November 2019
Welcome to my first blog on Preventative IT. I’ll cover other topics under this heading. Some of my future blogs shall include back ups, disaster recovery, power protection, redundancy, maintenance and more!
These days most businesses rely on information technology to conduct their business. In order to make the most of whats available we need to approach IT implementation from both a preventative and active perspective.
Why preventative? Well because without any thought given to preventative, your set up is likely to be vulnerable from many different threats.
So here is a list of some common threats that enterprise and small business IT faces:
- data integrity
- data corruption / loss
- power disruptions
- computer failure
- network failure
- malware / ransomeware attack
- data authorisation
Data integrity – is about ensuring that the data that’s saved is properly done taking into account version control. This becomes an issue when you have multiple users working on the same document especially on a cloud based or network system. Whats the
best way to control this to ensure that the latest version is the one saved and not being
overwritten by someone’s earlier version?
Data corruption / loss – there are many ways data can be corrupted or even loss. Some of these may be from user accidentally wiping/moving/erasing data, device powered off
prematurely, operating system corruption which causes loss of user data, hardware failure and more!
Power disruptions – is basically another way in which data can be put at risk. This can come through an unexpected surge in the mains power, a brown out or worse still a black out.
Computer failure – can be due to a number of sub-systems not working properly. This can be screen failure, power failure, system board issue, video card not working, hard drive not working, memory faulty, CMOS/UEFI corruption, power off/on button not working.
Network failure – can be anything from a switch not working, adsl/vdsl router/modem fault, to network cable break, network connector fault, wireless interference, and more! The impact can be reduced or no access to network resources to internet down issue.
Malware/ ransomware attack - all too prevalent and widely covered in the media. This is a real world threat that can strike any computers at any time without proper training/awareness policies and software in place.
Data authorisation – covers who has access to what data and is based on roles of people that need access to what in your organisation. Without proper controls in place sensitive data can fall into the wrong hands and this would have consequences. Also covers the situation where you give access to outsiders to access your computers.
So with these threats in mind, what should a given organisation do to ensure they are
protected? Without the right redundancies, policies, awareness, software and access controls in place, your network will soon be compromised.
First lets talk about data. Did you know that data in many organisations is its lifeblood?
You can replace the hardware/software and even the network infrastructure but replacing lost data can be practically impossible without data back ups. Without access to that data, a company can become crippled very rapidly, lose its reputation, and threaten its existence. Indeed there have been cases where companies that had not done enough to safeguard their data and consequently went out of business after a disaster struck.
There need to be safeguards in place to protect data integrity, data security and data redundancy. By integrity I mean ensuring that only authorised people have access to the data, the data is updated properly (version control). Security is who has access to what data. Finally redundancy is also known as data back ups. I cover data back ups in three blogs later on. The issue of why, what, how and where are all covered in my future blogs on back ups.
Power disruptions can happen to any computer network at any time. The key is to be well prepared and ensure your set up has sufficient protection from the threats. A simple mains surge can cause enough damage to render equipment non functional. This can range from minor annoyance to a disaster! So it pays to pay attention to protect your network from power disruptions. I cover this in some detail on a future blog. The types of disruptions, how to protect, and what to protect are covered in this blog.
Computer failure – can be a result of one or more subsystems in your computer which causes the issue. It can be from the operating system, a faulty device driver to the power supply, the memory, system board issue, CPU, video, hard drive, CMOS/UEFI and more!
So for this reason it makes sense that you don’t rely on just one computer to run your business. Think about it. If the worst should happen to your computer. It usually happens at the worst possible time. Yes you can rush up to your local computer store and buy a replacement computer within a few hours. But then what about being able to access your data? And I mean your work, your emails, portfolio, projects and more.
Just to install and set up a new computer with productivity software can be expected to take 4 to 8 hours, sometimes longer. This doesn’t even include the transfer of any existing data! So realistically you can expect to be “out of action” for a whole day or more. Perhaps much longer if what you really need is not in stock at the store.
Network failure can encompass a variety of devices going down for various reasons.
Some examples are server/NAS, switch, modem/router, cable or connectors. I talk about this vulnerability in detail in a future blog. Suffice to say that you might want to consider implementing some sort of protection against network vulnerabilities. Internet access issue is related to network failure. For example a failed switch can impact your network’s access to network resources (such as shared folders, printers) and perhaps internet access.
Malware/Ransomware attack – as this is a specialised threat I cover this topic on two separate blogs in the future. A good way to prevent this type of attack is knowing how malware can spread, having good regular data back ups and using reliable anti malware software.
Comments