Disaster Management Plans
Over the weekend, the big story in the news was all about the IT system failure at British Airways. The CEO of BA has released a statement that the systems crashed due to a short power surge knocking out the main servers, unfortunately for the company the back-up systems then failed to take over. This resulted in over 75,000 customers being affected and flights grounded around the world.
When the story first broke, BA did not release much information to the public, no doubt as the Directors were scrambling to find out what had gone so badly wrong. However, this resulted in various speculation such as systems being hacked, no back up servers in place or that this was due to cost cutting by out sourcing IT Support. It would appear, that none of these were the case.
Many people in the IT industry are watching this story closely to understand how this situation happened. With many questions being asked, including:
- Why did the back-up servers not take over?
- Are the back-up systems in the same location as the main servers?
- Are the communication systems such as website and mobile app in the same location?
- What was the Disaster Management Plan?
Irrespective of your IT Support being in house or outsourced these questions should not be being asked. Here at MPR IT, we support a wide range of customers for IT, on both a daily basis and, also with larger projects such as server/network installations and server hosting. With all our customers, we hold the same approach, no matter the size of your company – you need to be prepared for any eventuality. Whilst we have not had to deal with an incident the size of BA’s problems at the weekend we have had to deal with various situations where a company server has gone off line. These include a flood in an office, or a system hack. Essentially the plan is the same – get the company back up and running in the shortest time possible and preferably without their customers ever knowing there was an issue and with the least cost involved. I think we can quite safely say this is going to be very expensive for BA.
Disaster Management Recovery plans are one of the most important things that your business can put in place. The aim of a DMR is to ensure that your business continues smoothly with little or no disruption, and your company needs will differ from that of any other company. The main points that you need to consider are:
- Is your data/server backed up daily?
- Is this back up stored in a secure separate location to the main server?
- Can your customers still contact you?
- Can your staff continue to carry out their duties?
- Can your operation continue and will your customers be affected?
We have written blogs in the past about important it is to have a Disaster Management Plan in place, however the events this weekend have shown that it is not just in the case of fire, flood or bad weather that your company needs to plan, in advance for. In the case of BA it was apparently due to a power surge, that the systems failed. Not as many speculated in the first few hours, that it was due to out sourced IT Support or being hacked with a virus. If you and your company would like to discuss your current Disaster Management Plans please do not hesitate to contact us.Read more
Wanna Cry Cyber Attack – Over the last couple of years, I have spent several hours if not days reading articles on cyber crime and hacking as part of my role here at MPR IT. If you follow us on social media you will also see how this is a hot topic for us and we quite often post news stories of hacks and how you can protect yourselves, I have also written a few blogs on the subject (all of which can be found on our website). So, the breaking news on Friday and all over the weekend of the hack affecting over 150 countries around the world, with some 200,000 machines affected this wasn’t entirely a shock for me. All too often I see stories of both large corporations and small one person business being hit by hacking or ransomware.
As a company that takes pride in providing the best support and advice to our customers, our priority is prevention rather than cure, although we do unfortunately have experience on the cure as well. Our key guidelines for protecting your systems are pretty simple:
- Ensure you Operating System is the most current and up to date – Microsoft release patches and updates regularly. This particularly virus is targeted towards out of date, older systems. Please ensure your system is fully up to date. If you have any concerns please contact us and we can check this for you.
- Many virus’s are spread through email attachments – NEVER open anything from someone you don’t know or aren’t expecting. If you are unsure about an email or attachment, call MPR IT or the company where the attachment has come from and enquire as to whether it is legitimate.
- Ensure you permanently delete any emails with attachments that you do not need, or where you don’t know the sender.
- Make sure that you have an up to date Anti Virus – MPR IT can check this for you if you are unsure how up to date this is or if you don’t have anti-virus we can provide anti virus software to your company.
- NEVER share passwords with anyone and make sure that passwords you do have are always different. PASSWORD1 is surprisingly still a popular choice – it’s not a good idea as very easy to guess.
- Back up your data daily and store a copy off site securely as well on site. The worst that can happen if data is backed up is that you lose one days’ work, and not everything.
The virus ‘Wanna Cry’ that hit the world on Friday, and spread over the weekend is mainly targeted at Government departments. Where systems are older and the networks are very large, this allows it to spread so quickly, we are therefore not expecting for this to affect many of our customers, however please be assured that our team are prepared and ready to deal with any issues that you may experience.
To our customers with a contract that includes workstation monitoring, we have already rolled out emergency patches to any potentially affected machines. If you do not have a contract that includes workstation monitoring please contact us and we can look to update any patches or we can review your contract to include workstation monitoring should you wish.
Please take this simple advice and pass to your colleagues and get the message out on how to avoid potential cybecrime hacks and viruses. Hopefully one day soon I won’t be spending so much of my time reading articles on cybercrime.Read more
Emergencies can happen in any office, as one of our clients found out one weekend.
One of our long standing clients, Russell Laboratories, has been receiving support from MPR IT for a number of years now. The package we provide includes our fully inclusive Server Support package, as well as a number of larger projects including server replacements, network cabling and CCTV. MPR IT and Russell Laboratories have a close working relationship and as with all our customers we meet regularly to discuss the support we provide, and help to identify any areas that require attention.
Russell Laboratories are a leading provider of advanced plating and finishing services to the electronics, aerospace and allied industries. Based locally in Ashford the company has been in operation for 40 years. The decision to outsource IT support was made to allow the existing staff, at Russell Laboratories to concentrate on their own main roles within the business. As well as having the knowledge of a fixed price contract for ongoing daily support and security that any additional work required would be carried out by experienced engineers who fully understand the network.
As part of the inclusive server support, our systems monitor the servers on site 24 hours a day, 365 days a year, alerting our team to any issues with the systems. This means that even at weekends or over holiday periods, Russell Laboratories are safe in the knowledge that should emergencies happen they have no costly invoices for out of hour’s support.
One Saturday morning, our out of hour’s team were alerted to an issue with the server at Russell Laboratories. Our on call engineer contacted them to discuss this and it was then discovered that a water leak had occurred and the server had been damaged by water. With the knowledge and expertise of our engineer, within a short period of time we were able to transfer email access to Office 365 enabling the flow of email to continue uninterrupted. After a quick site visit to identify the equipment affected, new hardware was ordered to arrive the next working day ready for installation. As part of the support package we provide, Servers are backed up daily by MPR IT and with the data from the Friday night incident it meant that no data had been lost. The team at Russell Laboratories lost no data and they were able to continue working, with access to their emails and the total downtime from the first notification of the incident was 48 hours over the weekend.Read more
Thousands of personal and business PCs infected
The National Crime Agency (NCA) is today urging members of the public to protect
themselves against powerful malicious software (malware), which may be costing UK
computer users millions of pounds.
Action taken by the NCA to combat the threat will give the UK public a unique, twoweek
opportunity to rid and safeguard themselves from two distinct but associated
forms of malware known as GOZeuS and CryptoLocker.
The NCA’s alert is part of one of the largest industry and law enforcement
collaborations attempted to date. Activity in 11 countries, led by the FBI in the US,
has weakened the global network of infected computers, meaning that action taken
now to strengthen online safety can be particularly effective.
GOZeuS (also known as P2PZeuS) has been assessed as being responsible for the
fraudulent transfer of hundreds of millions of pounds globally. Recent intelligence has
suggested that more than 15,500 computers in the UK are currently infected, with
many more potentially at risk.
By disrupting the system used by the infected computers to communicate with each
other, and the criminals controlling them, this activity aims to significantly reduce the
Members of the public can protect themselves by making sure security software is
installed and updated, by running scans and checking that computer operating
systems and applications are up to date.
Individuals may receive notifications from their Internet Service Providers that they
are a victim of this malware and are advised to back up all important information –
such as files, photography and videos. Businesses should also test their incident
responses and business resilience protocols and work with their IT departments or
suppliers to educate employees on the potential threat.
Get Safe Online is providing advice, guidance and tools on its website at
www.getsafeonline.org/nca to help internet users understand more about the
malicious software and how to protect themselves and their computers from attacks.
A number of leading cyber security companies have supplied remediation tools,
which can be accessed via getsafeonline.org to help clean up infected machines.
Andy Archibald, Deputy Director of the NCA’s National Cyber Crime Unit, said:
“Nobody wants their personal financial details, business information or photographs
of loved ones to be stolen or held to ransom by criminals. By making use of this twoweek
window, huge numbers of people in the UK can stop that from happening to
“Whether you find online security complicated or confusing, or simply haven’t thought
about keeping your personal or office computers safe for a while, now is the time to
take action. Our message is simple: update your operating system and make this a
regular occurrence, update your security software and use it and, think twice before
clicking on links or attachments in unsolicited emails.”
“Those committing cybercrime impacting the UK are often highly-skilled and
operating from abroad. To respond to this threat, the NCA is working closely with
law enforcement colleagues all over the world, and developing important
relationships with the private sector.”
GOZeuS and CryptoLocker
Users are typically infected by clicking on attachments or links in emails which may
look like they have been sent by genuine contacts and may purport to carry invoices,
voicemail messages, or any file made to look innocuous. These emails are generated
by other victims’ computers, who do not realise they are infected, and are used to
send mass emails creating more victims.
If the file or link is clicked on an unprotected computer, GOZeuS is downloaded and
installed and it will then link the victim’s computer to a network of already infected
machines known as a BotNet.
The malware waits silently, monitoring the user’s activity until the opportunity arises
to capture banking or other private information, which is then transmitted back to the
criminals via the BotNet infrastructure.
Where a computer infected with GOZeuS turns out not to offer a significant financial
reward, it can ‘call in’ CryptoLocker, to give the criminal controllers a second
opportunity to acquire funds from the victim.
CryptoLocker works away in the background, encrypting the user’s files. Once that
process is complete, the victim is presented with a pop-up telling them what has
happened and a timer appears on their screen, which starts counting down. That is
the time the victim has in order to pay a ‘discounted’ ransom, currently one Bitcoin
(£200-£300 approximately) for UK users.
The NCA has been working with international law enforcement partners including the
FBI and Europol, as well as partners from the banking, internet security and ISP
Information on ensuring security software is up to date can be found at
www.getsafeonline.org and www.cyberstreetwise.com
Members of the public who think they have lost money through malware such as
P2PZeus and Cryptolocker should report it to www.actionfraud.police.uk
If you are worried about potential threats please give us a call and we can look at your IT Systems to make sure you are doing the enough to protect your company.Read more
Fire and disasters can happen at any time, which is so devastating and can have major effects in your business and your life. So it is vital to make sure you have a policy in effect that you can get your business up and running as quickly as possible. Your clients can understand this but they have a business to run and will need services or supplies while you are rebuilding. If they have to use a different supplier they might be persuaded to move if you do nothing about this or have a emergency plan to cope with this disaster. It might not be a fire it could be a technology disaster like a virus or your computer failing to give you a disaster that you have not planned for
Computers can be replaced but what can not be replaced is the information and documents that you have built up dealing with your clients, So where do you start? Well this is where we can advise you on the best options to back up and protect your data. Consider if you had a back up copy where you can install this on new machines to keep your clients, I know if I was a client and your had a back up of my data I would stay by you because you have valued me as a client. It would give me enough assurance to make sure you had a disaster plan in this eventuality. this will give me the confidence that you will get back to normal as quickly as possible.
I am sure some people believe they have a plan in case of disaster, but if you would like someone from the IT industry to come in and check your plan I would be willing to check this and give you a second opinion.
In today technology world you need to be extra cautious against things that make your business fail and give your competitors a chance to win over your clients that you have taken so long to build trust. If you do not think it will happen just look online to see how many things that can happen to your business. It is time to take action and become a proactive manager and plan for these disasters. instead of reacting to problems when they happen.
Please contact us if you have any questions or would like to talk about this article.
Thank you for taking the time to read this article, I hope this invokes a response from you about your business