We don’t need to tell you that data loss is excruciatingly expensive, destructive and frustrating. As an IT pro, you’re already well aware of the fact that losing even a few files or inadvertently exposing a small number of records can be catastrophic.
And you’ve probably already seen the statistics —like how the average cost of one single data breach is nearly $3.9 million globally ($7.91 million in the US), or how it can take up to a year to detect a mega-breach (according to Ponemon’s 2018 Cost of a Data Breach Study). We also probably don’t need to explain that even if you manage to avoid becoming targeted by a cyber attack, a hurricane, wildfire, massive flood or extreme temperatures could take down an entire data center indefinitely.
We don’t need to tell you these things, but just in case you need a quick reminder to double-check your disaster recovery plan (or want some examples to convince your boss why you need to increase your 2019 disaster recovery budget), here are five real-life nightmares your IT helpdesk peers face all the time.
1. The Rogue Employee
Your organization works hard to protect your data against external threats. But what happens when the problem comes from the inside?
There are plenty of stories about how disgruntled employees with full access to critical data hold files for ransom in a harebrained attempt to make money. Worse, some of them are even successful. In less malicious cases, employees may download software without IT approval, thereby creating an access point you’re not even aware exists.
That’s why your disaster recovery plan must include a method of logging changes so you can quickly identify vulnerabilities and trace them back to when they were created. And, of course, educating employees on the dangers of shadow IT.
2. The Natural Disaster
In 2012, Hurricane Sandy ravaged the Eastern seaboard and left the coasts of New York and New Jersey in shambles. Until 2017, it was the second-costliest hurricane in US history. It also exposed gaping holes in many organizations’ disaster recovery plans.
In the wake of Sandy, many IT helpdesk pros were out of the loop. Without cell service or power, teams struggled to communicate, and get their systems back up. Additionally, many companies were unprepared for the cost of replacing failed equipment, which meant more downtime while their financial stakeholders deliberated over how to get more funds.
There’s no sugarcoating it: natural disasters can be financially crippling — especially if you’re not prepared. And given the uptick in wildfires on the west coast and the ever-worsening hurricane seasons, poor preparation is no longer an option. Make sure top execs are ready to OK any spending increases or overages to get your business back online next time mother nature strikes.
3. The “Uh Oh” Accident
Nothing makes an IT professional’s heart drop faster than hearing the phrase “I think I made a mistake.” No matter how sophisticated your systems are, you never know when some well-meaning employee will do something ruinous by mistake. It could be a cleaning crew pulling the cord on a system to plug in a vacuum, or a facility manager flipping the wrong breaker switch. A vendor with access to sensitive data might make an error that corrupts entire files. Even spilled coffee, fumbled equipment or a typo can launch a full-on disaster.
In short, never underestimate the power of simple human error — or the importance of educating users and adequately vetting your vendors.
4. The Hardware Fail
All hardware will eventually fail. Batteries will fry, servers can go belly-up, and hard disks may crash. The trick is making sure you catch the failure before it takes down an entire system, eliminates critical data or exposes sensitive information.
As an IT Manager or small business owner, it’s imperative that you remain proactive. Keep up with your hardware lifecycle and make sure that your business's decision-makers understand the importance of replacing systems before they reach their end of life (EOL). Invest in endpoint security, and make sure you’re not only backing up your essential data but also validating data backup efforts at regular intervals.
5. The Big Hack
Last, but certainly never least, is the notorious hacker. Like in the case of rogue software, it’s crucial you train all employees on data security best practices, particularly on how to spot potential social engineering hack attempts (like phishing emails).
By 2019, the annual cost of ransomware attacks is predicted to reach $11.5 billion, according to data from Cybersecurity Ventures. And remember: the damage is not just limited to paying the ransom, but it also extends to data destruction, downtime, lost customers, public relations expenses and more.
Like a home security system or an insurance policy, a disaster recovery plan is something you hope you’ll never need to use — but risking going without one can end in catastrophe. As you reassess your DR plan for the coming year, make sure you’re well-prepared for whatever may come. Because as many unlucky IT pros can attest, anything that can happen, will happen.