[BreachExchange] 6 Tips for Managing Data Before an Emergency Strikes

Destry Winant destry at riskbasedsecurity.com
Thu Oct 18 23:19:45 EDT 2018


Think about planning for a natural disaster emergency that might
affect your home. You'd likely store some water, flashlights, food,
blankets and other essentials. The key element of your planning would
be proactivity. You'd do all of the work before an emergency occurred,
not during the actual crisis. If your supplies were used up after the
emergency passed, then you quickly would restock before the next
flood, fire, landslide, hurricane or lightning strike.

Protecting data requires a similar approach: putting in place as many
safeguards as you can before anything bad happens.

Natural or man-made disasters are a significant risk to data,
especially when they strike companies that are ill-prepared. When a
company is data-centric (most 21st Century businesses are), then
complete data loss often destroys the entire business.

So, whether it's a burst pipe that floods the server room or a fire
that decimates an entire office building, companies have to protect
their information. Thankfully, by taking some proactive steps and
embracing the right technology tools, companies can lessen the risks
posed by emergencies to a great extent.

Following are six tips for managing data proactively against disasters.

1. Create a Formal Plan

Many firms complete disaster management and recovery plans that detail
evacuation routes, communications procedures and other details. These
are vital, as the safety of people is of paramount importance. Another
part of such plans should be how data is managed and protected during

Crafting a written plan forces you to consider any flaws in your data
management and makes everyone accountable. Perhaps you operate a
server room in an office that's prone to flooding, or you're ignoring
strong password procedures. A written plan brings such flaws to light.

The plan needs to account for the type and severity of an emergency.
For example, if a hurricane is two days out, then what steps should
the firm take to prepare? Perhaps sensitive data should be wiped from
the servers and moved offsite? Does the plan account for the most
likely types of disasters given the geographic location?

Assign specific tasks to each member of the team as part of the plan.
Every staff member should understand that data is an asset, and that
it must be managed proactively before an emergency strikes. Of course,
you should create a data plan as part of a broader disaster response
plan that first ensures personal safety. Never place people in a spot
where they try to save data when instead they should be exiting the
building or taking some other action. Simply reinforce the need for
proactive planning.

2. Organize the Data

Think of your data as a tangible asset, similar to the actual office
building, machinery, computers, and all of the other "things" in the
office. With this mindset, you can spot all of the data sources
effectively, and then work to organize them into a centralized

Perhaps your remote sales team has some video and photo files from a
conference that are stored on a digital camera. That graphic designer
consultant you hired might keep your new logo files on a personal
laptop, instead of your servers. You can protect only what you can
find, so perform a collection and organization phase to keep your data

Perform an accounting of your files, and organize them in a way that
makes sense, likely on cloud services. Organization removes data loose
ends that can be impacted or overlooked during or after an emergency.

Remember that you don't have to keep everything, unless there's a
regulatory or compliance reason to hold the information. Cutting some
unneeded data can reduce your information footprint and leave you less
exposed to problems. Collecting the data also can improve your
company's ability to perform analytics, and perhaps relate two
previously unrelated data sets for new observations.

3. Document Your Network

If you still operate an on-site network, then you have to understand
its architecture intimately. Create network maps with labels on all
the components so you can recreate the network if needed at an
alternate location. Use a simple and clear naming convention and then
share the network map with the group via email, and store the map in
the cloud.

If you operate in a flood zone and your network equipment is in the
basement or on the ground floor, then work with the building manager
to have a temporary equipment location to keep your data safe. Part of
the plan should include designated team members that will move the
equipment, details on who makes the final move-or-stay decisions, and
a priority list so staff will move the most valuable equipment and
data first. Conducting a network map and inventory also can be useful
for insurance purposes.

4. Test Your Plan

You cannot simulate an actual hurricane or lightning strike, but you
can test your plan under simulated conditions. Doing a test is a way
to see if staff members know how to follow the right procedures and if
your backups are easily accessible.

Did your team gain access to cloud backups quickly during the test?
Did everyone understand their specific role? Testing should answer
these types of questions. Any deviations from the plan warrant some
retraining and review of the plan in case conditions or best practices
have changed.

Perhaps the testing shows flaws in the team's security and password
procedures, or exposes the need for expanded cloud storage to include
all of the firm's data. Talk to your entire team after the testing to
see if parts of the plan are confusing or contradictory. The plan
might need a rewrite with plainer language to avoid any
miscommunications. Recognize the technical aptitude of everyone
reading and following the plan, and adjust the language and procedures

Testing a plan is also a prime opportunity to see if your business
adheres to regulations such as fire codes or various data management
rules. You might uncover gaps in your procedures during the testing
phase which you can fix before your next audit.

5. Protect Your Hardware

While it's a best practice to move most of your data to the cloud,
businesses still utilize devices for content creation and data
storage. Protecting these devices can save your data and reduce your
capital costs. For flood protection, electronics should be elevated
off the floor and all cords unplugged. If time permits, you can store
devices in waterproof containers. Run diagnostics on your power
supplies to check for overheating that can spark fires.

To prevent fires, you can keep electronics free from dust, check worn
cords, and maintain monitored temperature and humidity levels. If you
operate an on-premises server room, then you need a fire suppression
and detection system with "clean agent" technology that uses special
chemicals to stop fires without utilizing damaging water. Server room
fires often start because of overheating, so ensure your room's
cooling system is functioning optimally.

Thunderstorms bring the risk of power surges that can wipe out hard
drives and fry electronics. Use approved surge protector devices that
are rated properly for your specific hardware. Unplugging devices is a
low-tech way to remove them from power-related risks, especially when
they're also stored in waterproof containers.

6. Embrace the Cloud

The modern business needs instant connectivity to data. The cloud
provides this connection and is ideally suited for data management
during emergencies. Choose a major cloud provider such as Google or
AWS and back up all of your data with automated tools so you don't
expose any information to loss. Consider using more than one cloud
provider for extra protection, especially for the most sensitive or
important information.

Your data management plan also should be a cloud-based document so
it's easy to access after an emergency by staff members who might need
to work remotely for days or weeks.

Having access to the cloud is only useful in an emergency if you're
continuously moving data to cloud storage. Put in place automation to
move files to the cloud on a schedule. Also consider moving staff away
from traditional offline software platforms and utilizing
online-created formats to remove the risks posed by data-destroying

The cloud effectively removes your data from localized events such as
hurricanes or earthquakes. It also allows your staff to work remotely
for extended periods after a disaster strikes, so your business can
remain viable and survive. The plan should detail what staff are
expected to do in terms of reconnecting to the network and their
workflows -- assuming, of course, that the disaster did not impact
their homes and families directly.

Don't Wait for Warnings

Accidents and emergencies happen. A fire can break out within another
company's offices because someone plugged in too many Christmas
lights. Or the city might have neglected the water infrastructure,
causing a pipe to burst and flood the entire building.

These types of emergencies come without any advance warning, but
they're still manageable with advance planning. The key for IT
managers and facilities operators is to proactively plan for
disasters. Expect the worst outcomes, build in redundancies and
safeguards, and then you and your data will likely emerge unscathed.

More information about the BreachExchange mailing list