Data Protection & Recovery: Data Repositories (IT Assessment DIY Guide, Part 9)
This is part 9 of a series on IT Self-Assessment for small businesses. We’re providing information and guidelines for a simple IT check, giving you the ability to gain free insights into how your technology can serve your business better. Each post covers a critical area of technology.
Data Protection & Recovery: Data Repositories
Function & Value
Data repositories keep your critical business information centralized and secure. For most small businesses, the sole or primary repository is a file server. Other common data repositories are hosted file management systems, industry specific applications, and customer relationship management databases.
A centralized server makes files accessible and organized, and protects your business from loss due to employee turnover or computer failure.
A server is often one of the first IT purchases for a new business, but many are underutilized, insecure or improperly configured. This leads to continued exposure to risk, both internal and external. Here are the most common problems small businesses encounter with a file server and how to avoid them.
Common Problems
(1) Not owning or using a server, or a web based file management system. We’ve seen networked PCs with no server and servers sitting in the corner. A converted PC is a poor substitute for a real file server (see #4 below).
(2) Lack of storage policies. A file server is only useful if it is used. If a server contains documents from 2 years ago, but the huge proposal or job in progress is in My Documents on a PC somewhere, the server isn’t serving your business.
(3) No security restrictions on access. Your HR and financial files benefit from the security of a file server, but they shouldn’t be visible to every employee who can access the serve
(4) A single point of failure. A server should protect your data by storing multiple copies, along with daily backups. A server a single hard drive has a single point of failure. When that hard drive goes, everything could go with it.
Best Practices
(1) Use a real server. Enough said.
(2) Store everything on the server. Make sure your staff knows every document of value gets stored there. Every day. No exceptions. Alternatively, you can create profiles on your local server, with the My Documents on every machine actually storing to the server itself and not the local hard drive.
(3) Create root folders on the server for sensitive information, such as HR and accounting. Restrict access so only those with a need to know can view those folders.
(4) Use a RAID configuration on your server to ensure your data will not be lost. RAID enables a server to maintain mirror copies of your data on multiple hard drives.
Data Repositories Self-Assessment
Server in use:
How much of your data do you estimate is stored on the server?
Do you have storage policies in place?
Do My Documents folders store on the server?
Is any sensitive information visible to all of your staff?
Does your server have a RAID configuration?
Level of risk to your business based upon current server configuration:
High Medium Low
Issues to be addressed:
1.
2.
3.
