Security for Small Business – Application Integrity

As part of an ongoing series, we’re taking a look at security for small business, the tools that are available, and the best practices that keep your business ahead of the curve.

Businesses of every size need to cope with the eventual loss or corruption of data or critical infrastructure. Networks age and fail. Computers (servers or personal machines) need to be replaced. Software updates introduce incompatibilities with older formats. Each of these are risks that impact the long-term viability of your business because they threaten the integrity of the application or platform upon which your business is built.

Application Integrity

Your customers need to be able to trust the data within your system. The sales and management teams need to be able to trust that same data. Without appropriate guarantees with respect to application integrity, it’s impossible for any of these stakeholders to trust the application or its data. If your business can’t maintain stakeholder trust, sustaining sales velocity becomes impossible.

Thankfully, there are at least two steps every business, large or small, can take to ensure the integrity of their application and its data. These two approaches apply both to any server hosting customer or sales data and any local machine (laptop or otherwise) that interacts with, analyzes, or mirrors that information.

The first step your business can take is to back up your data, preferably in an offsite location for redundancy should anything go wrong. The second step is to sit down and document a formal disaster recovery plan so, if the unthinkable does happen, your team is properly prepared to deal with it.

Offsite Backups

Having a backup of mission critical data is vital to preventing inevitable data loss. Ensuring this backup is in a separate physical location than the original data even more so.

It’s important to keep both your server and your primary machines backed up in case of emergency. A server could physically fail. A laptop can be destroyed or stolen. The building housing your physical infrastructure could catch fire. Any of these situations could easily result in the loss of application integrity and compromise customer data.

Ensuring that both the primary source of data and the backup aren’t lost at the same time can protect your business from any significant data loss.

Disaster Recovery Planning

Key to restoring application integrity in the event of a crash or outage is having a plan for recovering from any potential disaster. This isn’t to say you should plan for any potential disaster. Instead, you have a generic “disaster recovery plan” to help overcome the challenges related with correcting issues that might arise during an issue.

Who is the first point of contact when a server crashes? What is the process for reporting a lost, stolen, or damaged laptop? How long will it take to restore service to customers when something goes wrong with your application, service, or platform?

The US Department of Homeland Security provides detailed advice for developing a disaster recovery plan on their Ready.gov site. They recommend planning for the loss of:

  • The server environment itself
  • Hardware, both a hosted server and locally-available laptops
  • Network connectivity
  • Software used to power the business
  • The data upon which the business runs

These risks look different for larger enterprises than they do for small business, but each still has a potential impact that can be protected against. What happens if the website goes down? If the CEO loses her laptop? When a contractor accidentally cuts the physical cables providing Internet access to the building? If a critical software vendor goes out of business?

The answers to each of these questions will vary from one organization to the next. Having a bulletproof plan for coping isn’t requisite for ensuring application integrity so long as the team has a plan in some form.

One Thing Right Now …

Disaster planning and server backup can both take time to coordinate and set up. What takes little time, however, is ensuring your primary laptops (and desktops) are backed up.

Mac users can configure TimeMachine to easily back up one or more Apple-powered machines on the same network. Using a remote Time Capsule is added insurance against the worst possible disasters. A fire that destroys the office, for example, and any on premises backups will not touch the remote system.

Mac and Windows users can, alternatively, use managed tools like CrashPlan to back up automatically to other trusted hard drives, both local and over a VPN. A paid account can automatically back up to a cloud-hosted service at the same time. Business uses can further leverage CrashPlan for the entire off and any hosted servers through ancillary offerings from Code42, the parent company of CrashPlan.

The best step forward towards application integrity is making sure the data you need to do business is safe, secure, and restorable in the event of an emergency. The one thing you can do to begin moving in that direction is to back up the machines you use day-to-day to an offsite system.

Top image credit: Larry Krause, Creative Commons

Series Navigation<< Security for Small Business – Regulatory ComplianceSecurity for Small Business – Secure Architecture >>