|
Having an incident response plan can mean the difference between recovering quickly and losing your business entirely. Learn about some key areas to focus on when developing your incident response plan. Your business most likely relies on IT for a variety of tasks, including the storage of business documents, customer information, financial records, and accounting information. In addition, you probably rely on computers to conduct many daily business operations. Though no one wants to deal with the possibility of something unfortunate happening to their business, planning for the unexpected today could save your business tomorrow. Here are some key areas to focus on when developing your incident response plan. Data protection: Your business may have thousands of records that are updated on a regular basis, so it’s critical to develop a system for backing up all of your files. There are a variety of methods available. One option is called Disk-based backup, which is becoming the method of choice for many small businesses, due to both its cost effectiveness and its ability to provide continuous data protection. IT hardware disposal: While backing up and protecting your data is important, safe disposal of machines that contain your data is equally important. If a physical disaster makes it necessary for you to dispose of hardware, make sure to erase all data on those machines before disposal, so no one can retrieve any information off the hard drive. Contingency planning for continued operations: In developing your incident response plan, you should also create a contingency plan for your business’ continued operations. This continuity plan should include both short-term and long-term considerations. For example, immediately following any incident, it is important to deal with short-term issues such as employee safety or continuing business operations from an offsite location. Longer-term issues must also be considered, such as telecommuting options, physical restoration of lost data from an alternate location, and IT systems recovery. By putting together a detailed and thorough plan that incorporates all these issues, your business will be well prepared should you ever have to face any unforeseen circumstances. Telecommuting: If telecommuting is an option for your business, it is important to understand and implement security procedures for all devices connected to your business’ network. Antivirus software should be installed on all computing devices including computers, laptops, and PDAs in order to scan and clean files that could be infected. Firewalls are also crucial to protect your network from intrusion and security threats. You may want to consider software and hardware firewalls for all remote computing devices, as well as a network firewall. Security incident response: Though incidents that may affect your business can range from natural disasters to national security emergencies, you should have a specific, customized plan in place to help you react quickly to an IT security incident. If your business suffers a virus, worm, hacking, data theft, or other type of IT security incident, you need to be immediately go into action to maintain and recover as much information as possible. Consider developing a procedure for preserving any evidence of tampering – this can include saving log files, maintaining a list of usernames and passwords, and developing an ongoing strategy to monitor and prevent future security threats. Conclusion: A business’ ability to recover from an unexpected incident can mean the difference between recovery or losing your business entirely. Careful planning ahead of time can save money, time, and effort in the long run, and allow your business to recover quickly and effectively. By investing in good storage, backup and security technology and sound security procedures, you will be better prepared to effectively respond to unexpected incidents. Contact (your company) to make sure you are implementing the best data security policy, and to get help if your data is at risk. by Symantec |
Prepare for the Unexpected 
Carl Mazzanti is Co-Founder and President of eMazzanti Technologies, Microsoft’s four time Partner of the Year and one of the premier IT consulting services for businesses throughout the New York metropolitan area and internationally. Carl and his company manage over 400 active accounts ranging from professional services firms to high-end global retailers.
eMazzanti is all about delivering powerful, efficient outsourced IT services, such as computer network management and troubleshooting, managed print, PCI DSS compliance, green computing, mobile workforce technology, information security, cloud computing, and business continuity and disaster recovery.
Carl Mazzanti is also a frequent business conference speaker and technology talk show guest and contributor at Microsoft-focused events, including frequent prominent roles at the Microsoft Inspire (Worldwide Partner Conference / WPC).
Carl, a serial Entrepreneur, gives back to the community through Entrepreneur teaching engagements at Georgetown University, the company’s ocean wildlife conservation effort, the Blue Project, and Tree Mazzanti.
