2. KNOW YOUR CURRENT SET UP?
• Is your IT full Documented?
• Where is my data?
• How long would it take to recreate in an emergency?
• Is your back up effective, when was the last time a test
restore was done?
• Are all device passwords known, tested? (log on to firewall,
router, WAP,NAS, SAN)
3. PREVENTION IS BETTER THAN CURE
• Is your network protected?
• Complex passwords
• Firewall
• Malware & AV protection
• Are the latest service packs and critical updates installed?
• Are you aware of all the entry points into the network?
• Are Homeworkers adequately protected (Firewall, AV)
• RDP locked down?
• Are Smart Phones/Tablets OK (know how CS/Client, Settings recorded, AV/Rules on use)
4. BACK UP ONLY AS EFFECTIVE AS THE LAST
RESTORE
• In the event of an emergency how much time could you afford to lose? 1 Day, 1 Week, 1 Month?
• How often is a full back up taken?
• Consider a multi tier solution, offsite for critical data
• Business continuity for email, message labs, mime cast, hosted exchange.
• Previous versions for flat files
• Identify the critical data, separate it out from archive or duplicated data
5. BUSINESS CRITICAL SYSTEMS
• What could you not live with out?
• Outline the main areas of concern and identify the best way to protect them
• Establish levels of priority, what needs to be online first?
• Do you have a copy of all the software that would be needed in an emergency?
• Software licence keys
6. LEVEL OF DISASTER
• Level 1. Building becomes inaccessible through flooding, fire, Structural Damage etc
• Actions: Follow full contingency plan and relocate to another office. This location would be decided by
a crises meeting of management.
• Level 2. Area is inaccessible – i.e. street flooded, terrorist alert. Servers are still running
• Actions: Staff to work from another office where capacity, or from home. If needed additional remote
access resources to be set up
• Level 3. Outage – Power, internet, building facilities
• Actions: The other office will provide some resources and an assessment will be made of people’s
needs. If necessary, email traffic can be routed to the alternative site exchange very quickly. Data can be
access from DR office. Staff work from home if appropriate.
7. OUTLINE OF CONTINGENCY PLAN
• Open lines of communication, notify staff, relevant 3rd parties
• Establish priority of services to be resumed
• DR Site to be identified
• What hardware is needed? Who would supply it?
• Latest off site back up to be restored
• Where would staff work from? DR site or from home?
8. RED BOX CHECKLIST
• Operating system disks
• An emergency repair boot disk
• Any third party drivers (raid controllers, network printers, scanners, etc)
• Exchange media
• Back up media
• Antivirus media
• Any firewall media
• Any bespoke/individual software installed on the server (peer lock, file way, etc)
• Current copy of audit in the red box