Is it time to look at your Technology Policies?
Technology has progressed drastically over the last few years and it has changed the way we work. We now look to our computers and virtual file storage for our documents rather than to paper in file cabinets. We no longer rely on the postal service as one of the main communication tools, most of us rely heavily on email to communicate with each other. Every organization, no matter the size, uses some aspect of the digital world. Are we getting so accustomed to the digital life that we take it for granted? Perhaps it is time to take a look at the potential consequences, do you have a plan if you have a system failure?
A system failure has many definitions and causes. It may not be related directly to the failure of your systems or infrastructure; it could be caused by outside forces such as a natural disaster or your computer security could be compromised. Polices and procedures need to be discussed and in place before such an event happens, these polices need to describe what to do. Think creatively about the alternatives you have if a system failure would occur. Here are some questions that may help:
- How will you keep your systems running during a system breach or shutdown?
- Do you have a recovery plan?
- Do you have a contingency plan?
The design of your IT infrastructure can have a huge effect on how you approach your security and recovery policies. Whether you utilize cloud technologies or you use internal resources for your IT needs it is important to review your recovery and redundancy systems and policies annually. By contracting an outside IT professional can help you manage and consider all the alternatives available to you. A few of the areas that need to be considered in the plan are:
- Physical access to the system hardware.
- Is it located on your premise? Is it contained in a locked room?
- Do you utilize cloud technologies? If so, you should be aware of the vendor’s policies.
- System Log in policies
- How are passwords created and maintained?
- How often are passwords required to be changed?
- How is remote access controlled and regulated?
- Staff Turnover
- How is system access turned off when staff leaves?
- How do you mitigate internal vandalism of systems?
Most of you have a system back up in place. When was the last time your system backup was verified? A good plan consists of an automatic back up and also includes a redundancy system in case the main back up fails. One important consideration is to have a backup of the system image backups as well as the data files. Having the system images will save you time and effort if you are required to restore to different hardware. This is when spending a little time and expense upfront will provide a great benefit if you have to recover from a backup.
One area that may be seldom considered is your insurance coverage of a system failure or breach. It is important to ensure your organization has the adequate insurance to help mitigate any losses caused from such an occurrence.
Like all insurance, you put these policies and procedures in place hoping that you will never have to use them. By having them you will reduce the time and efforts to bring your systems back on line if you do experience a system failure. If you have any questions or would like additional information please contact us, (517) 323-7500.