Jay Sachetti joined Jeff O’Brien, partner at Husch Blackwell and Dyanne Ross-Hanson, president of Exit Planning Strategies talked about the market for mergers and acquisitions, exit planning opportunities for companies that don’t end up for sale and how companies can maximize their eventual sale price during an early October panel at the first Upsize on Tap event at Summit Brewing Co. in St. Paul.
When the state Legislature passed a law requiring employers to provide paid leave and safe time for employees, Justin Bieganek started hearing differing details from friends, colleagues and peers.
1, First, inventory or map out all the important technology and data used to operate your business.
2, Build a risk profile for your specific business’ needs. Update it periodically to ensure you are taking necessary steps to ensure your vital data is protected and recoverable.
3, Have a right-sized response plan and data recovery tool in place that allows you to recover and resume operation with minimal disruption.
4, Don’t rely on locally stored backups for data protection. The most effective means to ensure all your valuable data is available to recover when you need it is to leverage a purpose-built cloud-based endpoint backup solution.
Tell me the truth: if you lost your computer tomorrow, how much damage would that do to your small business? For many small and midsize businesses (SMBs), the whole world of their work is housed on a laptop.
If you’re confused why this is a problem, take a minute to consider just how impactful the loss of this data would be to your small business: one spilled cup of coffee, one inopportune drop of your laptop, one lost or stolen device or one incorrectly handled phishing scheme — that’s all it takes to wipe out the entire history of your business.
Imagine that all your notes, invoices, customer lists and emails vanish in an instant. Maybe in a best-case scenario, this sets you back several days before you can patch together a new workflow. As it is, SMBs (particularly those in the early stages of their business) are often working with paper-thin margins. Could you afford this much downtime?
It’s a grim prospect. But all the more frustrating is that all this loss is preventable. Because it all boils down to human error. And while the effects of human error can be devastating, mitigating it is simple: it’s a matter of awareness, good policy and empowered employees.
While there’s no magic bullet to stop data loss, one simple tool can protect you from it: a data recovery plan. A plan like this can be thought of like a fire evacuation drill: a practiced plan backed up by a purpose-built tool to recover your data and get you back to business when your data gets lost and compromised.
But most SMB owners aren’t IT specialists and many aren’t large enough to warrant dedicated IT staff. So where should they start? Here are six points to consider in building your disaster recovery plan. And the good news is that you can keep it simple and evolve it as your company grows and risks evolve.
The first step in building a good plan is to inventory or map out all the important technology and data used to operate your business. Consider both software applications and hardware and all the data they contain. This will help you visualize which systems and technology host your most important data.
Once you know the complete picture of the data your business uses, you’ll start to get a clearer picture of your priorities for data recovery and the unique risk profile of your organizational data.
The next step is to try to assign a level of importance to the systems and data while thinking through what the impact would be to your business if that data was no longer available (e.g. due to human error, ransomware attack or system outage).
Are there any specific risks associated with your data (e.g. intellectual property, customer lists and contact information, credit card numbers, health information, etc.)? These risks will vary from business to business, so think through specifically what is important and valuable to your business operations. Depending on the data involved, there may be financial, operational, legal or reputational risks to consider.
Whatever the case, building a solid risk profile and periodically updating it will allow you to take appropriate steps to protect that data and ensure that it is recoverable when things go wrong.
Do what makes sense based on the size and risk appetite of your company. For example, smaller organizations may be fine with a simple, one-page plan which outlines the critical data stored on their hardware and software and what their capabilities are to recover it when things go wrong.
Larger organizations may be better served by designating a person or small team to be responsible for creating a more detailed plan for recovery based on critical data, controls and risk tolerance, as well as testing the plan and recovery capabilities periodically. The important thing is to have a right-sized response plan and data recovery tools in place before you need them so you can quickly take action to recover and resume operations without disruption to your business when the time comes.
What data assets are mission-critical to your organization? Which ones are important but can wait? And which are nice-to-haves, but not the end of the world to lose in the event of a breach? Answering these questions will help you set priorities in data backup and recovery, allowing you to streamline the process and have a clear hierarchy around what you need to recover and how quickly.
The previous steps were at the level of procedure. This next step is the most important and can be as simple as incorporating the right tool.
Let’s start with what not to do. Definitely do not, under any circumstances, rely solely on locally stored data as your backup, which can introduce risk if your local network is corrupted or suffers an outage. Equally as risky is relying on cloud collaboration platforms like Google Drive or SharePoint for backup and recovery. These tools are designed for collaboration and not complete backup and recovery solutions.
The most effective means to ensure all your valuable data is available to recover when you need it is to leverage a purpose-built cloud-based endpoint backup solution. They are simple to use and reliable and cost effective for small businesses.
Key features to look for include automatic backup, unlimited data backup including every version of every file, and data encryption. Other solutions that host your data onsite or that are not explicitly built for backup will not provide the level of protection needed for your business.
Even without the above protocol in steps 1 – 4, a purpose-built endpoint backup solution will work to protect your organization’s important data and ensure it is available to recover when you need it, allowing you to nip data loss in the bud.
Finally, a disaster recovery plan isn’t a one-time, “set-it-and-forget-it” solution. As your business continues to change and grow, your plan may need to change with it. Make sure to revisit your plan periodically and make appropriate changes if needed.
Also, just like with a fire evacuation drill, your plan should be tested periodically. Run data loss scenarios (for example, what if you lose your laptop) and see how strong your recovery tools are. Through this sort of testing, you’ll have confidence and peace of mind knowing that your important data is protected and recoverable in the event things go wrong and when you need it most.
