21 Ways to Bullet Proof your IT infrastructure

January 23, 2008

bullet proof

If backups is about making sure your company data is safe, then building IT redundancy is making sure you have the infrastructure to read that information back. So how can you increase the resilience of your business infrastructure?

Increasing sales, number of clients and profit margins are top priorities for businesses. Building redundancy and fall over systems for the business are probably bottom of the pile. Why, simple because investing in such backup systems doesn’t increase sales, clients or profits. But, if your business does suffer a major disaster, then these redundancy systems have everything to do with profit margins.

image 1. Network and Desktop Protection – I think most people realise they need an anti-virus solution to guard against viruses, a firewall to protect their business network from the outside world. However, without sounding like an insurance sales man, sometimes this is not enough protection. On the desktop front, you need to consider malware, root kits, Trojans along with viruses. Many of the latest anti-viruses solutions guard against all these things. Depending on the size of your company, you might also consider additional protection for your network. This could include dedicated firewalls, internal firewalls, Intrusion Detection Systems (IDS), Spam, Malware and virus filters etc.

2. External Backup Email Address – Make sure you have a backup email address that can be used, should your primary address not be available. I would suggest a free email account from someone like Google or Yahoo. Make sure you check the account every so often, else it could be deactivated if it lies dormant for too long. Google Gmail can easily integrate into existing email clients such as Thunderbird or Outlook. You can also download the desktop notification program.

image 3. Online Backup Solution – Backup solutions can be a real pain in the backside. If you have tape solution, you probably need to change the tape on a daily basis and store the tapes in a different location for protection against fire. An online backup solution means your business data is stored offsite in a secure environment. Changes in your business data are automatically encrypted and transferred over the internet to secure location. I would recommend that businesses should have a local backup solution for full quick system recovery and an online backup to protect against complete loss of business premises.

4. Temporary Premises – What would you do tomorrow if you lost your office or factory space? This could be due to fire, flood, maintenance or temporary access to the internet. It maybe worth looking at what office space is available to rent at a moments notice in your area. You could consider a two way agreement with a neighbouring business for office space, or maybe just you’re local Starbucks for internet access!

5. Physical Security – One factor that is often over looked when it comes to protecting your IT infrastructure is physical security. Gaining access to your network, servers and backup tapes is often easily achieved by physically walking into a business premises. Think about quality locks, keypads, swipe cards, visitor badges, safes etc can restrict access to sensitive areas of your business.

I once did a weeks professional training course on hacking (very interesting) by ex-MoD expert, the last day he show us how easy it was to pick and spring padlocks, so make sure you buy quality locks that require the key to engage the lock.

image

6. User Logon Profiles – Once your staffing levels reach around seven or more, your business could benefit from having a client-server environment. Typically, this will involve a server which authenticates user login details, desktop settings, user files and application settings. This means a user will be able to log in to any computer within the business and have access to their desktop. So next time a computer breaks down you can simply login to a spare machine.

7. File Synchronisation – If you run a business with a server that hosts your company files and documents, you should consider enabling offline file synchronisation. This means if your server or network is unavailable you can continue accessing your personal documents. Once the issue has been fixed, changes to your documents are synchronised back to the server. This is also handy for laptop users who are out and about on the road.

8. Make use of Redundant Hardware – Instead of throwing out that old machine why not install Linux operating system which requires a lot less memory, disk space and processing power compared to a Windows system. What’s more, Linux is free and has a wide range of freely available software you can use. For example your machine could run an as:-

– Intranet or CRM server
– Email Server
– Backup storage
– Network Monitoring System
– Snort (IDS)
– Additional Spam protection
– Firewall (SmoothFirewall)
– Internet access for the staff canteen or warehouse
– Public information point, coupled with a trendy flat screen!
– DNS, Proxy or DHCP server

9. Refreshing Hardware and Software – As the business grows, you should set aside money to replace existing hardware and software. You don’t want to upset the apple cart, but at the same time you don’t want the company to stay stuck in the dark ages. Refreshing parts of your IT infrastructure from time to time will not only give your workforce the best tools, but often additional redundancy features. As mentioned in tip 8, make use of redundant hardware and software as fall over systems to your new equipment.

image 10. Backup Internet Connection – This suggestion all depends on how much your business is dependent on internet access. Consider how much it costs your business per hour without an internet connection. If you are talking in the hundreds then it might be worth considering a backup internet connection. If possible choose an ISP that uses a different technology other than your primary supplier. For example, ADSL internet that uses a standard phone line and a backup connection that uses a cable modem from a cable provider. If you purchase the correct network equipment, you could utilise both connections for increase speed and bandwidth. You could also consider a two-way agreement with a neighbouring business to use their internet connection should yours be unavailable.

11. Knowledge Base System – There are many ways that your business can introduce systems to harvest the knowledge of your staff. This might be a company Wiki, Social Bookmarking, helpdesk or Customer Relationship Manager. Implementing such systems will not only have a positive affect, but also protect against loss of information when staff move on.

12. Software Drivers, Applications, Network Settings and Serial Keys – It is easy to think that once the business data is safely backed up, that the company is protected. However, if the business can’t rebuild the business platform (IT infrastructure) quickly, the company data starts to lose its value. Make sure you have access to driver disks (CDs), application software, router settings, application serial keys etc

13. Software Updates – Make sure you software is kept up-to-date with the latest security patches. This can include applications, operating systems, network devices and servers. A word of warning, sometimes updates can cause a few problems. So be careful when it comes to updating critical systems such as servers and network devices. Its why you need tip number 14!

image 14. IT Support Company – You might be or have a computer guru within your business and have no need for a day-to-day support from an IT company. Although what happens when the computer guru is off or leaves? You never know when disaster strikes and you end up over your head with IT problems. You panic and ringing the first IT support company you come across. Instead, shop around, talk about your current IT setup. Ask if they would be available to help should you land in hot water.

15. IT policy – Make sure your staff are aware and understand how they should use the IT infrastructure correctly. Although you might think it does not need spelling out. Having a company IT policy written down on paper and signed by staff will not only act as a preventative measure, but also keep you protected should you need to let a member of staff go.

16. Fire proof safe – We briefly mentioned this one before, but its worth considering a fireproof safe to secure backup’s, software and serial keys etc. Even if you can’t afford a fireproof safe, regular safe is better than nothing.

image 17. UPS and Surge Protection – Uninterrupted power supply (UPS) allows you protect your computer systems from power cuts. This is a absolute must for any servers in your business. Even if the power cut lasts longer that 20 minutes, the UPS will gracefully shutdown the computer.

18. Hardware Supplier – Another reason to have a relationship with a local computer support company. Typically, they can arrange the correct equipment to be ordered cheaper and quicker that businesses that don’t purchase hardware on a regular basis. More than likely, they will have spare equipment they can lend you.

19. Backup Backup Backup and Test – You can make sure all your bases are covered, but if you don’t have access to your company data, it can all be a complete waste of time. So make sure you have a backup solution or two! Also, unless you test your backup solutions, you can’t say with a 100% certainly that you’re covered.

20. Disaster Recovery Document – Have your IT support company produce a comprehensive imageand professional Disaster Recovery Document. Generally, the report should cover things like IT settings, a recovery plan and suggestions to increase protection. Make sure you have copy available outside the office, which is held securely, remember this is the keys to your business!

21. Come back stronger – If disaster does strike, before you start the recovery process it might be worth taking a step back and thinking how you would do things differently.

What measures do you take to protect your IT infrastructure?

I’m expecting 5 or more from our good friend, Jason!





Backup Tools – Mirror Backups and Microsoft SyncToy

October 15, 2007

hard drive head mirrored

One of the best ways to backup your documents and files is to perform a mirror backup. As I have mentioned before in 20 Pointers for planning your backup strategy. The simplest backup strategy can often be the most effective one.

A Mirror backup simply consists taking a complete copy of documents and files and storing them in alternative location. Unlike a traditional backup, the files are not compressed or encrypted. Restoring the backup is either a simple process copying files back or pointing users to the mirrored location. Mirror backups are a great addition to your primary backup solution and effective way to restoring files quickly.

Windows Copying Issues

To perform a Mirror backup you can simply copy files and directories yourself to backup location. You can automate the process by writing a batch file and schedule the task using Windows Scheduler. Although, Windows has a couple of issues when it comes to copying large amounts of files. Often Windows will halt the copy process if it encounters an error with just one file. Another bug bear is when a the process stops to ask the user if they would like to over write existing files. This is fine when copying small amounts of data, but a real pain when you leave Windows to copying large amounts of data that may take a number of hours.

How to use Microsoft SyncToy

Thankfully, Microsoft have produced a free tool called SyncToy, which can over come Windows downfalls. SyncToy allows you to perform a number of file copying operations:-

  • Synchronize: New and updated files are copied both ways. Renames and deletes on either side are repeated on the other.
  • Echo: New and updated files are copied left to right. Renames and deletes on the left are repeated on the right.
  • Subscribe: Updated files on the right are copied to the left if the file name already exists on the left.
  • Contribute: New and updated files are copied left to right. Renames on the left are repeated on the right. No deletions
  • Combine: New and updated files are copied both ways. Nothing happens to renamed and deleted files.In this example, we are going to create a solution that would allow a user to automatically backup files to a location over the network simply by running a shortcut on the desktop.
    1. Download and install SyncToy
    2. SynToy - First Screen
      Run SyncToy and click on Create New Folder Pair
    3. SyncToy -Create New Pair
      The Left Folder is where the originally data is held, the documents and files you wish to backup. Browse to the top level directory that contains these files and click on Next.
    4. SynToy - Right Folder
      The Right Folder is where you would like the data backed up to. This can be a mapped network drives, UNC path (\\server\folder\) or simply a local location on the same machine.
    5. SyncToy - Type of copy
      Next the tricky part, deciding on how SyncToy should copy the data. We are going to choose Echo, which is basically a one way. This saves on time and bandwidth by only copying new and updated files. Click on Next.
    6. SyncToy - Backup name
      Give your backup job a name and click on Finish.
    7. SyncToy - Advance Opitions
      Next your presented with an overview of your backup job. Click on Change Options…
    8. synctoy - file options
      Files to include – By default SyncToy will copy all files, you can change this to only select certain types of files. For example if you only wanted music files you might have *.mp3;*.wma;*.mp4;
      Check file contents – You might want SyncToy to check the contents of the file rather than relying file size and date attributes.
      Active for run all – SyncToy can have a number of backup jobs which can be run as a set. Un-ticking this means that this backup job won’t be included in a batch run.
      Save overwritten files in the Recycle Bin – Any files that are overwritten are saved in the recycled bin.
      synctoy - file selection
      You can choose which individual sub folders are included in backup job by clicking on Select subfolders.
    9. SnycToy - Preview run
      When your finished with additional options, click on ok and return to the overview screen. Next click on Preview button and SyncToy will give overview of what will happen when the backup job actually runs. If your happy with the results, click on Run and the backup job will run for real this time. That’s it!
      SyncToy - Running

    Automated the Process

  • As this backup job is going to be run by the user, we want to make the process as simple as possible. SyncToy has nice feature that allows it to run in batch mode by using -R switch. Open notepad and add the follow line “C:\Documents and Settings\<your username>\Local Settings\Application Data\SyncToy\SyncToy.exe” -R.

    notepad synctoy batch file

    You might need to double check the location of the SyncToy.exe as this varies depending on the version of Windows. Save the file with a .bat extension to the desktop. Now the user can simply double click on the batch file and SyncToy will complete backup jobs that have been defined.

    image

    Alternatively you can have Windows Task Schedule (Found in the control panel) run the batch so the whole process becomes automated.

    Author: Support @ 8:00 am