Ensure your DR plan is ready to fly when needed

Disaster Recovery (DR), the act of ensuring that your systems and departments are ready for a disaster and that your IT systems can recover from it, is an important issue for all companies. While large companies with operations in more than one country can often bounce back quickly, small to medium businesses in the disaster area might have a tougher time, Ensuring a DR plan is reliable is necessary for small to medium sized businesses.

Here are four ways to ensure your DR plan is sufficient and company is disaster-ready.

Are your systems compliant?
Many DR systems are licensed, and it’s important to ensure that these licences are both up-to-date and supported by all necessary backup systems. If you’ve added or changed components like a server or software, but not upgraded the relevant licenses, chances are your systems won’t be covered when disaster strikes. If this is the case, when you go to retrieve the backup, you’ll just get a license error; your data can’t be retrieved.

Another issue with DR software is that it’s often not used, lying dormant for years. You should regularly check and ensure the software meets modern compliance standards, is up-to-date and licenses have not expired. You should also be aware of how the software you use integrates and interacts with the DR software. For example, an upgrade to a new email server, may not communicate well with your DR software.

What’s the status of your backup server?
As most DR plans usually involve a separate server from day-to-day servers, it’s important to ensure that they are functioning properly, usually by having the vendor test them. It’s also equally important to communicate with the vendors or manufacturers of the servers to ensure that the correct software/hardware licenses are in place and cover the function. If they aren’t, you could risk legal action or being fined.

Test regularly
Regular tests are an integral part of a properly functioning DR plan. You need to conduct tests on at least a yearly basis to ensure all systems involved in the DR plan function well. From these tests, observe any function that performed poorly, or not at all, and take steps to fix or replace it.

Work with a knowledgeable partner
DR plans and systems can be a complicated, almost messy aspect of business. While this may be, DR is crucial to the survival of a business after a disaster, and shouldn’t be treated lightly. To get it right liaise with DR experts to create and maintain a plan that meets your needs.

If you would like help with either implementing or improving your DR plan, please contact us, we may have a solution for you.

Published with permission from TechAdvisory.org. Source.

Mobile security battle, which OS is #1?

Smartphones are one of the most important devices of the past decade.Their popularity has allowed billions to go online without a computer, while simultaneously providing managers and employees a tool to help them stay productive while away from the office. If you are in the market for a new phone, you should be sure to compare the security of the different devices.

Here’s a comparison of the security of the four most popular mobile platforms: iOS, Android, Windows Phone, BlackBerry.

Encryption
The ability to encrypt your phone (make the data unreadable without a key) is an important feature if you use your phone to view or store private or secure documents. Users of Android 4.0/4.1 and iOS can encrypt their device using a password. Users of Windows phone 7/7.5 have basic encryption built into the device, however, it doesn’t meet the encryption requirements of many organizations. On-device encryption will be introduced in Windows Phone 8.

BlackBerry users can encrypt their phones manually, or if they are part of a business network, the administrator of that network can set encryption on all devices. Mobile OSs, minus Windows Phone 7, and Android 2.X and earlier, have strong enough encryption to meet the needs of the majority of organizations.

While your devices can be encrypted, you should be aware that the encryption is done when the phone shuts off and powers on. If you constantly leave your device on, encryption is less effective.

Remote wipe
The ability to remotely wipe a device in case of loss is a must for many professionals. Users of BlackBerry, iOS and Windows Phone have built-in options to remotely wipe their phones through a cloud service. BlackBerry uses BlackBerry Protect, iOS uses a feature of iCloud called Find my iPhone and Windows Phone uses the Windows Phone website. Android is a bit different in that the OS doesn’t have a built-in remote wipe option, but there are apps available. With all of these systems, you log in to a website and can either lock or wipe the phone.

You should be aware that remote wipe is a last resort solution, you will loose all of your data and information. If it’s not backed up, there is no way to get it back.

Password
All devices have options to set a password or passcode to unlock the phone after it has gone to sleep. You can also set how robust the password protection is, or which form of pass protection you use to access your phone. In truth, there are more passcode options on mobile devices than most desktop environments.

Some systems have a few extra options, like the ability to trace a pattern code or using your face to unlock the phone. The stock setting of sliding to unlock should not be used by any user. At the very least you should have a four digit numerical pin to unlock your phone. If you don’t have a password on your phone, features like encryption and remote wipe are more or less useless, as your data can be easily accessed anyway.

Apps
Most security threats to mobile devices don’t come from losing your device, rather they come from apps. All mobile OSs have a place where users can download apps for their phones. Some of these are more secure than others. As BlackBerry is largely business oriented, the apps on the store are too and must meet a certain level of security before they’re posted on the store.

iOS apps are only available to download from the App Store, as part of iTunes. This allows Apple to be stringent with their rules; apps on the App Store must meet Apple’s requirements or they won’t be allowed to be sold on the store.

Windows Phone follows a process similar to Apple’s and BlackBerry’s. The developer submits their app for review, Microsoft tests the app and then either puts it on to the store, or rejects it. With the lower number of users, fewer malicious apps make it onto the store.

Android follows a more laissez faire process. Almost every app is allowed onto the Google Play store, which in turn has turned Android into a bit of a hacker’s delight. Google does monitor apps, and has started to remove malicious apps, but there are still more of these on Google Play than other app stores. That being said, the store is a lot more secure than it was even a year ago.

While OS developers tout the security and safety of apps on their app stores, each has had malicious apps make their way onto the stores. The ideal thing to do is to restrict what apps can be downloaded onto company phones by having an approved app list.

Email security
The security of email, the most common form of business communication on mobile devices is an important issue to be aware of. All mobile platforms support encryption used by the major email providers. If your company uses Microsoft Exchange or a similar server, any encryption applied at the server level is supported on the mobile level. Personal services like Google automatically encrypt email.

Device management
If you have implemented a Bring Your Own Device policy (BYOD), or issue mobile devices to employees, you need to be able to manage these devices. BlackBerry devices can all be managed by an administrator with apps, updates and security issues pushed to the phones by the administrator. At this time, the other systems support remote management, however, device management has to be done through third party solutions.

Each mobile system has pros and cons when it comes to security of related devices, and each new version brings with it better security. In truth, the devices themselves are fairly secure. To ensure a secure mobile device, multiple features and apps need to be utilized by both the user and, if necessary, the administrator/IT manager of your company. If you have questions regarding the security of your mobile device please contact us, we may have a solution for you.

Published with permission from TechAdvisory.org. Source.
Website Security Test