No Backups is a Disaster

Pop Quiz: Disaster strikes. Access to your network and your data is gone. Business comes to a standstill. What do you do?

Disasters come in many forms, but let’s say this disaster is a Ransomware attack – a scenario much more common than fires, earthquakes floods or other types of catastrophes.

A well-meaning but untrained employee opens an email from what seems to be a trusted source. It could be an entity like FedEx or perhaps one of your business contacts. Cyber criminals hack an end user somewhere and then send phishing emails in the victim’s name to everyone in their address book. They also ‘spoof’ or copy the email setups and logos of big companies and even Federal Institutions like the IRS, so the phishing FedEx email looks legit. It provides a link to track a package someone sent to your company. But it is not legitimate, and as soon as your employee clicks on the link, their computer freezes, and a screen appears that looks something like this:

This is only the beginning. The Ransomware is already inside and finding its path to the rest of your network. The employee should be trained to immediately turn off the computer. By now, going to the Start Menu for a standard shutdown is unavailable. The only way is by holding in the power button until the device shuts down - or even unplugging it. The quicker the action, the easier the cleanup. The tide of the virus must be stemmed immediately.

That is the very first step. Now what? Call IT support, whether an in-house department or a 3^rd party IT consulting service. One of the benefits of using a top-notch Managed IT Services firm like ITFirm.com, is that with their proactive monitoring, their Help Desk technicians should already be getting alarms that your system has been breached.

ITFirm.com configures our clients’ Cybersecurity to easily isolate and trap the malware in the initially infected device to prevent spread. Any reputable and experienced IT provider should have these policies and procedures in place.

This is only what needs to happen within a minute or two after the attack, but it is only a small but crucial first step in a comprehensive Backup and Disaster Recovery Plan. This is the point where the plan is implemented. The IT services team, in conjunction with your company’s management, will now do the heavy lifting to restore normalcy to your network operations.

How do you write a good disaster recovery plan?

Just as with any enterprise, the old saying “If you fail to plan, you plan to fail” is of paramount importance when it comes to a Backup and Disaster Recovery Plan. Putting an effective plan together requires a thorough process with pinpoint attention to detail.

The basic steps required to implement an all-inclusive and reliable plan:

1) Top Management Commitment
Your IT team does not exist in a vacuum and does not presume to act without prior management approval. Everyone must be on board with The Plan. The IT crew will do the behind-the-scenes work, but it is company management that must approve and coordinate the plan with the employees, so their involvement and commitment to the plan is absolute necessity.

2) Select and Organize a Planning Committee
IT, management, all department heads, and all areas of the company that would be affected by the disaster must be represented. The committee will define and delegate duties and determine the scope of the plan and set the standards for the activities listed below.

3) Risk Assessment
Assess and analyze the potential dangers to all areas of the organization for impacts and consequences of each disaster scenario. For example, a fire will present different consequences than a Ransomware attack – such as an orderly evacuation plan. Risks and the costs involved in responding to and minimizing the exposure because of the various possible disasters need also be analyzed.

4) Establishment of Priorities
The importance or ’pecking order’ of all areas of Processing and Operations. Putting ‘first-things-first.’ Typically, data and communications should come first because they allow other areas of the organization to continue. For example, in manufacturing, the shipping department should be down in the pecking order because they will have nothing to ship if nothing is being manufactured.

5) Set Recovery Strategies and Tactics
For each department, determine the steps to be taken and who will take command of ensuring those steps are performed. The objective, much as for those in ‘Establish Priorities’ above, is to enable the continuity of business as the disaster is being addressed. Establishing what is to be done and by which key personnel prevents any possible confusion.

6) Write Out the Plan
Starting with the outline, the final plan needs to be in a standardized format and must adhere to every minute detail in understandable, non-ambiguous wording. The idea that any part of the plan could be open to ‘interpretation’ must be avoided – these must be clear-cut directives. All functions of all departments must be clearly assigned. A haphazardly written plan is as bad as no plan at all.

7) Establish Criteria for Testing
Testing, analysis, and ‘tweaking’ of the plan will be an ongoing process. Develop dependable testing procedures that allow you to foresee any weak spots and make appropriate adjustments. Any surprises on the day of an actual disaster are a disaster of their own.

8) Testing
Perform the first test based only on the plan and the testing criteria and update the plan as needed. A plan is rarely ‘bulletproof’ the first time out.

10) Final Plan Approval
Following a series of tests and adjustments, and all contingencies are well covered, set the plan in stone – for now – future adjustments may be necessary. Ongoing testing should be scheduled at regular, agreed-upon intervals. The world changes, as does technology, so follow-up tests may show inadequacies that were not present when the final plan was approved.

Cloudian offers a comprehensive guide to putting together a good Backup & Disaster Recovery Plan HERE.