Issue link: https://iconnect007.uberflip.com/i/1440051
JANUARY 2022 I SMT007 MAGAZINE 51 • Where and how oen is your company data backed up? • How would the company access and deploy the backed-up data if you needed it right now? • Who in your organization has access to what? How would you answer them? Not long ago, I asked these questions to a new client—a good-sized manufacturer. e leaders in the room weren't sure, so I excused myself from the meeting, called my office and had one of our tech team meet me with an ex- ternal hard drive. We made immediate back- ups (snapshots) of the critical systems. Now at least we could all be certain that the client had a moment-in-time back-up. Pausing the meeting sounds like theatrics, but it was not. In fact, if you answered "no" or "I don't know" to any or all of them, I suggest you stop reading this right now and find out. It's that important. Why? Because the future is uncertain, and accidents happen. Awhile back I got a call at 6 a.m., which al- most always means trouble in my world. e client said it was the strangest thing, but there was a lock on all their files, and they couldn't open any of them. In those days, ransomware was a new threat and the anti-virus tools were in catch-up mode. We quickly determined that it was an actual breach, and their data was be- ing held hostage for X amount of dollars (this was before cryptocurrency). We'd automated nightly back-ups for them long before the at- tack, so within 15 minutes or so we were able to get them back online and running with min- imal interruption. True, you might never be the victim of a cy- berattack. But unfortunately, hackers are not the only threat to your data or your business. How about something like this: Your opera- tions grind to a halt for hours and hours be- cause a server with all the critical data tied to it crashed. With a good back-up, several hours of down time can become a few minutes. Also, your offices and manufacturing facilities are just as vulnerable to fire, flood, or misadven- ture as any structure. Sure, you carry insurance for property damage, but data loss is a whole different animal—yours and your customer's. A back-up can be the difference between sur- vival and bankruptcy, so it's a plenty good rea- son to stop a meeting. Next, you must ensure the key people in your organization know how to access the back-up. If you are the only person who knows where the back-up is or how to contact your IT service provider, then God forbid you have a health emergency or a debilitating accident. If that key IT resource is not you, but an employ- ee, what happens if that person disappears? Also, make sure that your back-ups are run and tested regularly. Verification doesn't re- quire much effort: just access a document or two. If they open properly, you're likely good to go. Lastly, document your back-up information, and communicate it to the key people in your organization so they can act in an emergency. You might operate for another 50 years and never be the victim of a cyberattack or an acci- dent. In fact, I hope that's the case, but hope is not an adequate business continuity strategy. Right now, as you read, do you know where all your mission critical soware and docu- ments (including email attachments) are? Do you know who has access to any or all of them? Do all your people know how to keep them safe? You can call answering these questions "pre- paring for CMMC" if you like. I call it good business practice. SMT007 Divyash Patel is president of MX2 Technology.