Think hard about how a system failure, misuse or data loss could affect your business. How would you cope? If you can’t afford to lose any data you must put a robust system in place, and if you can’t be 100% certain of doing it yourself, you should consider using a back-up company to do it for you.
Use proven equipment and software – there are plenty of well known brands to choose from – rather than opting for bespoke purchases.
Make sure you physically protect your equipment; use surge protectors or uninterruptible power supplies and ensure your premises are secure. Vandals and power cuts can do as much – or more – damage than hackers.
Establish security procedures (such as password control) and use anti-virus software and an internet firewall.
Assign responsibility for IT to one person and make sure they are well trained and have clear guidance on when to call in expert help.
Establish good training procedures for your IT system and be specific about what tasks must be referred to others. Make sure you have a clear procedure for reporting faults or problems.
Establish and implement an email and internet policy to regulate employees’ use of the internet and to minimise the risks of a virus entering your system. Make sure this policy is referred to in staff handbooks and contracts and get everyone to sign it to say they have read and understood it.
Only allow authorised, trained staff to install software and ban employees from installing unnecessary software.
Establish a safe installation and upgrade procedure, including backing up data, updating your anti-virus protection and running parallel systems while testing if necessary.
Be scrupulous about regular routine maintenance. Make sure cleaning equipment, running system utilities, archiving old files and testing system performance is thorough and at regular intervals.
Establish an effective daily back-up procedure, and store back-ups securely off site. If you have any doubts about your ability to maintain this system, use a back-up company, which, for a small fee will do it all for you. Regularly test your back-up procedure to ensure that you can restore data from your back-ups. If you use an outside company test this regularly as well.
Be methodical and keep clear records of system configuration, software versions and upgrades or patches; securely store copies of software and updates.
Plan for the worst case scenario and prepare contingency plans in case of disaster, including manual systems for maintaining key operations; consider insuring your system and data. You will want contact details for sources of help.