Disaster planning from TechSoup.org

Disaster Planning: What Organizations Need to Know to Protect Their Tech#12ntcdp

Kevin LoTechSoup Global

Evaluate This Session!Each entry is a chance to win an NTEN engraved iPad!

or Online at www.nten.org/ntc/eval

Agenda

• 3 takeaways• Main components

– Backup– Security– Documentation

• Your disaster toolbox• Planning discussion• Questions?

DISASTER PLANNING #12ntcdp Slide 3

http://www.techsoup.org/toolkits/disasterplan

Slide 4DISASTER PLANNING #12ntcdp

Key Takeaway

1. Before you have a disaster plan, you need a disaster mindset

Image: http://www.flickr.com/photos/vistavision/


Key Takeaway

2. Your plan may end up only 75% successful, but having no plan means 100% failure

Image: http://www.flickr.com/photos/copenhagen_toejeri/


Key Takeaway

3. It’s cheaper to backup your data 100 times than it is to lose it once

Data source: “Cost of Hard Drive Space” http://ns1758.ca/winch/winchest.html


“What have you got to lose?”

Slide 8DISASTER PLANNING #12ntcdp

flickr.com/jase_n_tonic(Creative Commons license)

It’s all about the data

• Your backup plan needs to cover:– What's being backed up – Where it's being backed up – How often backups will occur – Who's in charge of performing backups – Who's in charge of monitoring the success of these

backups

• Make sure it’s easy to reference and access


It’s all about the data

• Imagine a typical work-day by your key staff– Obvious: email, donor data, financials– Not-so-obvious: bookmarks, network data,

website passwords

• Increasingly dispersed workforce means there’s more to lose


Bring Your Own Device

• “Consumerization” not a new phenomenon in the nonprofit sector

• Pros and Cons to disaster planning– Extra access point for data and connectivity– Personal and work data gets commingled

• Liability and insurance• Best practice: keep less data locally


Backup and the cloud

• Online backup ≠ Online storage– Backup: focus on automation, scheduling,

recovery

– Storage: focus on sharing between users and clients, syncing


Backup and the cloud


What about security?

• Cloud/online mitigates a different type of disaster risk

• Likely more secure than local, but the potential is always there

• Understand the risk and compliance needs before diving in



• Local backup: Encrypt as much as you can• Levels of encryption

• Program level file encryption



• Operating system drive encryption• BitLocker, TrueCrypt

• Full-disk encryption• Most relevant for data loss protection• Should not be at the cost of

recoverability• Don’t forget physical security!


Documentation

• Hard copies of the “What”– Warranties and receipts for computers and peripherals – Passwords for encrypted data – Contact information for anyone who maintains your tech – Login information for local devices and online services– Contact information for web hosting and backup services– Software registration information, including keys– Insurance information– Leases

• Remember to update this info!


Documentation

• Policies and the “How”– Your backup plan– Your restore plan– A phone tree that includes home and cell phone

numbers for all staff– Meeting locations in the event of a disaster


The day has come..

Image: http://www.flickr.com/photos/schohariefd/


Post-disaster communications

• For internal stakeholders:– Limit the points of contact– Communicate succinct and relevant information– Phased recovery if necessary– Scheduled updates– (Re)Defining normalcy


Post-disaster communications

• For external stakeholders– Constituents: how will interruption of services

affect them? – If site outage, maintain your presence using social

media– Funders: will there be missed deadlines?– Supporters: how can they help?


Disaster toolbox

• “Real” and “digital”• Documentation• Data backups• Startup disc• Duplicate keys (physical and digital)


Planning exercise

• What have you done already? What needs work?

• Disasters encountered? Stories from the field?

• What’s the first thing you will do when you return?


Questions?

[email protected]: tsg_kevin


Evaluate This Session!Each entry is a chance to win an NTEN engraved iPad!

or Online at www.nten.org/ntc/eval

Technology

Disaster planning from TechSoup.org