How To Create a Business Tech Disaster Plan

“It won’t happen to my business.” And then it does.

Whether natural, accidental, or criminal, disaster strikes when you least expect. Is your business technology prepared for the unexpected?

It’s time to make a plan. We’ve laid out the basic steps to prepare your business, but we always recommend utilizing a professional when it comes to protecting your data.

Risk Assessment

Assessing areas of risk, especially when it comes to your tech, can be tricky. How do you know what to look for? How can you tell what’s exposed? How do you recognize gaps in your security?

If you missed our post on security, it’s hard to know where your gaps are until it’s too late. A risk assessment will point your business in the right direction. A Managed Services Provider (MSP) can help with this.

Valuable Assets

Make a list of all the technological assets your business owns.

• What’s most important?
  • What are the vital pieces of your business that lay the foundation for all the work you do, the services you offer, or the products you provide?
  • What financial information must be protected?
  • Does your business abide by regulatory compliance? Knowing what they are and how to safeguard your compliance information is paramount.
  • Do you know where your contact data is stored? What if it were to be lost?
  • Do you have trade secret documents that must be maintained? Are those in safe, off-site locations?
• What do you use every day?
  • When it comes to tech, most businesses utilize many different forms. What programs do your employees need each day?
  • Is there custom software that your business relies on?
• What are you forgetting (think where your data is stored, where your server is located if it’s on-site, etc.)?
  • Being able to contact customers in the event of a disaster is one area many businesses don’t think to consider. All your contact information is likely stored on a computer. If you can’t access that, how can you communicate with your vendors and customers?
  • Data back-ups are often forgotten. How often does your business back up their data?
  • Is the data back up in an off-site location, like the cloud, or are you backing up to an in-house server? An in-house server poses liability if anything were to happen to your physical location.

Choose what’s vital and prioritize. Store your documented list of what’s important on a shared drive and distribute. Make sure to have a copy in the cloud, as well.

Back It Up

You hear it all the time, “Back up your data.” So you do. But why are you doing it? And where should you back it up?

Backups are crucial because:

• Data is irreplaceable
  • The cost of lost data can range from thousands to hundreds of thousands, depending on the size of your business and the amount/value of the information lost.

• Data contains vital business information
  • Contact info
  • Emails
  • In progress projects
  • Financials
  • Trade secrets
  • Client files

• Having backups significantly reduces recovery time
  • Having the data stored in a safe, accessible place outside your server allows your IT team to use that to help launch your business back into working order.
  • Off-site storage eliminates the possibility of losing all your crucial operating information in the instance of a natural or man-made disaster. This means you can access it anywhere anytime. Not convinced? Check out our post about how migrating to the cloud improves your business.
  • Multiple backup locations aren’t often considered. It’s wise to use several different secure storage locations. This way, one is always accessible.

Security

This large part of a business is often given little more than a passing thought. Do you know how many different tech security threats pose a problem for your business?

• Malware
• Network security
• Host security
• Ransomware
• Spam
• Phishing/Spoofing
• Pharming
• Hacking
• Distributed denial-of-service
• Spyware
• Trojan Horse
• Viruses
• Wi-Fi Eavesdropping
• Worms
• Krack (Key reinstallation attacks)

Totally lost? Did you even know there were this many security attacks? Take a deep breath.

Many of these threats are preventable with a combination of software and best practices. Your Managed Services Provider knows exactly what your business needs to thwart these threats.

Current Plans

If you have a current plan, now is the perfect time to re-evaluate.

• What needs updating?
• Do you have new tech?
• Has your company created new roles?
• When was your team last trained and tested on security measures?

Revisiting these things every 6 months may sound time-consuming, but when juxtaposed against the cost of losing data due to a hack or virus or human error, it’s a no-brainer.

How to Assemble Your Tech Crisis Plan

Identify

Identify priority tech assets. Make a list. Distribute and store in an easily accessible shared location. Preferably in the cloud.

Roles

Who is going to take responsibility for each item?

• Clarify expectations and tasks.
• Create escalation points with backup contacts for each responsibility.
• Choose backup contacts.

Training

Train EVERYONE! Let each person know what is expected. Employees will have different responsibilities than managers, supervisors, and directors. Education on best security practices is crucial. Education on the importance of backing up is vital. Test periodically and retrain as necessary. There is software that can help your company do this through the guidance of an MSP.

Offsite Location

Where will your business go if it can’t use its current space? How can you continue to operate if your physical assets are gone?

Migrate intangible components of your business to the cloud so they’re accessible from anywhere, and have an idea of 3-5 ways employees can continue to work.

Recovery

Decide how you’ll recover. We’ve talked about prevention and planning. Decide how you’ll respond in the event of an incident or crisis, and create solid definitions around the differences of those situations.

Update Your Plan

Every 6-12 months, depending on how often your business experiences significant changes, update your strategy. People will leave, technology will change, and points of contact will shift.

Why A Tech Disaster Plan is Necessary

Having a tech crisis plan in place may seem unnecessary. “A natural disaster is highly unlikely to happen to my business.” You may be right. Man-made disasters could pose a larger threat. For example: An employee accidentally deletes important information. Or a server crashes. Or your hard drive fails. Maybe a hacker gets into your system and locks you out. Whatever the case, knowing how you will approach each crisis reduces downtime, saving your business thousands of dollars.

Subscribe to our blog