Back to Basics: How to Write a Company Email Policy

Introduction

Every company needs an email policy.  This is to protect employees as well as the firm.

The purpose of an email policy is to set proper expectations with your employees.  What are the rules and guidelines regarding email and what happens if you ignore the rules?

The email policy should be written and reviewed with the employee at the time of employment.  A signature block is optional.

DISCLAIMER: I am not a lawyer, any legal policy you implement at your company should be reviewed and signed off by your legal team.  The following are merely guidelines and sample text to help you create your own email policy.

Typical Sections included in an Email Policy

  • Introduction
  • Email Ownership and Privacy
  • Email Usage Guidelines
  • Email Misuse and Abuse
  • Email Retention and Backup
  • Personal Use of email / Opinions / Personal Views
  • Security / Trade Secrets / Personal Information
  • Questions / Who to ask
  • Signature line and Date

Introduction

The introduction should state the purpose and reason for having and enforcing an email policy.  It should state the business purpose of email and explain the need for an email policy.

SAMPLE TEXT

[COMPANY] Email Policy [version or date]

Date

[COMPANY] provides email to all authorized employees. email is a business tool to help [COMPANY] employees serve our customers, communicate with vendors, streamline internal communications and reduce unnecessary paperwork. The email system is intended primarily for business purposes. This email policy outlines the acceptable use of business email for {COMPANY].

Email Ownership and Privacy

This section explains the Company owns the email and email systems.  The company can access email for ANY reason and the employee has NO expectation of privacy.  Email is a company owned tool (like your desk and PC) and the employer can access any email at any time for any reason.

Employees must realize email is not private.  If required, email access can be cut off and all email sent and received may be restricted for any reason.  This is very important in the case of harassment accusations.

SAMPLE TEXT

All communications and information transmitted, received, or archived in [COMPANY]’s computer system belong to the company. Management has the right to access and disclose all employee email messages transmitted or received via the organization’s computer system. [COMPANY] may exercise its legal right to monitor employees’ email activity. Regarding email, employees should have no expectation of privacy. Be aware management may access and monitor email at any time, for any reason, with or without prior notice.

Email Usage Guidelines

This section outlines the basic use and guidelines for company email.  It discusses email etiquette and stresses the business use of email.  It should remind employees to abide by all corporate standards including logos, signatures, and copyrights. You should warn about the use of CC and BCC and inadvertently sharing email addresses in a group email.  You should caution against using inappropriate language and tone and what to do if you receive an email that does not conform to these guidelines.  Employees should be told sending confidential or sensitive information over email is not secure.  They should never include user names, passwords or other client or personal information in an email.

SAMPLE TEXT

Exercise sound judgment and common sense when sending email messages. Client-related messages should be carefully guarded and protected, like any other written materials. You must also abide by copyright laws, ethics rules and other applicable laws. Exercise caution when sending blind carbon copies (BCC) and carbon copies (CC) to ensure you don’t violate addressees’ privacy by inadvertently sharing email address information.

Email usage must conform to [COMPANY]’s harassment and discrimination policies. Messages containing defamatory, obscene, menacing, threatening, offensive, harassing, or otherwise objectionable and/or inappropriate statements and/or messages that disclose personal information without authorization will not be tolerated. If you receive this type of prohibited, unsolicited message, do not forward it. Notify your supervisor, the HR department, and the Director of Information Technology about the message. Handle the message as instructed by management.

Email Misuse and Abuse

Email should not be used for frivolous purposes.  Company email should not be used to share jokes or other inappropriate or suggestive content (pornography).  Also, include a warning about sending firm-wide (ALL STAFF) email.  I have seen firm-wide email regarding after-hour parties/outings and lost and found items sent using ALL STAFF distribution lists.  This is not a good use of the company’s resources and should be avoided.

SAMPLE TEXT

E-mail messages should be treated as formal business documents, written in accordance with [COMPANY]’s correspondence guidelines. E-mail creates a permanent and documented communication and must not be treated casually.

Employees are prohibited from sending jokes, rumors, gossip, or unsubstantiated opinions via email. These communications, which often contain objectionable material, are easily misconstrued when communicated electronically. Employees should not waste [COMPANY]’s computer resources or colleagues’ time.

Send email messages and copies only to those with a legitimate need to read your message. Chain messages, jokes and large graphics should be deleted, not forwarded, as they can overload the system.

Employees are prohibited from sending firm-wide email messages to All Staff without prior authorization and this practice is limited to only necessary correspondence. In addition, employees are prohibited from requesting replies to firm-wide email without prior authorization. Sending firm-wide email is generally discouraged.

Misuse and/or abuse of [COMPANY]’s electronic assets (wasting productive time online, copying or downloading copyrighted materials, visiting inappropriate sites, sending inappropriate/abusive email messages, etc.) will result in disciplinary action, up to and including termination.

Please address any questions or concerns regarding firm-wide email to the Director of IT or the Director of HR.

Email retention and backup

Email should be retained according to the company’s Document Management guidelines and legal requirements.  Your policy should explain the difference between “record” email and “non-record” email, email that should be saved versus email that can be discarded. In this section, you can also explain the means and limits of email backup.  Depending on your legal requirements and the type of email, you need clear standards outlined for saving and deleting email.

Many companies deliberately delete non-record email.  When email is backed up, depending on your backup system, you may not have the ability to retrieve individual emails for each account.  Employees need to understand the limits of the email backup and retrieval and plan accordingly.

SAMPLE TEXT

All email messages (whether in electronic form or printed) with an ongoing legal, compliance, business, or project value (considered a “business record”) must be retained in accordance with the company’s records management policies and applicable retention schedules. Project related email, particularly critical project email, such as milestone progress reviews and approvals and scope changes must be filed using the [name of email archiving or filing software’s] filing system.

 (See the most recent Records Documentation Policy for further information)

 It is the responsibility of every email user to maintain email records. It is the responsibility of each user to retain email records (defined as any email having an ongoing legal, compliance, business, operational, project or historical value) like all other records in accordance with the company’s retention policies.

 Project electronic files are regularly backed up and retrievable. Email accounts are not typically permanently backed up or retrievable except in the case of disaster recovery. For this reason, it is essential all important project-related email is transferred to the network project folders on a regular basis using the [name of email filing software] program.

 To maximize the operating efficiency of the company’s email system and to minimize the storage costs associated with retaining large volumes of unnecessary email, every employee has a limited amount of email storage in their email account. Requests for additional space will be considered on a case-by-case basis.  Keep your email storage cleaned out and up to date. [describe the email storage limits if any]

 Email will be backed up daily for disaster recovery purposes only and will thereafter be retained for [X] months. The company is not able to restore individual email messages. If you are unable to access your email account for more than 14 days, please contact IT or HR to make arrangements for your email account during your absence.

 All copies of non-record email (those with no ongoing legal, compliance, business, operational, project or historical value) can be deleted and paper printouts of such messages disposed of when no longer needed.

 Non-record email messages include, but are not limited to, administrative email (such as an invitation to the company holiday party or a meeting notice); they do not need to be retained as a company record, according to the records retention schedule. Such messages only need to be kept if they are needed to conduct business. Failure to dispose of such messages wastes valuable company computer resources and employee time. However, if you would retain the message if it had been sent in paper form, then you should retain record copies of the email transmission. Email can be archived electronically using [email archive software]. Please see IT for instructions on archiving email.

 You should, unless otherwise directed:

  1. Purge drafts and non-record email messages immediately when no longer needed.
  2. Purge convenience or reference email copies immediately when no longer needed.
  3. Purge duplicate email immediately when no longer needed.

Personal use of email / Opinions / Personal Views / Solicitation

Employees will unavoidably use their company email for personal reasons.  While almost everyone has a personal email account, inevitably there will be an intermingling of personal email and work email.  Employees corresponding to each other may by default use the company email rather than a personal email.  They may not even know each other’s personal email address.

Recognizing this will happen, you should include language in your email policy to describe the acceptable personal use of company email.  If it is 100% prohibited, you should say that.

SAMPLE TEXT

[COMPANY]’s electronic mail service is reserved primarily for business use. All users should consider this in their decision to use the firm’s email services for personal purposes.

Employees may use [COMPANY]’s email service for incidental personal reasons with the following guidelines:

  1. Communication with non-business contacts is permitted but should be minimized during business hours.

Employees also are free to correspond during the lunch hour and other break times. Personal email should not interfere with the email user’s employment or other obligations and responsibilities to the firm.

  1. Personal email communication that exceeds the limits outlined above is prohibited unless justified by family emergency or otherwise specifically authorized by [COMPANY]’s Human Resources Director. Personal email should not directly or indirectly interfere with the firm’s operation of computing facilities or electronic mail services or burden the firm with noticeable additional cost.
  2. The use of [COMPANY]’s email system to solicit for any purpose, campaign for a political candidate, espouse political views, promote a religious cause, and/or advertise the sale of merchandise is strictly prohibited.
  3. Personal Email usage must also conform to [COMPANY]’s harassment and discrimination policies.

Security / Trade Secrets / Personal information / Viruses

This section discusses email security.  Users are required to use secure passwords and change their password often.  Include a warning about sending personal information or trade secrets via email.  Email (unless encrypted) is not secure. Employees should know any sent email can be intercepted or read.  Phone and snail mail are both more secure than email.  Finally, warn employees about opening email they do not recognize or are not expecting.  Most email systems have SPAM and virus protection but occasionally something will slip through security.  Employees need to think before opening email and if they suspect an email, they need to know what to do with it and who to notify.

SAMPLE TEXT

Email passwords are the property of [COMPANY]. Employees are required to provide the Director of Information Technology with current passwords upon request. Only authorized personnel are permitted to access another employee’s email without consent. Misuse of passwords, the sharing of passwords with non-employees, and/or the unauthorized access of another employee’s password or mailbox for any reason will result in disciplinary action, up to and including termination.

Security is difficult if not impossible to achieve in the electronic age. Confidential or personal information should never be sent via email understanding it can be intercepted. This includes the transmission of client information, Social Security numbers, employee health records, proprietary data and trade secrets, or other confidential material. When sending sensitive material (or any message, for that matter), employees should use extreme caution to ensure the intended recipient’s email address is correct.

Be careful when opening email with attachments.  While [Company] has email SPAM and virus filtering, there is a possibility a malicious link or new exploit can bypass our system.  If you receive strange messages or unexpected email from someone, use caution and common sense before opening.  When in doubt, contact the sender to verify the email is legitimate and safe.  If you accidentally open an unknown file or click on an unsafe link, notify IT as soon as possible and they can determine if it was safe.

Questions / Who to ask / Signature line and date

Finally, let staff know who to contact if they have questions or concerns.  When reviewing this policy with a new employee or introducing an email policy for the first time, you can include a signature line to state the employee has received and read the email policy.

SAMPLE TEXT

If you have any questions about the above policies, please address them to the Director of Information Technology or Human Resources Director.

I [Employee Name] have received and read [Company]’ Email Policy [version or dated]

_________________________ Signature

_____________ Date

 

I hope this article has convinced you every company needs an email policy.  If you need help writing your company’s email policy, click here and we can get you started.

 

Back to Basics: Creating Effective PowerPoint Presentations

Death by PowerPoint! 

It doesn’t have to be.  PowerPoint, like a lot of tools, is as good or bad as the user.  Read the following tips in this article and you will be giving more effective PowerPoint presentations in no time.  Even if you’re already a PowerPoint Zen Master, you still might pick up an idea or two.  Let’s make PowerPoint a more effective tool.

Develop a 4 Step Presentation

  1. Grab your audience’s attention. Use an interesting quote, anecdote or an outrageous statement.  You can use humor but beware….not everyone can be funny, humor requires timing and relevance so be warned.
  2. State your purpose. Why are you up there talking?  What problem are you trying to solve?  What is the solution?  Is the presentation explaining how you go from problem to solution?  Make sure you don’t say one thing and present another.
  3. Use examples and stories. A lot has been written about storytelling.  Stories generate interest and illustrate a point much better than slides of numbers and bullets.
  4. Wrap it up. Go back to your purpose and explain how your presentation supported your purpose.  Sum up the key takeaways and remember to leave time for questions if appropriate.

Presentation Content

  •  Get to the point. Make sure each slide contains relevant information.  Condense your information and make it sharp and concise.  Make your point and then support it with description, examples, and anecdotes.
  • Use short clear descriptive bullet points. Don’t make lists, make points.  Avoid writing sentences in your slide bullets, write short reminders and then fill in the detail with your spoken words.
  • How about no text at all? Simply use a title and an image/graphic for each slide.  This forces your audience to listen to what you say, there is nothing for them to read.
  • The title of each slide should be descriptive. It is the largest item on the page, make good use of it.
  • Consider the use of blank (black) slides to re-focus the attention on you, the presenter, instead of the slides. Put up a black slide and all eyes turn to you to LISTEN.
  • Rule of 6 – Never put more than 6 bullets on a page. If you have 20 points to make, condense the information or spread it over 5 slides.  Remember the audience can read faster than you can talk.  They have already read the whole slide before you open your mouth.  Don’t ever read the bullets, fill in the blanks, add color and detail, don’t repeat what is already there.

Develop an Agenda

  •  Use an Agenda slide. During the presentation, refer back to the Agenda slide so your audience can follow where you are in the presentation.  The agenda slide is very important in long presentations.  It keeps the audience from getting lost and it can be used to track progress and anchor your presentation.
  • In his excellent book on presentation, Beyond Bullet Points, author Cliff Atkinson stresses the concept of breaking down the presentation into smaller more digestible parts and using anchor slides to guide the audience through the presentation and through your slides. He makes a convincing argument you should create signposts throughout your presentation to keep the audience from being lost or confused.

Using Visuals

  • Using visuals in your presentation can help the audience AND the speaker. As I said earlier, using a picture or graphic can shift the focus from the PowerPoint to you, the speaker.  If you ONLY use graphics on your slide, the audience is forced to listen to what you say.  They will not just read your slide and go back to their phone and email.
  • Visuals can add useful information. Especially when you are trying to explain numbers, a graph is much more helpful than a table of numbers.
  • Visuals take the focus OFF a nervous speaker. If you walk through a slide using one or multiple visual images, the attention will be on the slides and not on the fidgeting speaker.
  • Visuals remind the speaker of points to cover.
  • When using visuals make sure you have the rights or permission to use the images and graphics. Stick with Creative Commons or Public Domain images in your presentation or create your own.  Make sure you give proper credit or attribution when using visuals.

Watch Out For

  • Wordiness – Don’t write entire sentences in your presentation. Unless it is a quote, your bullet points should be short concise reminders of what you are going to talk about.
  • Face the audience. Don’t turn around and look at your screen when presenting.  If you have to see the screen, then use a pointer and shift focus to the screen or use Presenter View in PowerPoint to see the presentation while you talk.
  • Avoid Jargon – unless you are presenting to a room of experts on the subject, avoid using industry jargon or acronyms.
  • Time – Don’t try to cram 75 slides into 30 minutes. Estimate the time needed for the number of slides and remember to leave time for questions.
  • Brain Freeze – I write out my entire spoken presentation in the Notes section of the presentation. This also makes a good handout AFTER the presentation.  Never give your handout before the presentation, make them listen and pay attention to you.

PowerPoint Pointers

  • PowerPoint Designer – PowerPoint has a feature called PowerPoint Designer. There is also Design Ideas in Powerpoint on the Design Menu.  These tools might improve slides by automatically recommending design ideas for your PowerPoint slides.
  • Outlines in PowerPoint – You can open Word Outlines inside PowerPoint. If it is easier for you to compose in Word or if you want to create a presentation for a paper you have written in Word, you can open a Word Doc directly in PowerPoint.  Try it.
  • You may also find it easier to edit a presentation in PowerPoint Outline View. See View, Outline View from the PowerPoint Menus.
  • I always write out my entire spoken presentation and put it in the Note View of each slide. This makes it easy to create a presentation handout. Simply print out a Notes Pages and use as a presentation handout.
  • Keep in mind you can save a PowerPoint presentation (PPTX) as a PowerPoint Show (PPSX) or a video for alternate ways to view and share the presentation.

Using Color

  • Text color – If you projecting the presentation use light text on a dark background. For printed presentations use dark text on a light background.
  • Color for emphasis – Use color to PUNCH out and make a point.
  • Less is more – Remember to limit the number of colors and fonts in a presentation. Use a sans serif font and use no more than two or three different fonts.  Use color to set a mood, highlight or add emphasis or contrast.
  • Be careful when using background colors or patterns. They can be very distracting and make your presentation illegible.
  • Red and green are bad colors for colorblind people. Especially if using different colors for different data sets in a graph, use higher contrast colors so us colorblind folks can tell the difference.

 

Photos / Images

  • Be careful using photos in presentations. Unless the photo is directly related to your topic, the relationship can be lost.
  • When using photos, make sure you have permission to use the image. If you purchased the photo, read the restrictions on its use.  If you use Creative Commons images, make sure you provide proper attribution and/or copyright information.
  • Graphs always work better than tables of numbers. If you have a lot of numbers to explain, try to find a way to use a graph or graphic to explain your story.
  • Use lower resolution images in your presentation. If you use high-resolution images you will bog down your presentation.  Using a lot of images can bloat your file size and slow the performance of the program as it struggles to load and display huge files.  If you need high-resolution photos to print your presentation, create two versions of your presentation, one to display and one to print.  More is not better when it comes to image and photo sizes and resolutions.

Multimedia / Animation

  • Using sound – sound needs to be heard to be effective. Tiny laptop speakers are not going to work in a large auditorium.  If you use sound, make sure the audience can hear you.
  • The same rules apply to animations and video. They need to be large and loud so they can be effective.  Video also makes your presentation files big and slow.  A low powered laptop will have a hard time displaying a presentation and a video at the same time.  A low powered laptop or tablet might drop frames or stutter.  This makes your presentation look unprofessional.
  • Animating text and other elements is ok if it adds to the understanding of the slide. Don’t animate text for the sake of animation.  It is annoying.

 Slide Transitions

  • Keep slide transitions simple. Avoid using weird transitions like window panes or rotating screens.  They are unprofessional.
  • Avoid using sound transitions. A ding or beep with every new slide is ok for a single slide but will drive your audience crazy if it is used for every slide.
  • A good way to animate words on slides without actually animating is to use identical slides with one word or words changed. As you transition from slide to slide it will appear the changes are magically happening when really you are just advancing slides.  Be careful to make the slides identical or it will appear as the whole slide is sliding or shifting around.  That is disconcerting to watch.
  • I recommend using a simple “wipe up” transition. This sets your audience’s eyes for the next slide and it is simple and fast.  You might also consider using “wipe left “ or “wipe right” for topic transitions and “wipe up” for slide transitions.  I have used this successfully for many presentations.

 Font Sizes

  • Fonts need to be visible from the back of the room. A good rule of thumb is never to use any font smaller than 18 pt.  Depending on the size of the screen, 18 pt is generally legible from almost 20 feet away.  Make sure your fonts are at least 1 inch (projected)  tall for every 10 feet viewing distance.
  • If you need to fit more information on a slide, don’t make the font smaller, make the font NARROWER.
  • Sans Serif fonts are best for titles, Serif fonts are better for body text. That said, most presentations are almost entirely titles and should not have any body text.  But if you create handouts, you might use Serif fonts for better readability.
  • In general, title fonts should be 45-55 pt.
  • Remember, stick to one or two fonts for the entire presentation. Black on yellow is the highest contrast most readable color combination.  But, black and yellow is a “bumblebee” color scheme, so be careful.

 Presentation Do’s and Don’ts

  • Practice your presentation. Speak it out loud to yourself, don’t just play it through your head.  Talking is different than thinking.  You need to practice how you will phrase your words and the only way to do that is to say it out loud.
  • Don’t read off the slide. Your audience has already read the slide faster than you can say it and if you read the slide you will turn your back to the audience, big no-no.  Always face the audience, not the screen.
  • Use short bullet points and fill in detail with your words. Don’t write whole paragraphs in your bullets.
  • Always test your technology BEFORE the presentation. You don’t want any issues when it is time to present.

Wrap It Up

  • Before you present, check ALL your spelling and grammar. Make sure the client’s name and logo are correct if you are presenting to a prospect or client.
  • Is your presentation clear, consistent and logical? Do you say one thing on one slide and something contradictory on another?
  • Keep it simple. Did you meet your goals for the presentation?  Did you successfully communicate your ideas and did the audience understand?  If they did, congratulations you gave a good presentation.
  • Leave time for questions at the end in case someone didn’t understand a part of your presentation.
  • Don’t forget copyright issues, respect other’s work and give credit where it is due and attribution if required.

 Take the PowerPoint Quiz – Learn PowerPoint

Take some time to learn how to use the PowerPoint program. Sharpen your application knowledge, it will help you in the long run. Do you know these PowerPoint features?

  • Master slides
  • Slide and element animation
  • Slide Sorter
  • Outline View
  • Grouping
  • Notes page / Handouts
  • Nudge and guides
  • Inserting pictures and graphs
  • Design Ideas
  • Timing and transitions
  • PPS files
  • Presenter View

PowerPoint can be a great tool if you use it right.  If you have any other PowerPoint tips, please share them in the comments.  Happy Presenting!

Advance2000 IT Strategy Assessment

The Best Email for Business

No Business Should Be Running Their Own E-mail Server Any Longer.

Are you still dealing with the headaches and expense of owning and operating your own email or Exchange server?  Here are the reasons why we think now is the time to move your email to a hosted solution, specifically Office 365:

  1. Built-in Disaster Recovery – Office 365 has a 99.99% up-time, this statistic is published quarterly here. In addition to hardware disaster recovery, many companies that operate their own email server are also paying for separate SPAM, anti-virus and email continuity services. These features are all built into Exchange Online and Office365.
  2. Low Cost – Office 365 email plans start at $4 per user per month, this is very affordable. You can also purchase an annual contract or work with a CSP (Cloud Service Provider) to get additional discounts and more flexibility with monthly licensing and payment. If you skip one triple, venti, half sweet, non-fat, caramel macchiato you have your email paid for the month.
  3. Outlook Online – is included for mobile phone (tablet) or browser access. If you run your own email server, you need to set up and manage your own web access or Outlook Web Access (OWA).
  4. Infinitely Scalable – like other cloud offerings, if you start with 5 users and grow to 100, there is no problem scaling up or down. You don’t need to buy a large server (and software licenses) upfront to accommodate growth in the future.
  5. Licensing – You do not need to invest in expensive hardware and software licenses. You also don’t need to manage and maintain and eventually replace that hardware. In addition, you’ll always have the latest features and automatic updates. You’ll receive those new features and updates as soon as they are released.
  6. Large Mailbox Size – 50 GB or unlimited mailbox size depending on the Office 365 mail package you purchase.  This is room for 1000s and 1000s of messages, even with attachments.  You’ll never need to clean your inbox again! (IT people cringing)
  7. Spam Filtering and Virus Protection – These services are automatically enabled on all inbound and outbound email messages by Microsoft Exchange Online Protection (EOP), the anti-spam and anti-malware service included with Office 365. The EOP service uses multi-layered filters and scanning engines to protect your organization. And your users can still manage their own SPAM settings, retrieve blocked emails and configure black and white lists. SPAM blocking actually gets better over time and learns from the messages you mark as SPAM.
  8. Integration with Active Directory – Using Azure AD Connect, changes made in local Active Directory are automatically synced to the cloud. User name and password changes are automagically synced to the MS cloud and your email account.
  9. Works with Outlook and Outlook Add-ins – Outlook integrations all work exactly as before. You can use any third-party Outlook application and be certain it will work without problems.
  10. Office Applications – If you purchase the whole Office 365 Suite (for an extra $7.50 / month in addition to email) you get all the MS Office products for 5 PCs or mobile devices.
  11. Easy Migration – using Office 365 built-in tools you can easily migrate your Exchange mailboxes and settings to Office 365.

You outsource your coffee making to Starbucks, why are you still running your own email system?

Advance2000 provides complete migration services to move your email to the cloud. Kick the Exchange habit and get your company’s email into the cloud. Contact Us today and learn how.

Back to Basics: Writing a Disaster Recovery Plan

Disaster Recovery is the process or procedures that take place AFTER your business has experienced a technology based problem or other major business interruption. It describes the steps to take to recovery from a disruption in the business due to a disastrous event or technology failure. Disaster Recovery’s goal is restoring your systems and data to the most recent state before the disaster incident occurred.  With Disaster Recovery, in contrast to backups, you do not care about going back in time 30 or 60 or 90 days, you just need to recover the last known and good operational state.  Backups are a part of that process.

Business Continuity is the uninterrupted continuation of business. Your business needs a Disaster Recovery Plan to assure Business Continuity.

What should I include in my Disaster Recovery Plan?

In addition to addressing technology, a comprehensive Disaster Recovery Plan should also address non-technology issues, such as legal or human resource business disruptions. You need to prepare for all types of disasters.  Your Disaster Recovery Plan must answer the Who, What, Where, When, and How questions to get your business operational again.

Who?

Who is responsible for carrying out the plan? Disaster recovery roles should be planned and practiced before a disaster strikes. For example, a technology outage may require a communication plan to inform staff, as well as clients. Responsibilities should be assigned to teams to avoid a single point of failure.  Staff roles and responsibilities should be recorded and communicated to all staff. The disaster team might include the following teams /roles:

  • Firm Leadership
  • Communication
  • HR
  • IT Recovery
  • Public Relations / Client Relations / Internal and External
  • Facilities and Corporate Services
  • Damage Assessment
  • Financial Recovery / Insurance
  • Legal / Risk Management
  • Projects / Project Liability
  • Operations
  • Client
  • Crisis Coordinator
  • Crisis Management team
  • Security / Employee Safety

What?

What are the types of disasters? They are not all technology. What steps do I take in case of a disaster?

  • Technology
  • Human Resources
  • High Profile Attrition
  • Legal
  • Workplace Violence / Terrorism
  • Physical (office is damaged or unavailable)
  • Transportation (weather – no one can get to office)
  • Public Relations
  • Firm Health / Financial / Bankruptcy
  • Project Related (job site accident / building collapse)
  • Reputation (Public perception)

There are also degrees of disasters.

  • Level 1 – 4 depending on duration and severity

Where?

Depending on the type of disaster, you may need to work offsite for a period of time. What if your office is flooded or there is a fire in another part of the building and access to your office is restricted or denied for safety reasons? Factors outside your control might cause you to have a problem even though your systems are not directly affected.  Do you have a DR site chosen?  How fast can it be ready for use?

When?

Your plan should identify a timeline and set recovery goals. It is not enough to know what to do, you should also set the timing and sequence of events in your plan. Part of an effective Disaster Recovery Plan is a recovery timeline. How long will it take to get your business back in business? You need to know.

How?

When developing your plan, understand the options to keep your business safe.

  • Backup and Recovery – Backup can take many forms; tape, disk, optical or online (cloud).
  • Cold Disaster Recovery Site – This is a recovery site that is prepared after a disaster has occurred.
  • Warm Disaster Recovery Site – A combination of a Cold and Hot Disaster Recovery Sites
  • Hot Disaster Recovery Site – This is a recovery site that is prepared before a disaster has occurred and is on standby in case of a disaster.
  • Business Interruption Insurance – Insurance is available to protect your business in the event of a technology disaster.
  • Data Archiving – What should you do with old backups? Legally, how long do you need to keep data?

You need a PRINTED Disaster Recovery Plan – Your plan should be in hardcopy form so it can be accessed with no electricity or network and it should be stored OFFSITE in case the office is inaccessible.

Get your Disaster Recovery Plan in order and sleep easier at night…

CONTACT US if you need help creating your plan.

Back to Basics: Safeguarding Your Business – Backups and Disaster Recovery

How long can your firm afford to be out of business? How long will it take to recover from a technology disaster? You should protect your data and your business with a proven secure online backup and disaster recovery solution.

Other than your employees, your data is the most important part of your business. Just backing up your data is not enough. You need to have a plan to get your business up and running quickly in the event of a technology failure.

Did you know that rebuilding a file server from scratch and restoring all its data can take a week or more? Is your business ready for that? Are your clients ready to wait days while you restore their data?

How long can your business afford to be out of commission? 1 day? 1 week? 1 month? The statistics vary, but a significant number of businesses that experience a disaster do not survive. A written and tested Disaster Recovery Plan combined with data backup mitigates your risk.

Three important steps to safeguard your business

Step One: Set up secure online offsite backup. Online Backups protect your data by safely and securing replicating your files and data to the cloud. Understand what you are buying, is it 30, 60, 90 or unlimited days of backup? Make sure your backups are stored geo-redundantly, that is in more than one location. You can’t afford for your backup to be inaccessible in case a regional outage takes down your office AND your backup provider.  Get your backups OUT OF THE OFFICE.  At a minimum, do not keep your backups in the same location as your live data.  That is trouble waiting to happen.

Step Two: Create a Disaster Recovery Plan. Disaster recovery is restoring your technology infrastructure (after a disaster) to insure that your business keeps working. Consider using an online Disaster Recovery site. There are cold, warm or hot disaster recovery sites that can allow your business to keep working. Understand the differences between them and choose the right site depending on your budget and tolerance for risk. If you depend on your employees being productive and billable, you cannot afford to have them to sit idle while you repair or replace broken equipment.

Step Three: Test, Test, Test. Testing and reporting is part of any good backup or disaster recovery plan. You must regularly test your solutions to insure they work and that they are protecting your business. Don’t ASSume that you are safe, test.

If you work with a provider that offers both online backup and online disaster recovery, you can start with online backup, and later add disaster recovery along with your online backups. This way you will never pay for additional services you don’t need. You can grow from a simple online backup into a full disaster recovery solution easily and without risk. Your solution provider can also help you design and document your disaster recovery plan. Safeguard your investment in equipment and people.

Questions to ask your backup provider:

What is the RTO (Recovery Time Objective) – how long will I be down?
What is my RPO (Recovery Point Objective) – how much data is acceptable for me to lose? 1 hour, 4 hours, 1 day?
Do you have High Availability Solutions? Can your DR site take over running my business instantly?
Geo-Redundant Storage – Is my data stored in multiple locations?
Testing and Reporting – How often do you test backups and how do I know they work?
Safe Secure Datacenters – Where is my data being stored? What safeguards do you have in the datacenter?
Low cost – what is a fair price for backup? What does my downtime cost? Compare the two and decide.  Balance risk and cost.  Don’t go cheap, you can’t afford it.
DR / Business Continuity Planning Services – Do you offer both Backup and DR or just one. Can you help me write a disaster recovery plan?
Easy to use? – What is the user interface like, who monitors my backups, do I get alerts if they fail?
How long have you been in business? Will you go out of business with my data?
If I change providers, what happens to my data? Will they give it to you? Does it disappear? Most providers have a window of time they will keep your data, do you need longer term archive in addition to backup?
Can you ship my data on a drive? If you have to perform a large restore, you will not be able to do it over the Internet. Can they overnight a drive with your data? For what price?

Do you need help with backup or DR?  Contact Us and Advance2000 can help you protect your business.