How can you tell where someone’s priorities lie with regards to their technology? I submit that it’s by the placement of the Uninterrupted Power Supply (UPS, or battery backup). For example, my modem, wireless router, computer, TV and PlayStation® are plugged into two UPS devices. No temporary disruption to power service is going to ruin my video game playing.
Hopefully, your business has considered similar scenarios. Your company’s PlayStation® may not be protected by a battery backup but key IT equipment should be. To determine if you have protected your IT systems, consider what is required to keep them up and running.
The first thing necessary for keeping your IT systems up and running is somewhere to house them. Under your desk is not a great place to put your servers. A classic (true) tale from Risk Advisory Services Team lore—the IT Audit team went to a new client for the IT Audit. At the first meeting, the IT Manager leaned back in his chair, propped his feet up on the mainframe that hosted the enterprise wide core application, flicked some cigarette ash from his lit cigarette into the ashtray on top of said mainframe, and casually asked, “OK, what do you want to know”? Having appropriate space to store the infrastructure equipment is vitally important to minimize the threat of heat buildup, inadvertent kicks and drops, coffee spills, and floating cigarette ash and smoke.
One of the more obvious needs to keep your IT infrastructure going is power. Traditional power, however, is not always reliable. If the IT systems are plugged directly into the wall, every power disruption would cause the system to immediately shut down. This could cause damage to hard disks and configurations. Data could be lost or corrupted. Several options are available to manage this risk. All desktop computers, servers, and network equipment should be supported with a battery backup. The battery backup should be the appropriate size to maintain the equipment for at least 10-15 minutes. This should allow someone to perform an orderly shutdown of really important servers and systems. Some business that are dependent on their technology install generators that support IT equipment during sustained power outages. Even with a generator, battery backups will keep the computers going until the generator turns on.
Heat is great on the beach but it’s terrible in your server room. The arch nemesis of technology is heat buildup. That’s why it’s incredibly important to have a properly cooled server room. When technology lives in an environment that’s too warm, it taxes the physical components of the technology shortening the life span dramatically. Sometimes it gets so hot the servers shut down which could cause data loss and definitely will cause loss of productivity with the end users.
The above paragraphs should remind you that technology has a lot of factors working against it. All the physical pieces of the IT system work to deliver the real purpose of having them—data. If data is backed up correctly, the above threats can really be small potatoes. Data should always be backed up on a regular basis. Backups should also be kept somewhere other than in the server room. Never have that sinking feeling that the main site is not available, and your data backups are aren’t either. To that end, test your backups. Software is usually correct when it says that backups occurred successfully, but there are horror stories where the backup logs said all backups were successful, but when the time came to recover them, nothing. That is bad news. Don’t be that guy.
These are only a few of the things to consider when preparing your backup and business continuity strategy. While we try to stay away from talking about our services in this blog, the deTECH team feels these are important issue that we can help with. Small companies are being harmed by inadequate security and disaster planning. As a third-party with no technology products to sell you, we can examine your system without bias and make recommendations for improvement. We proactively work with your IT Staff. We are there to help them make your systems better and their job easier.
Yount, Hyde & Barbour’s Risk Advisory Services Team can provide you with a Business IT Assessment. This assessment examines security settings, looks for vulnerabilities within your systems, evaluates your disaster planning, and reviews your IT Strategic Plan. In the end, we will report back to you how well you are doing along with our findings and recommendations. Since our team is made up of CPAs with technology backgrounds, we can provide you with technical information in plain English, and how it applies to your business. We work with companies of all sizes, and understand that IT is not “one-size-fits-all”. We can help you find the right size controls and provide clarity to your technology
For more information about a Business IT Assessment and how we can help your business, contact me:
Bryan T. Newlin, CPA.CITP, CISA