21 Ways to Bullet Proof your IT infrastructure

January 23, 2008

bullet proof

If backups is about making sure your company data is safe, then building IT redundancy is making sure you have the infrastructure to read that information back. So how can you increase the resilience of your business infrastructure?

Increasing sales, number of clients and profit margins are top priorities for businesses. Building redundancy and fall over systems for the business are probably bottom of the pile. Why, simple because investing in such backup systems doesn’t increase sales, clients or profits. But, if your business does suffer a major disaster, then these redundancy systems have everything to do with profit margins.

image 1. Network and Desktop Protection – I think most people realise they need an anti-virus solution to guard against viruses, a firewall to protect their business network from the outside world. However, without sounding like an insurance sales man, sometimes this is not enough protection. On the desktop front, you need to consider malware, root kits, Trojans along with viruses. Many of the latest anti-viruses solutions guard against all these things. Depending on the size of your company, you might also consider additional protection for your network. This could include dedicated firewalls, internal firewalls, Intrusion Detection Systems (IDS), Spam, Malware and virus filters etc.

2. External Backup Email Address – Make sure you have a backup email address that can be used, should your primary address not be available. I would suggest a free email account from someone like Google or Yahoo. Make sure you check the account every so often, else it could be deactivated if it lies dormant for too long. Google Gmail can easily integrate into existing email clients such as Thunderbird or Outlook. You can also download the desktop notification program.

image 3. Online Backup Solution – Backup solutions can be a real pain in the backside. If you have tape solution, you probably need to change the tape on a daily basis and store the tapes in a different location for protection against fire. An online backup solution means your business data is stored offsite in a secure environment. Changes in your business data are automatically encrypted and transferred over the internet to secure location. I would recommend that businesses should have a local backup solution for full quick system recovery and an online backup to protect against complete loss of business premises.

4. Temporary Premises – What would you do tomorrow if you lost your office or factory space? This could be due to fire, flood, maintenance or temporary access to the internet. It maybe worth looking at what office space is available to rent at a moments notice in your area. You could consider a two way agreement with a neighbouring business for office space, or maybe just you’re local Starbucks for internet access!

5. Physical Security – One factor that is often over looked when it comes to protecting your IT infrastructure is physical security. Gaining access to your network, servers and backup tapes is often easily achieved by physically walking into a business premises. Think about quality locks, keypads, swipe cards, visitor badges, safes etc can restrict access to sensitive areas of your business.

I once did a weeks professional training course on hacking (very interesting) by ex-MoD expert, the last day he show us how easy it was to pick and spring padlocks, so make sure you buy quality locks that require the key to engage the lock.

image

6. User Logon Profiles – Once your staffing levels reach around seven or more, your business could benefit from having a client-server environment. Typically, this will involve a server which authenticates user login details, desktop settings, user files and application settings. This means a user will be able to log in to any computer within the business and have access to their desktop. So next time a computer breaks down you can simply login to a spare machine.

7. File Synchronisation – If you run a business with a server that hosts your company files and documents, you should consider enabling offline file synchronisation. This means if your server or network is unavailable you can continue accessing your personal documents. Once the issue has been fixed, changes to your documents are synchronised back to the server. This is also handy for laptop users who are out and about on the road.

8. Make use of Redundant Hardware – Instead of throwing out that old machine why not install Linux operating system which requires a lot less memory, disk space and processing power compared to a Windows system. What’s more, Linux is free and has a wide range of freely available software you can use. For example your machine could run an as:-

– Intranet or CRM server
– Email Server
– Backup storage
– Network Monitoring System
– Snort (IDS)
– Additional Spam protection
– Firewall (SmoothFirewall)
– Internet access for the staff canteen or warehouse
– Public information point, coupled with a trendy flat screen!
– DNS, Proxy or DHCP server

9. Refreshing Hardware and Software – As the business grows, you should set aside money to replace existing hardware and software. You don’t want to upset the apple cart, but at the same time you don’t want the company to stay stuck in the dark ages. Refreshing parts of your IT infrastructure from time to time will not only give your workforce the best tools, but often additional redundancy features. As mentioned in tip 8, make use of redundant hardware and software as fall over systems to your new equipment.

image 10. Backup Internet Connection – This suggestion all depends on how much your business is dependent on internet access. Consider how much it costs your business per hour without an internet connection. If you are talking in the hundreds then it might be worth considering a backup internet connection. If possible choose an ISP that uses a different technology other than your primary supplier. For example, ADSL internet that uses a standard phone line and a backup connection that uses a cable modem from a cable provider. If you purchase the correct network equipment, you could utilise both connections for increase speed and bandwidth. You could also consider a two-way agreement with a neighbouring business to use their internet connection should yours be unavailable.

11. Knowledge Base System – There are many ways that your business can introduce systems to harvest the knowledge of your staff. This might be a company Wiki, Social Bookmarking, helpdesk or Customer Relationship Manager. Implementing such systems will not only have a positive affect, but also protect against loss of information when staff move on.

12. Software Drivers, Applications, Network Settings and Serial Keys – It is easy to think that once the business data is safely backed up, that the company is protected. However, if the business can’t rebuild the business platform (IT infrastructure) quickly, the company data starts to lose its value. Make sure you have access to driver disks (CDs), application software, router settings, application serial keys etc

13. Software Updates – Make sure you software is kept up-to-date with the latest security patches. This can include applications, operating systems, network devices and servers. A word of warning, sometimes updates can cause a few problems. So be careful when it comes to updating critical systems such as servers and network devices. Its why you need tip number 14!

image 14. IT Support Company – You might be or have a computer guru within your business and have no need for a day-to-day support from an IT company. Although what happens when the computer guru is off or leaves? You never know when disaster strikes and you end up over your head with IT problems. You panic and ringing the first IT support company you come across. Instead, shop around, talk about your current IT setup. Ask if they would be available to help should you land in hot water.

15. IT policy – Make sure your staff are aware and understand how they should use the IT infrastructure correctly. Although you might think it does not need spelling out. Having a company IT policy written down on paper and signed by staff will not only act as a preventative measure, but also keep you protected should you need to let a member of staff go.

16. Fire proof safe – We briefly mentioned this one before, but its worth considering a fireproof safe to secure backup’s, software and serial keys etc. Even if you can’t afford a fireproof safe, regular safe is better than nothing.

image 17. UPS and Surge Protection – Uninterrupted power supply (UPS) allows you protect your computer systems from power cuts. This is a absolute must for any servers in your business. Even if the power cut lasts longer that 20 minutes, the UPS will gracefully shutdown the computer.

18. Hardware Supplier – Another reason to have a relationship with a local computer support company. Typically, they can arrange the correct equipment to be ordered cheaper and quicker that businesses that don’t purchase hardware on a regular basis. More than likely, they will have spare equipment they can lend you.

19. Backup Backup Backup and Test – You can make sure all your bases are covered, but if you don’t have access to your company data, it can all be a complete waste of time. So make sure you have a backup solution or two! Also, unless you test your backup solutions, you can’t say with a 100% certainly that you’re covered.

20. Disaster Recovery Document – Have your IT support company produce a comprehensive imageand professional Disaster Recovery Document. Generally, the report should cover things like IT settings, a recovery plan and suggestions to increase protection. Make sure you have copy available outside the office, which is held securely, remember this is the keys to your business!

21. Come back stronger – If disaster does strike, before you start the recovery process it might be worth taking a step back and thinking how you would do things differently.

What measures do you take to protect your IT infrastructure?

I’m expecting 5 or more from our good friend, Jason!