In our new series, we’re covering everything you need to know to create a disaster recovery plan. This first post dives into the obvious (and not-so-obvious) causes of IT disasters that so many businesses overlook when developing their plans.
Chances are, at some point, you will experience an IT disaster where data is lost or corrupted. The cause may be intended malice, user error, or an environmental factor, but no matter what, the end result will be the same: Critical company data may be gone for good.
Causes of IT disasters are around us at all times. Being aware of these potential causes can help you develop a disaster recovery plan and avoid losing time, money, and customers in case of disaster. Knowing the causes of IT disasters may also help you create a convincing case to management to get the backup technologies you need.
Here are five causes of IT disasters that businesses tend to overlook:
1. Hardware and equipment failure. Failure of a hard drive or drives in a server would be the most obvious example for hardware failure. But things like a failed hard drive controller can also cause corrupt data to be written to a fully functional drive.
2. Environmental catastrophes. IT disasters can be caused by major inclement weather events like flooding, but they can also be caused by equipment or structural failures in an office environment. While it may seem obvious that a water heater does not belong near a server, you may not be in control of what is in the office above the area where a server is located. A water leak in an adjacent area or wall can cause a flood condition, which in turn could destroy sensitive computer equipment.
3. Viruses and other infections. A virus can infect or delete critical data. But even worse and lesser known are ransomware, like the Cryptolocker virus. An infected machine that remains connected to the network will systematically encrypt all network files it has access to, rendering them useless. The worst part of infections like this is that the files appear to be intact if they are not opened, so it may take weeks or months to realize that the damage has occurred.
Having been involved in several Cryptolocker data recoveries, I can speak to the severity of these incidents. All files need to be reviewed to determine which are infected, and without a proper backup scheme, a large amount of data will be lost.
4. Malicious intent. The obvious perpetrator here is a hacker or external criminal attempt to gain access and cause damage. However, sometimes the damage can be caused by internal forces. Ill-intentioned employees can cause IT disasters. A disgruntled employee with the right level of access can easily delete large amounts of data very quickly. And unfortunately, you may not realize the extent of the damage done until after the employee is no longer with your company.
5. Human error or accidental data destruction. I refer to this situation as destruction because it is not necessarily deletion. An employee may delete a file by accident or may save a new version of a file over an existing one, without considering the ramifications of this change. Even worse, an employee may create a new file with the same name as an existing one and not heed the overwrite warning when saving. Safeguards are in place to prevent file overwrites, but they are fairly easy to unintentionally bypass. In my experience, most users do not carefully read dialog boxes. In fact, when presented with a dialog box during a document save function, most users will click anything just to make the box go away so they can shut down and leave for the day.
With all of these potential causes of IT disasters, it is easy to see how data is lost every day and why having a disaster recovery plan is critical to your business. But what do you need to create a disaster recovery plan? We’ll cover this topic in subsequent blog posts.
Have you experienced any of these causes of IT disasters? Did you have a disaster recovery plan in place or did you lose data? Share your experiences in the comments!