Help! Somebody Save Our Files!
No one comes to work expecting an IT crisis, but heart-stopping technical meltdowns or security breaches happen every day. How to handle and prevent the most common data disasters.
Ronald Kurniawan
Dustin Britt was working at his desk last Halloween when a huge explosion outside his window shook the building. The lights went out, and one of his co-workers screamed, "Oh, my God, I think we're going to die!"
But no one in the office was injured. The explosion had been caused by a car crashing into a telephone pole. Matchstic, the Atlanta design firm where Britt is a project manager, did lose power for more than a day. But it was prepared. Matchstic's computers either were laptops or had backup power supplies, which allowed them to be powered down without the loss of any work. And the company's servers are backed up once a day. Employees worked from home until power was restored, and a presentation had to be held in a nearby coffee shop, but otherwise the company was unaffected.
Other companies haven't been so lucky. No one comes to work expecting an IT crisis, but heart-stopping technical meltdowns happen every day -- important files get wiped out, or thieves get hold of sensitive data. And data disasters of all sorts hit especially hard at small and midsize companies, where file backups, data security, and sometimes even basic protections like antivirus software frequently get overlooked in the scramble to make payroll and meet project deadlines. We've put together a guide to help you handle and possibly prevent four of the most common IT catastrophes.
1. Laptop theft
Half of all organizations had a laptop or other mobile device stolen last year, according to a recent survey by the Computer Security Institute. And if the next stolen notebook belongs to your company, the replacement cost is the least of your worries. Most states have laws requiring businesses to tell customers when a laptop containing unencrypted sensitive data, such as Social Security numbers and credit card numbers, goes missing. Technology research firm Gartner estimates that each customer record lost costs a company from $150 to $250 in legal fees, notification costs, and other expenses. Plus, laptops often contain company intellectual property and other files that you wouldn't like bad guys leafing through.
How to respond: Your response depends on what you have done up front. For about $40 and up per laptop per year, services such as MyLaptopGPS and Absolute Software's Computrace LoJack for Laptops may be able to get the computer back. If you have installed one of these programs, the stolen machine will report its location to the authorities as soon as the thief connects to the Internet. Some services let you remotely wipe all data from the hard drive or will even covertly download files from the stolen laptop for you. If you don't have a tracing program, the best you can do is report the serial number to the police and the manufacturer and hope it winds up at a repair shop.
Preventive measures: In addition to installing tracing software, make sure to encrypt the hard drive. "If the data's encrypted, thieves can't use it, and you'll save yourself notice costs and bad public relations," says Randy Gainer, who deals with many privacy and security cases as a partner in Davis Wright Tremaine, a Seattle law firm. The enterprise edition of the Windows Vista operating system has an encryption feature, BitLocker, built in. Other encryption programs, such as PGP Whole Disk Encryption or Veridis' FileCrypt, can run about $50 to $120 per computer. Other tips: Record your laptops' serial numbers in a handy place. And advise employees to treat a laptop like a wallet. You wouldn't leave your wallet in the car, and you shouldn't leave your laptop there, either.
2. Hard drive failures
Shortness of breath, nausea, and intense feelings of dread. If you're experiencing these symptoms, you may be having a heart attack -- or you may be reacting to the death of your computer's hard drive. Sean Marx recently suffered through the latter. He's CEO and co-founder of Give Something Back, an Oakland, California, supplier of environmentally friendly office supplies. When he suddenly couldn't get his computer to turn on, he knew he was in trouble. Marx's computer holds very large spreadsheets that track the company's sales and accounting, and he is often the only person with up-to-date versions of those files. He hadn't backed up in six months, even though he knew better. "I very quickly had that sinking feeling," says Marx.
How to respond: If your IT team can't bring your computer back to life, the only option is to send the drive to a data recovery service, which can charge anywhere from several hundred to several thousand dollars to rescue your files. The services aren't always successful. In Marx's case, he spent $1,500 at a local data recovery shop, but almost all the files were corrupted. He was able to recover many files attached to e-mails that were archived on the company's server.
Preventive measures: Back up your hard drive often, and use online services such as Mozy, iBackup, or EVault, which charge monthly fees of about $10 and up per employee. That way, even if a fire or flood ravages your server room, the data will be fine. You could also swap your current hard drive for a system that uses two drives to store two sets of your data, otherwise known as a RAID. So if one of the hard drives were to fail, you would still have the other.
3. Virus outbreaks
"Your files are encrypted with RSA-1024 algorithm. To recovery your files you need to buy our decryptor." This is the error message, misspelling and all, created by a recent version of Gpcode.ak, a so-called blackmail Trojan horse. Gpcode.ak sneaks onto your computer, encrypts your files so you can't open them, and then demands a ransom for them. About eight years ago, in the heyday of virus outbreaks, malware writers seemed to compete for the most attention. Now, many virus writers have moved on to lower-profile -- and more profitable -- activities, like phishing, which tricks people into giving up their passwords, account numbers, and other personal data. Viruses remain one of the most common data problems, according to the Computer Security Institute.
