Yesterday I got this email message from a good friend of mine: Argh! I’m writing to you from my new computer. My old one crashed in a BIG way. The Geek Squad removed the hard drive, in an effort to retrieve the data and so far, no luck. They assume my old data (ALL my business documents, taxes, email address book, etc.) is most likely physically on the spinning platters…. However, they’ve been unable to access it.
[multiple expletives deleted]
Do you know of anyone locally in this sort of business?
(Yes, I know … I’ve read but not obeyed your mantra: back up, back up.)
Of course, I really feel sorry for my pal. Worse, I know that if my computer took a nosedive right this instant, I’d be out more than a day’s work. It generally takes a big wake-up call to get people to start backing up regularly.
For my pal with the crashed drive, I recommended Novato-based DriveSavers (www.drivesavers.com). I’ve used them twice with clients facing large problems. The first was a crashed Microsoft Exchange server (cost $1,700), and the second was a multi-disk RAID array (cost $19,000). In both cases, the businesses involved were making regular backups. However, those backups hadn’t been tested and, as a result, in both cases it was impossible to restore the system to a working state.
By the way, there are alternatives to DriveSavers, which is definitely the Lexus of drive recovery services. To find them, just Google “drive recovery services.” Unfortunately, I don’t have direct experience with any of them, so I can’t make a recommendation. In general, with business-critical data, I don’t price shop—and neither should you.
My friend’s plight is a cautionary tale with which we can all identify, mostly because all of us are just plain lousy at making regular backups. I strongly recommend the most automatic solution you can find and paying someone to set it up, teach you to operate it and periodically make sure it works properly.
If you have a high-speed Internet connection and modest backup requirements, one of the online services such as Mozy (www.mozy.com) or @Backup (www.atbackup.com) may meet your needs. I’m personally a fan of external hard drives with “one-touch” style backups (note: these just make a snapshot of your data). I also like the Mirra system, which installs some software on every machine on your network and backs them up centrally. Of course, I’m ignoring the possibility that the drive or Mirra is damaged or stolen.
The most important thing to do is back up all the data you’re creating or changing each day. The second most important thing is to move that backup somewhere else.
A business with excellent backup procedures will back up all of its desktops and servers to a central location, move that backup to tape (or other media) and then take that media off-site. If you have an LTO-3 tape system, you can back up 400 gigabytes of data to a single tape. You need enough tapes to back up your system each day for 30 days. Every day you take the tape set off-site or pay a company like Iron Mountain (www.ironmountain.com) to stop by your office and pick it up. With this process, you can recreate the state of the universe at any time in the past 30 days. This is called a monthly tape rotation.
With this process, you do three things on the first of every month. First, you take the tape you just backed up and restore it to verify your backup is working. (You might want to do this more often, but I find once a month is a reasonable compromise between never and so often you never actually do it.) Then, you put that tape away forever in a very safe place (e.g., Iron Mountain or your safe deposit box). Finally, you unwrap a brand-new tape and put it into the rotation.
Observant readers will note that most tapes get reused once a month. Don’t forget, tapes wear out over time, so periodically you’ll need to buy a whole new set of tapes (in addition to the 12 new ones you buy over the course of a year).
If you do all the things I’ve suggested (back up changed files to some secure, off-site storage facility on a regular basis and periodically check to make sure it all works as it should), you’ve taken a small step toward breathing more easily if your computer breaks, is stolen or a natural disaster occurs. In other words, you’ve completed one important part of a comprehensive disaster recovery plan.
There are lots of other things to worry about in disaster recovery planning, though, and it goes beyond just the safety of your data. What would you do if your office building was damaged or destroyed? Fire, flood and earthquake are all very real disaster scenarios here in the North Bay. If a disaster were to occur, you’d need to find a temporary operating location, acquire new computer hardware along with phone and Internet connectivity, recover your data from wherever it was stored and successfully restore it to your new systems. How long will that take? If you’re a doctor or lawyer with paper files, your problem may be even more severe (not even counting details like confidentiality and HIPAA). More important, who’s in charge during this tumult? How do you even get the process started?
Don’t laugh. I’ve been in situations where the only copy of the emergency notification list was on a computer that was damaged or lost. Ideally, you’ve identified several responsible parties and equipped them with a way to communicate if disaster strikes as well as copies of the information they’ll need.
No one likes to think about sudden disaster (just like most of us don’t like to think about the hard drive in our computer abruptly going “Urk!”). If you can’t bear to think about it, I strongly recommend hiring a professional. Your CPA or insurance advisor should be able to suggest some names, and professional organizations may be able to direct you to vendors aware of the specific needs of businesses like yours.
But remember, even if you farm out the work, you still have to understand the plan and take responsibility for making sure it will work when the time comes. I’d feel really good if this column gets even one business to seriously consider the issues addressed. Please let me know!
