Business Continuity Strategy: Difference between revisions

This page documents all of the procedures and processes we have in place that can be used to ensure that your business can survive a disaster, at least from an IT perspective.

Data Backups

Forget About IT Ltd currently has three backup servers in two separate locations. Every night, at approximately 10pm, our servers start to copy all the changes that have happened to your data since the previous backup. Should this backup be interrupted, it will automatically try again after a short period of time, for a number of attempts. The process is repeated for at least one other out of the three backup servers, so that your data is backup up onto at least two backup servers.

Once the backup has finished, the backup servers take a copy and date it. The daily backups are kept for a week. One backup a week is used as the weekly backup, and is kept for a month, and one backup a month is kept for a year. So at the end of a full year's rotation, we will have, on at least two different servers, at least 20 snapshots of your data (6 x daily, 4 or 5 x weekly, 12 x monthly).

Mission Critical data

Because we charge for the amount of data we store for you at our data centres, it is the client's choice as to what they consider to be mission critical data. However, unless a client specified otherwise, we back up all the data on the server.

Archive data

As all business accumulate data, eventually there comes a time when it needs to be archived off. We can provide areas on the server that are not backed up to our off-site storage, but in order to make sure the data is safe, we recommend that the client purchases a couple of external hard drives, which the backup program will use to carry out a local backup of that archive area. The client then swaps those drives on a weekly basis, taking the other off site somewhere, like their home.

Recycle Bin

Enabled on a per-share basis, we can configure a network Recycle Bin, which will store a copy of any deleted files for 32 days. This allows bridges the gap when you delete a file that was created after the most recent backup.

Large Files

Because it is possible for files to be too large to be uploaded overnight, files over 1GB in size are only backed up at the weekend, when we can leave the backups running long enough to complete the task before the next backup is due.

Files over 10GB are not currently backed up remotely for the same reasons. However, our backup program logs what files it has not backed up, so it is very easy for us to determine if there are files on your server not being backed up due to their size.

As upload bandwidth improves over time, we review these sizes on a regular basis.

Bandwidth

we normally limit the amount of upload bandwidth we use on a client's broadband to 25% of its capacity. At the weekend we increase this to 50%. This means that when the backup program is running, it does not impact the the normal traffic to and from the Internet.

Virtual Machines

We have installed virtual computers on our servers for some of our clients. Because of the size of the image files, we do not back these up remotely. However, we set up special scripts in our backup program that can access the mission critical data, and add it to the backup.

Data Recovery

Thankfully, full metal recoveries are rare. Much more usual are accidental deletions, or using "save" instead of "save as". we can either email you the file, so that you can re-save it yourself, or we can recover the file(s) to their original location, or a new location. Obviously the larger the file, the longer it will take to restore.

Test Restores

We are happy to carry out test restores for you at any time. Should you wish to test our backup system, then I suggest you create a file and save it somewhere on the server that also contains mission critical data, and a couple of days later, delete it and ask us to recover it.

Hardware

All the hardware we use, including the servers we install at client's premises, follow a common format. These means that even when we buy servers from a different manufacturer, they remain compatible with each other. This means that in the even of a hardware failure, we can simply turn up with a spare server, swap the hard drives over, and the client is back up and running again.

If the hard drives have also been damaged, then depending of the clients preference, we can either download the backup data onto the spare server before we bring it over, or bring the server over with a base install, and then prioritise what data is downloaded first depending on the client's requirements.

We can also take the replacement server to alternative premises, along with a small network, or set it up at our office or our server farm, to be used remotely.

Mirrored Hard Drives

All of our servers used mirrored hard drives. That means that the system can tolerate a hard drive failure without any data being lost, and more importantly, no interruption to the server. If this happens to your server, we would simply turn up with a new hard drive.

Spares

As previously mentioned, we hold a number of spare servers in stock. we normally keep a 10% ratio of spare servers to production servers.

Duty of Care

The only thing we require of our clients is a duty of care over the physical well being of the server. We always use quiet servers, as they are usually located under a desk or in a corner of an office, as most of our clients do not have the space (nor do they need) for a dedicated server room. However, as such it can be exposed to spilt drinks, localised heat sources like a fan heater, etc.

Should the failure of the server be linked to one of these sorts of issues, we would normally expect to charge the client for the repair. We also expect the client to cover the cost of replacement hardware and our time in the event a major incident, such as a fire, in their insurance.

Email

Assuming you allow us to route your email via our servers, we have the following systems in place that are used automatically whenever your main email server is unavailable.

Relay Servers

These alternative servers are permanently configured in the email settings for your domain. Whenever your mail server becomes unavailable, these servers will accept the email on its behalf, and will queue it up until the main server becomes available again.

"Panic" Server

Also permanently set up, whenever an email is processed by one of our mail relay servers, a copy is taken and sent to what we refer to as our "Panic" email server. This server can be used to redirect email to an alternative destination, such as a private email address, as well as being able to access the mail via webmail. This server also keeps copies for 30 days.

Transport Map

A transport map is a way of delivering queued email to a different destination, so in the event of the mail server likely to be unavailable for some time, we can set up an alternative server.

Security

Everything we do, we do with one eye on security.

Traffic Encryption

All of the external traffic to and from the server can be encrypted. We can enforce encryption in many situations, so that none of your traffic is sent in clear text. This stops public wireless packet sniffing and a whole range of other snooping. You may think you have nothing worth stealing as far as data is concerned, but to the dark side, even an empty server on the other side of the world can be used as a jumping off point for other attacks, spam and denial of service attacks.

Data Encryption

As an option, we can encrypt the partitions your data is stored on. This would mean that if the server was stolen, when it was powered back up, the thieves would not be able to access the data. However, we do not do this automatically as it has it's downside, since a server reboot can mean your data is not available until the key is entered.

Cloud

Although your data is backup up off-site, we do not, and will never use what people often refer to as "The Cloud". For many years we have been operating what is now described as a private cloud, but basically is our own physical servers. Nobody other than us has access to them. we know where they are, and under whose jurisdiction they fall under. None of your off-site data ever leaves the UK, and we can guarantee that.

Remote Access

Although most often used on a day to day basis for remote workers, remotely accessing your data is a valuable tool when it comes to business continuity.

Email

Email is always available, and we configure all laptops and mobile devices to be able to use email both from inside and outside the network.

VPN

We have two different types of Virtual Private Networking, which is a way of being on the office network from anywhere in the world. You can access all the files you can access in the office, and even send print jobs to the office printer.

WebDAV

This is a method of being able to access your files over the Internet, without the need for a VPN. Whereas a VPN is a single connection that can be used for almost any sort of traffic, WebDAV can only be used for access files. The traffic is encypted, just like VPN traffic.

Web Interface

The lowest common denominator in terms of remote access, it is a way of access your email, calendar, tasks, files, address book, often in read only mode, but requires no configuration on the client computer, so can be used at a moment's notice.

Potential Scenarios

Loss of Internet Connectivity