IF YOU FAIL TO PLAN…
THEN YOU PLAN TO FAIL.
Business Continuity isn’t normally top of people’s lists with IT systems. That’s because the general sentiment has been “things might get bad, but not global blackout type bad”… and perhaps that’s because everyone will be in the same boat, so who cares.
Without a Business Continuity Plan many businesses found themselves caught off-guard. If you didn’t design a system to cater for the entire workforce to work from home there’s a fair chance it simply won’t cope.
SECURE REMOTE ACCESS.
Your workforce is no longer limited to your office
Employees need connect back to their business network and critical cloud applications from locations across the globe using high speed internet services.
What is secure remote access?
Secure remote access is a term used to describe a suite of services and security strategies. There’s often a mix of security policies and technology solutions that only grant access to authorised personnel to your network and data.
An organisation’s workforce is no longer limited to its office block. Employees may connect back to their business network from locations across the globe using high speed internet services. Couple this with newer cloud-based apps and you have a disparate workforce across disparate platforms.
Old security measures are no longer applicable in this world and must be replaced or redesigned with safeguards that allow team members to access secure systems from wherever they might be in the world, at any time.
Key benefits of secure remote access:
- Ability for staff to work from any location with the same efficiency and effectiveness as being physically in the office
- Access to all of your vital business tools, including file storage, emails, chat and applications
Productivity tools like Microsoft Office 365, when properly configured, provide the platform for your business to securely access your systems.
However you need to do it properly in order to not lose productivity and increase your risk.
At Rock IT we’re all about improving your processes, making your working life easier and helping you connect and collaborate no matter whereabouts you are or what machine you’re using. With our secure remote access service that we offer you can accomplish all of your daily tasks by accessing your important resources with whatever computer you like; meaning you don’t even have to have physical access to your office to benefit from any programs you need to use. Allowing all users in your network to use software without downloading it every time is a surefire way to save you time and money and help your business grow and thrive in a competitive marketplace.
One of the main benefits of these secure remote access services is that it will save you a significant amount of money. You no longer will lose staff due to long commute times and you’ll be able to offer more flexible working arrangements for working parents.
If you want to contain your environment, talk to us about secure Remote Desktop Services. These services can give you access to your company’s infrastructure, for example, without having to install the same technology on each employee’s individual machine. If you’re undergoing an overhaul and have the prospect of replacing all of your PC’s, or using remote access services, then it’s a no brainer because you only have to install software, security etc on your server machine, rather than every PC in your network.
With security always an important concern you’ll be glad to know that by using remote desktop services, you can easily control what users are able to access in your network. This is extremely convenient if different users should have different levels of access to specific files. Should a new user require access to a software application on your server, they can quickly be authorised and then use the application. The alternative would be installing and configuring the software on the new user’s computer which is obviously a much more laborious and time consuming task.
With our highly powered servers we have the capability to ensure high performance even when large numbers of users are logged in. Dealing with connectivity or performance issues can affect employees’ productivity and ultimately your bottom line, but with Rock IT there’s nothing to worry about. This also means that remote desktop solutions are easily scalable if you’re rapidly growing as a company.
If there’s anything about remote desktop services that you’re still a little unclear about, or you’re interested about getting started on your own custom hosted desktop solution, why not chat to us today? We’ll be happy to give you the benefit of our experience and expertise in the industry and we’ll help devise a plan based on the specific needs of your business. We work with top brands in a wide range of fields – no matter what industry you’re in. – we’re sure that our services will reap great benefits.. Find out for yourself and see how we work.
- Connect from anywhere – remote access should be available everywhere you are
- Flexibility – offer staff maximum flexibility
- Cost effectiveness – less office space required
- Travel time – less time spent travelling to and from the office
Protection – protect your business and secure your future
Less downtime – don’t let a disaster cause you significant periods without your systems
- Automated – take the headaches out of manually managing backups
Risk mitigation – reduce your business risk
Disaster Recovery (DR) is not backup.
It is an overarching strategy that includes a technical element and strategic.
DR needs to factor in where you will restore to in the event of a disaster and acceptable data losses.
First things first: Disaster Recovery (DR) is not backup.
What is backup?
Backing up is simply taking a copy of your data and storing it. Backup has a number of rules that you can follow, with a old favourite being the 3-2-1 rule:
Have 3 copies of your data, on 2 different types of media and have at least 1 copy of your data offsite and completely isolated.
3 data copies
This includes your production or “live” copy of your data, then have two different backup copies. This means that if something happens to your primary production data (ranging from accidental deletion to a ransomware attack), you have two further copies to rely on. Why two copies? Because backup systems can fail. And no doubt the day your backup fails you’ll need to rely on it!
2 media types
To prevent against media failure, it’s a good idea to have your data on two different media types. Your first copy could be on some form of disk on your primary server with the second type being some other type of media – which could be tapes, or detached storage devices like Network Array Storage (NAS) devices but they can be located close to your head office or wherever your primary data is located.
1 offsite copy
This is critical and covers some key, often under-appreciated risks. An offsite copy can help protect you against:
- physical damage to your office (fire, flood, burglary or other)
- ransomware and viruses which can spread to attached backup systems
- malicious hackers who intend to do damage to your systems
What you are trying to achieve is to remove a single point of failure to improve your data resilience.
Is the Cloud backed up?
Not in the traditional sense.
When you used to have on-premise servers the perimeter of control was very clear. You could go and look at the blinking lights on your servers, plug in a USB drive and copy your data off. Now with the majority of services being delivered from the cloud, who is responsible for backing up your data?
If you read the terms and conditions of your Cloud Services Agreement, it quickly becomes apparent that your data is not backed up in the manner that you were expecting.
Cloud providers talk an awful lot about Uptime and being Highly Resilient – however they are referring to their hardware infrastructure (and possibly their software) but they are not talking about the resilience of your data.
What happens if your data becomes corrupt? Too bad. If you haven’t signed up for the cloud providers backup system (if they offer it) then that’s it: your data is gone.
This poses a huge challenge for businesses that are legally obligated to provide a certain level of assurance around their data integrity.
Uptime and hardware resilience gives you a level of comfort that if the underlying hardware running the vendor’s cloud were to fail, they have sufficient redundancy built in to manage that failure. However if your data becomes lost or corrupt during that failure then you could be on your own.
Whilst it’s highly likely that the vendor will have backup sets of your data to avoid further damage to their reputation, these are not backup sets that you can access in the event of accidental deletion. You have zero control over those backups (if they do exist) and even if they do exist, you’ll be stuck in a queue with every other client waiting to have their data restored.
Backing up the Cloud
Part of your backup and DR strategy must included backing up the cloud wherever possible. There are plenty of reputable cloud backup providers available – if you’re not sure, ask your IT provider or team.
What is Disaster Recovery?
Disaster Recovery (DR) is an overarching strategy that includes a technical element and strategic.
DR needs to factor in a lot more, such as:
1. Where will you restore your data to?
You could have the greatest backup system in the world, following the 3-2-1 method… but if all of your systems fail, where are you going to restore your data to?
If you’re predominantly in the cloud, what alternative service provider will you move to?
If your office burns down, where will you work from?
2. How will you restore your data if your equipment is not accessible?
If your equipment has gone up in flames, what will you do next? Understanding this requires a lot of planning and on-going discussions internally.
Who will manage the staff that you’ll have to continue to pay? Who will manage your clients who will still expect to be served?
It’s amazing how many businesses fail to even have that conversation because “everything’s been going well”, so it’s out of sight and out of mind.
3. How much data loss in the event of a disaster is acceptable?
The hardest of all to quantify: how much is your data worth? Working out the cost of a car is easy – it can be appraised and everyone can agree that a car is worth what many other identical cars is worth.
But what about your client database? It’s worth a lot to you but perhaps not much to someone else. Maybe it’s worth even more to a competitor than it is to you?
So how much data loss can you afford in a disaster?
This is typically defined in terms of Recovery Point Objective and Recovery Time Objectives.
The Recovery Point Objective (RPO) is the amount of data loss in terms of time that you’re willing to tolerate. One hour of lost data? Four hours of lost data? One day of lost data?
Think of it as how far back in time would you be willing to go?
Recovery Time Objective (RTO) talks about the amount of time it will take to recover from a disaster. As per RPO, this is quantified in terms of time.
Some businesses opt for an RPO of 1 hour and RTO of 4 hours, meaning that they will tolerate one hour of lost productivity and be operational again in 4 hours. This about that in terms of the infrastructure required to pull that off. It’s not to be taken lightly nor is it easy to pull off.
Our top tips to starting a Disaster Recovery Plan
Tip 1 – make a plan!
1. Define what’s important to keep the business running – such as email and applications. This is best kept in a living document that is reviewed on a regular basis. Make it a top commitment and if you’re unlucky enough to need to use the plan, you’ll be very glad.
2. Understand where you can restore your data should your primary equipment be inaccessible. Do you have an IT service provider who can loan you equipment to run off in the short term? Do you have a spare fleet of laptops and servers available to cater for all of your staff?
3. Determine what an acceptable timeframe for recovery is. You need to work out your RPO and RTO and constantly review. This might change for your business as it grows along with your client’s dependency on you.
Tip 2 – test the plan
1. Nominate staff to be DR Champions, who test every element of the plan. This is an often overlooked component of Disaster Recovery. You simply MUST test the plan so you can be sure that it works! This means getting people to commit to regular testing of your Disaster Recovery plan and environments. The more frequently you test, the more comfort you should have in the resilience of your business.
Tip 3 – backup resiliency
1. Test your backups regularly. This can’t be overstated. Unfortunately too many businesses believe the email notifications that come to them stating that their backups succeeded. This may not be the case and the only way to know for sure is to perform regular backup restore tests. These tests need to be holistic to ensure that every part of your backup systems are working properly because they will occasionally fail. If you’re not looking at backup notifications then now is the time to start!
2. Store your backups in a different location to your production data. Doing this creates a physical separation between your core network and your backups. In the event that your production environment is infected with a malicious virus or attacker that is intent on doing damage, they will be unable to reach your backups. If your backup frequency is high (which is quite easy to do with cloud based backups) then you might not suffer a great deal of data loss in such an event.
3. You can never have too many backups. The 3-2-1 backup strategy is a good base level. Nobody every got fired for having too many backups, but please make sure that the backups are secure!
Tip 4 – get serious about security.
Rock IT is your trusted partner for Managed IT End-User Services. Rock IT is more than just a helpdesk though – we’re one of the few Managed Service Providers that offers the flexibility of on-site and remote support, plus Cyber security expertise included in our offering. Whatever you need, our dedicated team becomes a true extension of your business.