Disaster Recovery Plans

[WaveJumper]

As the title suggests do you have one in place could your business survive a major incident, and major could come in many shapes and size, from the individual sole trader to the larger corporate

Talking to someone on Friday who had their unit broken into, no stock stolen, but they lost all their PCs, hard drives and some very expensive camera equipment. Yes and you guessed it when I inquired, they had no ‘off site’ back up of their data.

Yep they are in a real mess, at a complete loss and don’t know where to turn.

So thought this might be a timely reminder perhaps a time to think about your own situation.

Could you walk into Curry’s buy a new laptop, log onto your data and carry on within a few hours ……… would you even have access to your passwords, hopefully they not on those hard drives that went missing.

Just food for thought

 

[ctrlbrk]

@WaveJumper great topic.

We do have daily backups going out on the cloud, plus weekly backups on local physical storage.

 

[ctrlbrk]

Could you walk into Curry’s buy a new laptop, log onto your data and carry on within a few hours ……… would you even have access to your passwords, hopefully they not on those hard drives that went missing.

Wanted to add.... this is a good point.

Even having daily backups, should something go wrong with the business website, it would be a question of how long it would take to build another one from scratch.

In our case, currently 1-2 days, but it should be a priority for everyone whose business relies solely (or predominantly) on their website to shorten this to half a day max.

It's in Quadrant 2!

 

[Kerwin]

My code gets stored on Github and I use Google Workspace for email / docs / spreadsheets etc. My password manager is encrypted and stored online as well. If the worst came to the worst I could be up and running in a few hours. The longest thing would be logging back into all my website accounts.

I know relying on Github and Google Workspace for everything is a bad idea but I'm not too worried. If Google or Microsoft lose all my data there are bigger problems to deal with.

 

[Paul Kelly ICHYB]

Even having daily backups, should something go wrong

It is important that you test backups - it is not unknown for them to be corrupt, defeating the point and effort.

 

[fisicx]

It is important that you test backups - it is not unknown for them to be corrupt, defeating the point and effort.

As have a number of ransomed companies discovered. Their backups were encrypted by the ransomware!

 

[ctrlbrk]

It is important that you test backups - it is not unknown for them to be corrupt, defeating the point and effort.

Absolutely. Quadrant 2!!

 

[Ozzy]

We test our recovery process a few times a year, it is a real pain/inconvenience to do but it forms part of our ISO policies and the documentation is vetted independently, so kinda forces us to make sure we do the tests.

Still, as with everyone, we do hope we never have to do it for real.

 

[HFE Signs]

Hey, we survived COVID

 

[TCH]

good question WaveJumper

well yes, your computer is the first thing your burglar will look for after breaking your door down

he's a creature of habit, aren't we all

for most people, backing up to a memory stick will meet the case

and is possibly more confidential - if indeed anything is confidential these days

on my Linux machine, the procedure is essentially this

find ../Desktop -type f -mtime -7 -exec cp -r -v {} . \;

presumably Windows offers something similar

this sifts out recently-changed files on the Desktop - it also over-writes previous backups, which may or may not be what you want

a possible preliminary is to look at disk usage - like this

du -d 1 -a -h | sort -h

you may well decide that some directories, the browser cache for example, are so big and so useless as to be not worth including in the backup

some of your most valuable files, with passwords and so forth, may be small text files

I still favour backing-up to paper and ink, if 'backing-up' it can be called. There's nothing to go wrong

 

[Frank the Insurance guy]

As have a number of ransomed companies discovered. Their backups were encrypted by the ransomware!

Exactly this - no point having a back up that is not isolated (or whatever the correct IT term is) from the main system!

One of my client's system was hacked and once in, their backup was also infected, so no chance of reinstalling on a new system!

 

[Kerwin]

and is possibly more confidential - if indeed anything is confidential these days

If you encrypt your backups by using something like GnuPG before you copy it to a USB stick / cloud storage you can be sure that your data is safe and then you just need to make sure you have access to your public and private key.

Obviously that doesn't fix the ransomware problem but at least it keeps your data safe wherever you store it.

 

[fisicx]

Obviously that doesn't fix the ransomware problem but at least it keeps your data safe wherever you store it.

Unless the ransomware is encrypting your data as you create the backup. They do this for months before attacking the live site. Which is why you can’t do a restore.

 

[eteb3]

isolated (or whatever the correct IT term is)

I believe it’s “air-gapped”

 

[DontAsk]

I believe it’s “air-gapped”

Use “sneakernet”.

 

[WaveJumper]

I remember years ago attending a Facilities Management exhibition in London, after wandering around with said director of our FM Department, we were not aware we had stumbled into an adjacent hall full of people speaking a "foreign language" yep they were all computer geeks selling products relating to preventing cyber attacks.

Had to get the hell out of there fast went right over our heads totally different world. Please don't get to "geeky" on this thread I might not be able to keep up

Huge problem for companies of all shapes and sizes even more so now and thinking it might not happen to you could be a huge mistake

 

[DontAsk]

Could you walk into Curry’s buy a new laptop, log onto your data and carry on within a few hours ……… would you even have access to your passwords, hopefully they not on those hard drives that went missing.

Why would your passwords be on the hard drive? If you must use a password manager at least know what you are doing.

 

[WaveJumper]

Why would your passwords be on the hard drive? If you must use a password manager at least know what you are doing.

Mine are not on a hard drive but the individual who had all his equipment stolen from his office did

Ill add to the above putting them on a document and then filling them in a folder marked passwords was probably a bit dumb

Read the original post this was not me

 

[Ozzy]

Why would your passwords be on the hard drive?

...because some people store all their passwords and other sensitive information in a text document, word doc or other equally scary file saved to their desktop or My Documents folders!

 

[Newchodge]

I store all my passwords on index cards in a card index box in my desk. All of them are encoded. I suppose if the house caught fire I would have a issue.

 

[fisicx]

Don’t have that problem. All my passwords are Swordfish. Easy to remember. It’s also written down and sealed in an envelope with ‘not my password’ on the outside.

 

[tony84]

I made a similar thread in January after our office flooded... we are about quarter of a mile from a little stream that dries up in summer - thats how small it is. It was actually blocked grids that caused the office to flood combined with a ridiculous amount of rain obviously.

I DO have a disaster recovery plan. To be honest, I never in a million years bargained for flooding as I had no idea where the water would come from.

Bit of a PITA but we were never closed as such (it did happen on new years day so we were closed but if it had happened on a normal day we would have been fine).

 

[GLAbusiness]

All my data is in the cloud with dropbox, This also has version history so I van get back the the last viable version

 

[eteb3]

If you have no local copy, I'd worry about Dropbox itself keeling over.

 

[GLAbusiness]

Of course I have multiple local copies

 

[fisicx]

I knew somebody once who backed up all their files onto a set of floppies (it was a long time ago). They said they never filled up the discs despite the files being quite large. Turns out they were just copying the desktop shortcuts.

 

[Kerwin]

I knew somebody once who backed up all their files onto a set of floppies (it was a long time ago). They said they never filled up the discs despite the files being quite large. Turns out they were just copying the desktop shortcuts.

Ouch. Reminds me of my old Zip drive though!

 

[Chris Ashdown]

Ouch. Reminds me of my old Zip drive though!

The new 3.5 inch disk's were such a marval in my day, such a massive amount of data could be held, still got soe 5 inch floppies somewhere
Also had a 10gig hard drive on one of my computers