Near miss or disaster
| Near miss or disaster | |
24 December 2003
Pilots, and most other people for that matter, agree that prevention is better than cure. Unfortunately, as far as IT is concerned, humans and technology don’t always mix. While leaving all the hardware switched off may be a tempting ultimate disaster planning solution, it’s a non-starter in the real world. Far better, then, to proceed from the premise that disaster will and does happen, that planning acknowledges this and sets out to minimise risk, maximise business continuity and recovery from worst case scenarios. Experience in the UK largest IT departments has shown that human ignorance is often the culprit when things go wrong. This truth applies equally to small and micro-sized businesses, and so preparations for computer meltdown should not focus exclusively on external threats such as hackers or viruses. Attention must also be paid to potential internal spanner throwing as well. Training and a properly thought out system of computer administration using log ons and regularly changing passwords will address many of the obvious, and frequently unwitting, risks presented by staff. In drawing up any IT disaster recovery plan, a crucial element in its success is balancing the security and base-covering measures with ease of use. This involves making IT systems less prone to human factors so that routine daily tasks such as data processing are not disrupted by the occurrence of pressing system housekeeping priorities such as data back up or anti-virus software updates. Instead, these vital daily tasks should be automated and integrated within the overall process. At its most basic level this is scheduling events such as back ups or anti-virus updates for convenient times when the impact of such processor power consuming events will have least effect, e.g. during routine daily meetings, break times, etc. But while an estimated two out of every five mission-critical data disasters are attributable to human error that still leaves 60 per cent down to technology malfunctions. Preserving data on a regular basis is the difference between surviving catastrophic data loss and going under. Back ups normally adhere to the Murphy-ite principle of only ever being required the day before you intended doing the back up. Best practice is daily automatic back ups onto storage physically located off site. If this impractical or overkill, frequent back ups of your most important documents onto CDs or uploaded in zipped folder to web space may suffice. However, in all of this it is easy to forget the fine detail when concentrating on exploding hard disks, break ins, fire, flood and other such dramatic episodes. If you can’t answer the following questions, it’s time to look again at your disaster planning:
Permanently losing important data is a nightmare scenario, but even a small interruption to normal business can have serious knock on effects – what if your business was unable to communicate with consumers or suppliers for several days, or unable to process work? Makes you think? For one Highlands and Islands company, an almost total wipe out of data – including customer records – meant a very worrying touch-and-go situation. For several weeks the disaster had them on the brink. Luckily they survived what was a very unpleasant and uncertain time for the whole company. In reality, it was a full six months before their data was restored to something approaching its pre-data loss state. A hard lesson was learnt and they intend never getting their fingers burnt so badly again. They now have automatic data back ups onto tape stored in a secure data centre. A second back up is always stored off site locally too. Taking the belt and braces approach looks more attractive than ever… | |