Disaster Management Plans
Over the weekend, the big story in the news was all about the IT system failure at British Airways. The CEO of BA has released a statement that the systems crashed due to a short power surge knocking out the main servers, unfortunately for the company the back-up systems then failed to take over. This resulted in over 75,000 customers being affected and flights grounded around the world.
When the story first broke, BA did not release much information to the public, no doubt as the Directors were scrambling to find out what had gone so badly wrong. However, this resulted in various speculation such as systems being hacked, no back up servers in place or that this was due to cost cutting by out sourcing IT Support. It would appear, that none of these were the case.
Many people in the IT industry are watching this story closely to understand how this situation happened. With many questions being asked, including:
- Why did the back-up servers not take over?
- Are the back-up systems in the same location as the main servers?
- Are the communication systems such as website and mobile app in the same location?
- What was the Disaster Management Plan?
Irrespective of your IT Support being in house or outsourced these questions should not be being asked. Here at MPR IT, we support a wide range of customers for IT, on both a daily basis and, also with larger projects such as server/network installations and server hosting. With all our customers, we hold the same approach, no matter the size of your company – you need to be prepared for any eventuality. Whilst we have not had to deal with an incident the size of BA’s problems at the weekend we have had to deal with various situations where a company server has gone off line. These include a flood in an office, or a system hack. Essentially the plan is the same – get the company back up and running in the shortest time possible and preferably without their customers ever knowing there was an issue and with the least cost involved. I think we can quite safely say this is going to be very expensive for BA.
Disaster Management Recovery plans are one of the most important things that your business can put in place. The aim of a DMR is to ensure that your business continues smoothly with little or no disruption, and your company needs will differ from that of any other company. The main points that you need to consider are:
- Is your data/server backed up daily?
- Is this back up stored in a secure separate location to the main server?
- Can your customers still contact you?
- Can your staff continue to carry out their duties?
- Can your operation continue and will your customers be affected?
We have written blogs in the past about important it is to have a Disaster Management Plan in place, however the events this weekend have shown that it is not just in the case of fire, flood or bad weather that your company needs to plan, in advance for. In the case of BA it was apparently due to a power surge, that the systems failed. Not as many speculated in the first few hours, that it was due to out sourced IT Support or being hacked with a virus. If you and your company would like to discuss your current Disaster Management Plans please do not hesitate to contact us.Read more
Wanna Cry Cyber Attack – Over the last couple of years, I have spent several hours if not days reading articles on cyber crime and hacking as part of my role here at MPR IT. If you follow us on social media you will also see how this is a hot topic for us and we quite often post news stories of hacks and how you can protect yourselves, I have also written a few blogs on the subject (all of which can be found on our website). So, the breaking news on Friday and all over the weekend of the hack affecting over 150 countries around the world, with some 200,000 machines affected this wasn’t entirely a shock for me. All too often I see stories of both large corporations and small one person business being hit by hacking or ransomware.
As a company that takes pride in providing the best support and advice to our customers, our priority is prevention rather than cure, although we do unfortunately have experience on the cure as well. Our key guidelines for protecting your systems are pretty simple:
- Ensure you Operating System is the most current and up to date – Microsoft release patches and updates regularly. This particularly virus is targeted towards out of date, older systems. Please ensure your system is fully up to date. If you have any concerns please contact us and we can check this for you.
- Many virus’s are spread through email attachments – NEVER open anything from someone you don’t know or aren’t expecting. If you are unsure about an email or attachment, call MPR IT or the company where the attachment has come from and enquire as to whether it is legitimate.
- Ensure you permanently delete any emails with attachments that you do not need, or where you don’t know the sender.
- Make sure that you have an up to date Anti Virus – MPR IT can check this for you if you are unsure how up to date this is or if you don’t have anti-virus we can provide anti virus software to your company.
- NEVER share passwords with anyone and make sure that passwords you do have are always different. PASSWORD1 is surprisingly still a popular choice – it’s not a good idea as very easy to guess.
- Back up your data daily and store a copy off site securely as well on site. The worst that can happen if data is backed up is that you lose one days’ work, and not everything.
The virus ‘Wanna Cry’ that hit the world on Friday, and spread over the weekend is mainly targeted at Government departments. Where systems are older and the networks are very large, this allows it to spread so quickly, we are therefore not expecting for this to affect many of our customers, however please be assured that our team are prepared and ready to deal with any issues that you may experience.
To our customers with a contract that includes workstation monitoring, we have already rolled out emergency patches to any potentially affected machines. If you do not have a contract that includes workstation monitoring please contact us and we can look to update any patches or we can review your contract to include workstation monitoring should you wish.
Please take this simple advice and pass to your colleagues and get the message out on how to avoid potential cybecrime hacks and viruses. Hopefully one day soon I won’t be spending so much of my time reading articles on cybercrime.Read more