A disaster often comes without warning. Server meltdown, natural disaster that wipes out your office, hackers getting into your system. They can all put a stop to your operations at any time. Here are our best 10 suggestions on how to prepare yourself so that the downtime and the damage are minimized.
1. Put it in Writing with a Written Plan.
This might sound simple but many RIA firms find that the process of thinking through things in advance of an actual disaster goes a long way and puts things into perspective. A basic disaster plan should include:
- An overview of what potential disasters might occur
- Step-by-step process of what should be done
- Instructions on who should do what
- Contact information for providers that may need to be consulted
- Usernames and passwords for key websites
A valuable part of putting the disaster plan together is understanding what kind of budget you’ll need for disaster recovery. There are obvious costs to replaced hardware, IT support to get things back up and running etc, but you also need to consider the costs of downtime on your firm.
- What will happen if you can’t access your network for a day? For a week?
- How will your clients react if they can’t reach you or if you can’t access the data their asking about?
- Will clients question the security of their information?
- How will downtime impact employee confidence in your firm?
If a few hours of downtime is more than your firm can afford then your disaster plan needs to take that into account and your plan needs to have you back up and running within that time frame.
Your IT infrastructure should be consistent with your needs.
When your plan is done, have a printed copy in a fireproof safe in your office, have a copy offsite – maybe at your home, and have a copy with your external IT consultant if you have one.
2. Have a Trusted IT Professional on Board
If you have encountered a disaster that impacted your IT infrastructure, you know that recovering your systems and getting you back up and running isn’t something you’d want to do without a qualified IT professional. And recovering your data is probably something you shouldn’t entrust to just anyone. A single mistake during recovery and your data could be gone forever or your downtime extended to weeks. Find an IT professional or firm who has experience to not only help you set up your disaster recovery plan, but also has experience in data recovery.
3. Plan for Communications
A communications plan is important so employees know how to communicate with you if they can’t access the firm’s office, email or phones. You may also want to be prepared with how to handle client inquiries during this time and ensure everyone understands the situation and your progress.
4. Prioritize Automated Backups
From what we’ve seen with our clients, the most common cause of lost data is human error. Tapes are not swapped properly, the backup is not setup correctly, or something is forgotten or missed. Automating backups means it’s always done as scheduled and the possibility of human error is minimized.
5. Take your Backup Offsite
It’s good to have a backup in the firm’s office, but if that’s your only backup, it’s exposed to the same risk to theft, flood, fire or hackers as your server. Maintaining a recent copy of your data offsite with a different server or storage device is ideal.
6. Establish Remote Network Access and Management
If your employees have access to the network remotely they can continue to work if a disaster such as flood or fire has limited your access to the office. Remote access also allows your IT staff or consultant to access your system during an emergency or for routine maintenance. An added plus is that with remote network access, many RIA firms are offering flexible work-life-balance environments that lets employees work at flexible times and flexible locations.
7. Image your Server
Imaging your server makes an exact replica of your server. This is an important step to help speed up data recovery and restoring your systems. All the information that is being stored offsite needs to be restored somewhere for you to use it. That includes all of your applications like Microsoft office, databases, accounting software etc. If you have imaged your server, that replica can be copied to the new server as it was on the old one saving you a lot of time and money to get you back up and running. This also helps you keep your preferences, configuration and favorites.
8. Document your Network
It’s important to have a “blueprint” of your software, data, systems and hardware on your firm’s network. That is what network documentation offers and your IT staff or consultant should be able to do this for you. With good documentation, it’s easier and faster to restore your network and that usually means it’s cheaper too. Good network documentation can also make occasional network repairs easier and faster as well. Your insurance provider may also appreciate the documentation in the event that replacements are needed.
9. Maintenance! Maintenance! Maintenance
OK – proper maintenance might not protect you from fires, flood, theft or other natural disasters, but those causes of data or system loss are far less common. Proper maintenance is one of the most important ways to avoid the more common disasters caused by viruses, worms or hackers. Always keep your network patched, secure and up-to-date so it is less vulnerable. Part of the maintenance schedule should include monitoring hardware for deterioration, monitoring software for signs of corruption, and identifying software and hardware that is aging and needs to be replaced.
10. Test, Test and then Test Again
It’s a good practice to have an IT professional test your system once a month to be sure the plan and all the systems you’ve set up are working the way you expect them too. They can test to be sure your backups are working and there are no security liabilities in your system. If you’ve made the effort to plan for a disaster you want to be sure it’s working.