disaster planning from techsoup.org
Post on 11-May-2015
623 Views
Preview:
TRANSCRIPT
Disaster Planning: What Organizations Need to Know to Protect Their Tech#12ntcdp
Kevin LoTechSoup Global
Evaluate This Session!Each entry is a chance to win an NTEN engraved iPad!
or Online at www.nten.org/ntc/eval
Agenda
• 3 takeaways• Main components
– Backup– Security– Documentation
• Your disaster toolbox• Planning discussion• Questions?
DISASTER PLANNING #12ntcdp Slide 3
http://www.techsoup.org/toolkits/disasterplan
Slide 4DISASTER PLANNING #12ntcdp
Key Takeaway
1. Before you have a disaster plan, you need a disaster mindset
Image: http://www.flickr.com/photos/vistavision/
DISASTER PLANNING #12ntcdp Slide 5
Key Takeaway
2. Your plan may end up only 75% successful, but having no plan means 100% failure
Image: http://www.flickr.com/photos/copenhagen_toejeri/
DISASTER PLANNING #12ntcdp Slide 6
Key Takeaway
3. It’s cheaper to backup your data 100 times than it is to lose it once
Data source: “Cost of Hard Drive Space” http://ns1758.ca/winch/winchest.html
DISASTER PLANNING #12ntcdp Slide 7
“What have you got to lose?”
Slide 8DISASTER PLANNING #12ntcdp
flickr.com/jase_n_tonic(Creative Commons license)
It’s all about the data
• Your backup plan needs to cover:– What's being backed up – Where it's being backed up – How often backups will occur – Who's in charge of performing backups – Who's in charge of monitoring the success of these
backups
• Make sure it’s easy to reference and access
DISASTER PLANNING #12ntcdp Slide 9
It’s all about the data
• Imagine a typical work-day by your key staff– Obvious: email, donor data, financials– Not-so-obvious: bookmarks, network data,
website passwords
• Increasingly dispersed workforce means there’s more to lose
DISASTER PLANNING #12ntcdp Slide 10
Bring Your Own Device
• “Consumerization” not a new phenomenon in the nonprofit sector
• Pros and Cons to disaster planning– Extra access point for data and connectivity– Personal and work data gets commingled
• Liability and insurance• Best practice: keep less data locally
DISASTER PLANNING #12ntcdp Slide 11
Backup and the cloud
• Online backup ≠ Online storage– Backup: focus on automation, scheduling,
recovery
– Storage: focus on sharing between users and clients, syncing
DISASTER PLANNING #12ntcdp Slide 12
Backup and the cloud
DISASTER PLANNING #12ntcdp Slide 13
What about security?
• Cloud/online mitigates a different type of disaster risk
• Likely more secure than local, but the potential is always there
• Understand the risk and compliance needs before diving in
DISASTER PLANNING #12ntcdp Slide 14
What about security?
• Local backup: Encrypt as much as you can• Levels of encryption
• Program level file encryption
DISASTER PLANNING #12ntcdp Slide 15
What about security?
• Operating system drive encryption• BitLocker, TrueCrypt
• Full-disk encryption• Most relevant for data loss protection• Should not be at the cost of
recoverability• Don’t forget physical security!
DISASTER PLANNING #12ntcdp Slide 16
Documentation
• Hard copies of the “What”– Warranties and receipts for computers and peripherals – Passwords for encrypted data – Contact information for anyone who maintains your tech – Login information for local devices and online services– Contact information for web hosting and backup services– Software registration information, including keys– Insurance information– Leases
• Remember to update this info!
DISASTER PLANNING #12ntcdp Slide 17
Documentation
• Policies and the “How”– Your backup plan– Your restore plan– A phone tree that includes home and cell phone
numbers for all staff– Meeting locations in the event of a disaster
DISASTER PLANNING #12ntcdp Slide 18
The day has come..
Image: http://www.flickr.com/photos/schohariefd/
DISASTER PLANNING #12ntcdp Slide 19
Post-disaster communications
• For internal stakeholders:– Limit the points of contact– Communicate succinct and relevant information– Phased recovery if necessary– Scheduled updates– (Re)Defining normalcy
DISASTER PLANNING #12ntcdp Slide 20
Post-disaster communications
• For external stakeholders– Constituents: how will interruption of services
affect them? – If site outage, maintain your presence using social
media– Funders: will there be missed deadlines?– Supporters: how can they help?
DISASTER PLANNING #12ntcdp Slide 21
Disaster toolbox
• “Real” and “digital”• Documentation• Data backups• Startup disc• Duplicate keys (physical and digital)
DISASTER PLANNING #12ntcdp Slide 22
Planning exercise
• What have you done already? What needs work?
• Disasters encountered? Stories from the field?
• What’s the first thing you will do when you return?
DISASTER PLANNING #12ntcdp Slide 23
Questions?
kevin@techsoup.orgTwitter: tsg_kevin
DISASTER PLANNING #12ntcdp Slide 24
Evaluate This Session!Each entry is a chance to win an NTEN engraved iPad!
or Online at www.nten.org/ntc/eval
top related