taking confidential company information with them either on DVD or using USB drives.  Endpoint protection is about protecting the transfer of your business data to and from portable devices.

For further details contact us….

The Electronic or Paperless office has been talked about for what seems like decades.  The ability to electronically file documents without the need for costly physical filing and storage systems.  One extraordinary benefit of this is the ability to remotely store this information protecting it in case of fire.  But is this part of your systems.  Email archiving is a key part of this – to electronically record and archive information transactions such as orders and other critical correspondence.  In the US – the Sarbanes Oxley Act has created the need for this and other imperative Technology solutions.

For further details contact us….

At your premise it is a good idea to have locks on the front door.  But sometimes, you would prefer to stop people at the gate, and not let them get near your critical systems.  And so it is with network security.  Many of the protection systems are ‘added’ to your actual systems – not to the perimeter – so they are addressing the issue after they have gotten into your systems.  Where a Network Security Appliance comes in is to stop intruders at the front gate.  It’s like building a high fence, with a big heavy gate, and guard dogs.  It’ll stop even serious intruders before they even get close to your internal systems.

For further details contact us….

 

 

It goes without saying that no two businesses are the same.  And therefore what you will end up needing may not exactly fit with the above Levels.  Ultimately we can tailor a Framework to meet the needs of your business, and provide the protection you require.

The next step is to provide a tailored Estimate of the items and components required to implement your Protection Framework.  This will include a cost for setting up, and in some cases (but not all), an ongoing service fee.

 

How much protection do I need?

If you’re not sure then more is best.  However, if you think of the impact or cost of the various threat areas, then this will guide you in the selection of the most appropriate level solution.  A system that is more complex than you will use, even though appropriate, is probably not worth investing in.  However, one which is appropriate and effective will provide you the best and most reliable protection.

What is “Layered Protection”?

Perhaps the best analogy of layered protection is sitting in the driver’s seat of your car.  How many individual protection systems can you count protecting your safety?  We have safety glass, soft surfaces, side impact protection in the doors, seat belts, and now, air bags – front and side, and now curtain.  Not only that but also, Anti-lock brakes – to prevent you even having an accident in the first place.  And so you should as these are protecting your life.

The point is, that one protection system alone cannot protect you from every situation.

And so it is with your critical data? Perhaps you have a backup of your data, but is that enough? Not usually, but it is what most people start with.  Other data protection layers include redundant hard disks, multiple off site backups, regular system imaging etc…

In short, one simple backup is not enough anymore – you have higher expectations and reliance on your systems, and now the protection systems available are a) more available, and b) more affordable.

It is said that complexity is the enemy of reliability.  However as with most things not enough complexity also means ineffective.  Take a home security system with only one detector – by the front door!  If they come in the back door what good is it.

And so it is also with technology protection systems.

If reliability is the aim and is equal to “Appropriate Complexity” X “Automation” X “Periodic auditing”, then a system that is well designed, runs automatically, and is monitored and audited regularly will be the best system possible.

That is up to you, but perhaps reviewing the following will help you decide for yourself.

http://www.taobackup.com