How much of your day is spent putting out fires that pop-up in your information technology systems? Do you feel that you or your staff is spending too much time firefighting and not enough time on mission-critical projects? If you do, you are not alone. It turns out many startups and small business share those feelings, and it is those shared feelings that have inspired this new paradigm in our IT emergency conversation.
Your information technology group is critical to the daily operations of your organization. A group with that much importance must have an emergency plan. And because plans are worthless without action, your team must practice and train on how to deal with medium to critical-sized IT emergencies. There is no better example of this than with your local medical facilities, public safety officers, first responders and, firefighters. The majority of their time is spent planning and training for emergencies, so they are prepared and don’t have to pause when a situation arises. Training provides the opportunity to learn from mistakes so that when a real-life event takes place, every trained individual can deliver a top-drawer performance an mitigate damages.
Performing backups may seem trivial and mundane; however, they are the exact opposite. In addition to the ability to restore the occasional chunk of lost data, your backups will determine how quickly the company can function again after a data loss. Some businesses are legally required to perform backups. If your business is one of those, consider the legal requirements as the bare-bones minimum and aim to go above that minimum. Strongly consider daily backups if you do not employ an ongoing backup solution. Another good practice is the 3-2-1 rule. This rule states you should have at least three copies of your backup data that is stored on at least two different types of media, and at least one of the copies should be stored in a secured location off-site. Backups may seem unimportant until the second you need them, and then they are paramount!
It is not possible to have an IT conversation without a fair portion of it focusing on cybersecurity. The cybersecurity conversation is one that every small business CIO, CFO, and CEO should be engaged in since statistics demonstrate that small and medium-sized businesses are the primary targets of hackers and cyber thieves. To protect yourself you need to employ an arsenal of firewalls, malware sweepers, and secret passwords. One regularly overlooked security tactic is education. Statistics reveal that nearly one-third of your staff will engage in dangerous cyber behaviors that can result in a data breach or at best, a significant inconvenience to your planned day. Phishing tactics have evolved, and they are more sophisticated than they were a short time ago. Yes, the exiled Nigerian prince is now living safely with his fortune in Timbuktu and is no longer a threat; however, attackers are now targeting staff in critical roles to gain access to the information they desire. A company-wide and regularly scheduled education component in addition to your arsenal of tools is key to a 360-degree security policy.
A proactive and robust systems integration program will have a direct impact that reduces the amount of time spend on IT emergencies. Critical components of a top drawer program are creating an active team who has a collective understanding and working knowledge of your entire technical system. This team will write system requirements, performance standards as well as test and approve all hardware and software integrations. Your team will also produce a cyclical continuous integration schedule to manage the introduction of new hardware and software as well as updates and the planned termination of ill-performing hardware and legacy software systems.
Knowledge is only half of the solution and action is the other half. Employ your team’s expertise to plan and train for IT emergencies. Establish a robust backup plan and follow-through to ensure that it is carried out. Be active in a cybersecurity network to stay abreast of new threats and countermeasures as to communicate all relevant information to your associates to keep your systems safe. Finally, support a take-charge integration team that is aggressive when addressing potential issues with your system’s hardware and software. Proactively add these four steps to your existing IT management agenda, and you will be spending less time chasing problems and more time on mission-critical projects.