Planning for an IT Crisis
| July 18, 2012
Last week there was a fire in the Shaw building in downtown Calgary that not only affected some Shaw services, such as email, telephone and internet access, but also closed down a major data centre that was located in the building. This data centre served many critical government services such as health records, motor vehicle licensing and land titles. For close to six days everything from getting medical care to registering land titles was affected.
In our data-driven, IT-dependent industry, what lessons can the Real Estate Council of Alberta, and in fact, brokerages and individual industry professionals, learn from this event?
- The size of your organization or business does not matter when it comes to protecting information. We all rely on information stored in our computers to run our business and the loss of that information as the result of a disaster or theft could severely affect your business. To protect your business and its data, you need to not only back up your information on a regular basis, but you also need a plan to restore it if and when disaster does strike.
- Have a disaster recovery plan (DRP). A DRP documents the processes, policies and procedures for the recovery and continuation of technology infrastructure that is critical to your business. Ensure that your DRP includes a communication plan to reach your stakeholders.
- Regularly test your DRP to make sure you do not have any problems recovering your data and getting up and running again within a reasonable time frame.
- Engage the security features on your computer such as passwords and other access controls. If you lose your laptop or tablet, will the information on the hard drive be safe from unauthorized access? Consider encryption software and strong access controls to prevent unauthorized access to sensitive information should your computer be lost or stolen. Use current anti-virus software and regularly run virus scans.
- Consider an uninterruptible power supply (UPS) or a generator that will keep systems running in the event of power failure. Ensure all of your computers are connected to surge protectors to guard against damaging surges in the electrical supply.
- Take an image of your computer that can be copied to new hardware in the event of a hardware failure. This will save you the inconvenience of reloading software from the discs.
- Protect your data. The type of data back-up depends on the complexity of your IT infrastructure and the level of sophistication of your technology. Data back-up can be as simple as backing up to a disc or a separate hard drive and storing the back-up at a secure offsite location. Within more sophisticated IT environments, back-ups can be transmitted over the internet to an offsite disk or cloud service, or you may want to consider replicating your data to a server located at an offsite location. In the case of businesses with critical applications, consider co-locating your server in a third party data centre. The most sophisticated data centres have 24/7 monitoring and support, high level security, standalone generators, fire-suppression systems and synchronized offsite data backup that is available for immediate restoration in the event of a server failure.
- Many building codes require water sprinklers, even in areas where there is electronic equipment that is sensitive to water damage. As a first line of defence, consider installing a fire-suppression system to monitor heat and smoke. If engaged, a fire-suppression system may be able to deal with a fire with less damage to your electronic equipment—before the sprinklers come on.
What does your business have in place to ensure data and IT infrastructure protection in the event of a disaster?