8 Things to Include on Your Disaster Recovery Plan Checklist

Losing data is a company’s worst nightmare. Unfortunately, no one is immune as security breaches run rampant today.

You not only have to consider the effects of human interference, but also what could happen in the wake of a natural disaster. Wildfires, hurricanes and earthquakes are all natural occurrences that could knock out your data centers and erase pertinent information without a human ever touching a computer.

A comprehensive disaster recovery plan checklist is essential to getting a business back up and running following a disaster. In this blog, you’ll learn the goals of a disaster recovery plan and what to include on your checklist.

Disaster Recovery Plan Goals

Disaster recovery is meant to help your business stay ahead of problems that could result in a loss of data. According to the National Archives & Records Administration in Washington, 93 percent of companies that lose data access for 10 days or more due to a disaster file for bankruptcy within a year.

If you want to avoid financial loss, your disaster recovery strategy should provide the resources needed to:

  • Minimize risk. Before you create a disaster recovery plan, perform a risk assessment to uncover vulnerabilities in your current system.
  • Resume operations quickly. Your systems need to be available to you and your customers as soon as possible. Your plan should include solutions for accessing the system without needing physical access — such as a Software-as-a-Service (SaaS) platform and redundant data storage that can be accessed anywhere.
  • Maintain industry compliance. Depending on your industry, you likely have specific regulations to uphold. Your disaster recovery plan should reduce your risk of incurring penalties for failing to meet compliance obligations.
  • Address concerns of employees, owners and investors. Your disaster recovery plan should help business leaders, owners, employees and investors feel at ease knowing your company is secure. Write down the top concerns from each of these groups so you know which liabilities need to be addressed if a disaster occurs.

What Should You Include on Your Disaster Recovery Plan Checklist?

Here are eight key ingredients to include on your disaster recovery plan checklist:

1. Set Your Recovery Time Objective (RTO) and Recovery Point Objective (RPO)

The first thing you need to do is determine your RTO and RPO. These data points refer to:

The amount of time you need to recover all applications (RTO)
The age of the files that must be recovered for normal operations to resume (RPO)

Setting RTO and RPO goals requires input from multiple departments to best assess business needs.

Your RTO and RPO will help you determine what solutions are necessary to survive a disaster or a data breach and keep your data recovery costs low. They help you determine which hardware and software configurations you need to recover your workloads.

2. Take Inventory of Hardware and Software

Take a complete inventory of your hardware and software. Categorize each application in one of three buckets:

  • Critical applications you can’t do business without
  • Applications you will need to use within a day
  • Apps you won’t need for a few days or more

By defining your most critical applications, you’ll know which ones you need to prioritize in the event of a disaster. You should revisit this list once or twice a year as you install new apps or remove old ones.

Pro Tip: Make sure you have the vendor technical support information for each piece of hardware and application on hand so you can get back up and running fast.

3. Identify Personnel Roles

Beyond your software and hardware needs, you also need to outline the roles and responsibilities involved during a disaster recovery event. Duties range from making the decision to declare a disaster to contacting party-vendors.

Your disaster recovery plan should include a list of disaster recovery personnel with each person’s position, responsibilities and emergency contact information. Everyone from C-suite executives to help-desk reps has a role to play, and each person should understand their role in detail.

You should also have a list of back-up employees in case someone is on vacation or no longer available.

4. Choose Disaster Recovery Sites

Any good business continuity plan will also include using a disaster recovery site where all of your company’s essential data, assets and applications can be moved during a disaster. Whatever location you choose should be able to support your critical hardware and software.

Disaster recovery plans typically use three sites:

  • Hot sites, which act as a functional data center with hardware, software, personnel and customer data
  • Warm sites that allow access to critical applications (excluding customer data)
  • Cold sites where you can store IT systems and data, but that have no technology until your disaster recovery plan goes into effect

These sites should automatically perform backups and replicate workloads to speed up recovery.

5. Outline Response Procedures

Documenting your recovery strategy is the only way to guarantee your team will know what to do and where to start. Write down guidelines for everything, including:

  • Communication procedures for employees, media and customers
  • Data backup procedures, including a list of facilities and third-party solutions
  • Instructions for initiating a response strategy, including staff roles and critical activities
  • Post-disaster activities that should take place after operations are reestablished, such as contacting customers and vendors

You can’t be too detailed when it comes to documenting response procedures. The goal is to achieve full transparency and make sure each staff member understands the disaster recovery process from start to finish.

6. Identify Sensitive Documents and Data

Thinking beyond hardware and software, you also need a list of the essential documents and data that you cannot lose without disastrous effects. This includes sensitive information, such as Personally Identifiable Information (PII), and who will have access to that data in the event of a breach or disaster.

7. Create a Crisis Communication Plan

No matter the size of your company, you need a clear strategy for communicating with employees, vendors, suppliers and customers in the event of a disaster. As long as you keep customers and the media informed on the status of your data outage or breach, they will feel much better about how you’re handling the situation.

Larger companies should create a crisis management media kit for reporters and customers. Include a statement that your PR team can publish on your website and across social media platforms that includes a number to contact for more information and an estimate on when things will be back up and running.

8. Run Continuous Practice Tests to Ensure Your Plan Is Effective

The last thing you want is to have your disaster recovery plan fail in your time of need. Test your plan at least once or twice each year and look for red flags, such as failed backup hardware or a slow internet connection that can’t restore your data in time.

Any time you run through a practice test, you should also review your risk assessments, personnel lists and inventory to ensure everything is up to date.

Get Expert Disaster Recovery Planning Assistance From KMicro

Today, every company is likely to experience a natural disaster or human interference at one point or another. To keep your data protected, you need a foolproof disaster recovery plan.

Reach out to KMicro to learn more about how we can help you create an effective disaster recovery plan that will get you back up and running in no time.

How to Implement a BYOD Policy Your Employees Will Actually Follow

Bring your own device (BYOD) policies have risen in popularity in recent years. In fact, 82 percent of companies let employees use personal devices for work. Why so many? Businesses save money by not having to make additional purchases, and employees don’t have to juggle between multiple devices.

But employing a BYOD policy isn’t easy. Business owners have to put trust in their employees to protect the company’s security. This blog will explain how BYOD policies work and provide tips on how to implement a BYOD policy that employees will follow.

What Are the Benefits of a BYOD Policy?

Before you create your BYOD implementation plan, you need to know the benefits of a BYOD policy. Your employees are likely to ask questions, and it’s best to be prepared so you’re not caught off-guard.

Here are the top four benefits of allowing personal devices at work:

Financial Savings
Because BYOD policies ask employees to use the same devices they already use at home, businesses save money on purchasing and maintaining laptops and mobile devices. Instead of paying full price, companies can pay employees a small stipend to cover device costs, data plans, etc.

When your employees no longer have to switch between their home device and work device, life gets a lot more convenient for them. According to a study by Sapho, employees save 81 minutes a week by using their own devices.

Plus, because they already know the device, they don’t need to be trained on a whole new system, making BYOD more convenient for your company as a whole, too.

Access to New Technology
Employees are more likely to purchase the latest phones and laptops, while companies tend to be a few years behind. This is because individuals get upgrades much more quickly and at a faster rate than companies do.

To stay efficient and productive, your employees need to be able to access information no matter where they might be. Because BYOD gives them access to their own phones, which are likely newer, they can access information quickly without struggling to go through password after password on their secure work phone.

While these benefits are hard to resist, a poorly planned BYOD policy can cause some major issues, including security risks and an increased need for IT support. When your employees are using a myriad of different devices — all with different operating systems — you need reliable IT support to be able to help them.

And considering that half of BYOD-friendly companies that experience a data breach are breached by an employee-owned device, it’s safe to say that you need a policy that accounts for such problems while maintaining the convenience of the program.

How to Implement a BYOD Policy

Here are seven steps you can take to create a successful BYOD implementation plan:

1. Establish Security Policies

Now that your employees can pull up sensitive information from home, your policy needs to address potential pitfalls. This includes setting up strict password requirements so that — should a device fall into the wrong hands — you can be sure your data is safe.

Beyond passwords, your BYOD implementation plan should outline:

  • The minimum required security controls for devices
  • Where data will be stored (including what is stored locally)
  • Inactivity timeouts
  • Whether you require employees to download a mobile device security app
  • Your remote wipe policy

Depending on your industry, you might need to create more restrictions based on compliance requirements.

2. Create an Acceptable Use Guide

If you don’t already have an “Acceptable Use Policy,” you should create one in conjunction with your BYOD policy. This policy will help guide your employees away from distractions while keeping your network free of viruses and malware.

When creating your acceptable use guide, outline which applications employees are permitted to access from their personal devices and which apps are restricted. You should also note:

  • Which websites are banned while a device is connected to the company’s network
  • What types of company-owned data employees can access from their devices
  • What disciplinary actions you will take if someone violates the policy

One thing to note: Don’t block websites like Facebook or YouTube. Blocking these sites can seem overly controlling, especially from your employees’ personal devices. You need an acceptable use guide that isn’t excessively strict and shows that you have trust in your team.

3. Install Mobile Device Management Software

Mobile device management (MDM) software allows you to configure, manage and monitor all personal devices from one application. Your IT team can then authorize security settings and software configurations on any device connected to your network.

With MDM software, your IT team can create automatic backups of your company’s intellectual property using the cloud, scan for vulnerabilities in your system, block mobile devices that could be threats, ensure anti-malware applications are updated, remotely update and patch issues and further enforce security policies.

4. Use Two-Factor Authentication for Company Applications

Two-factor authentication keeps hackers from impersonating users and gaining access to company accounts. It keeps your classified information secure by forcing anyone who logs in to an application to go through an extra step, such as providing answers to security questions or using a code that has been provided in an email or text message.

5. Protect Company and Personal Data on Employee Devices

While you need to protect your own data in a BYOD policy, it’s also a good idea to protect your employee’s personal data. Your employees deserve to have some level of privacy.

Your MDM software and processes should never interact with, copy or store your employee’s personal information, applications and other data such as location information.

6. Simplify the Sign-Up Process

The sign-up process for your BYOD program should be easy. Don’t ask employees to fill out a paper form or put them through multiple rounds of approvals. Your employees should be able to sign up or enroll through an IT ticket system to track all requests and their progress.

After they enroll, they shouldn’t have to download too many different apps — one or just a few should be enough for them to access the information they need without too much work.

7. Train Your Employees (Regularly)

Provide regular training seminars so your employees stay up-to-date on the BYOD policy and potential risks of not following the rules.

You can also create a detailed manual or allow employees to schedule one-on-one training with someone in the IT department. That way, employees not only learn the best ways to use their devices, but they also understand the potential risks and how the company plans to avoid such issues.

Get Expert BYOD Policy Advice From KMicro

Implementing a BYOD policy comes with its fair share of tasks. As a business leader, you know the benefits and you know what could go wrong, so you might need a helping hand.

Contact someone at KMicro to give you that hand. We’ve worked with everything from SharePoint migrations to cybersecurity solutions, so we can help you create a policy that covers all of your bases.

Set up a call with one of our team members or call us now for more information: 949-284-7264.

Office 365 Migration Types: Everything You Need to Know for a Successful Email Migration

With the ever-increasing use of cloud computing, more and more businesses are making the switch to Office 365 for its cloud-based communication, collaboration and productivity abilities.

But migrating systems can cause headaches and frustration as you try to navigate new and old platforms. Your employees might feel left out of the loop if they’re suddenly told to change email systems, and you need to ensure your data is secure during the move. Plus, migrations can take anywhere from a few weeks to several months.

When it comes time to migrate to Office 365, you have several options to consider. In this article, we’ll break down the different Office 365 migration types to help you decide which method is best for your company.

Factors to Consider When Choosing an Office 365 Migration Type

When it’s time to choose between Office 365 migration types, there are a couple of questions you need to ask yourself, such as:

  • How much time do you need to migrate?
  • How big is your migration budget?
  • How much data do you need to migrate?
  • Which existing email system are you using?
  • Which version of Exchange Server are you using?

After you’ve answered these questions, you can move forward with determining the best migration type for your organization.

4 Office 365 Migration Types

There are four Office 365 migration types for you to consider.

1. Staged Migration

An Office 365 staged migration moves everything over in batches. It transitions all of your resource mailboxes and existing users from Exchange 2003 or 2007 to Exchange Online.

It’s a great method for medium-sized companies (especially those with over 2,000 mailboxes) that are currently using on-premises Microsoft Exchange 2003 or 2007. It is not, unfortunately, available for organizations using Exchange 2010 or 2013.

A staged migration moves mailboxes in batches over a determined period. It requires the use of the Directory Synchronization tool, which replicates your accounts from the on-premises Active Directory database. By the end of the process, all mailboxes will be hosted in Office 365.

During the migration, Office 365 users will still have the ability to send and receive emails from users that haven’t migrated over yet. The only resources users won’t be able to access are calendars and delegates.

2. Cutover Migration

A cutover migration is an immediate transition from an on-premises Exchange system to Office 365. All your resources are migrated at once, including mailboxes, contacts and distribution groups. With this migration, you cannot select specific objects to migrate, and once the move is complete, everyone will have an Office 365 account.

This Office 365 migration method is best if you’re currently using Exchange 2003, 2007, 2010 or 2013 and have less than 2,000 mailboxes. In fact, Microsoft recommends the cutover migration for companies with less than 150 users to the amount of time it takes to migrate so many accounts.

One thing to note: every user’s Outlook profile will need to be reconfigured to connect to Office 365.

3. Hybrid Migration

The Office 365 hybrid migration allows you to integrate Office 365 with your on-premises Exchange servers and your existing directory services. As a result, you can synchronize and manage user accounts for both environments.

With a hybrid migration, you’re able to move mailboxes in and out of Exchange Online. You can even pick and choose which mailboxes to keep on-premises and which to migrate to Office 365. Plus, you can synchronize passwords and introduce single sign-on to your team to make it easier to log in to both environments.

If you’d like to use a hybrid migration, you need more than 2,000 mailboxes. It’s also necessary to have Exchange 2010 or later. If you don’t, you must install at least one on-premises Exchange 2013 or Exchange 2010 Service Pack 3 (SP3) server to enable hybrid deployment connectivity.

4. IMAP Migration

While the other three Office 365 migration types depend solely on Exchange, an IMAP (Internet Message Access Protocol) migration allows you to transition users from Gmail or any other email system that supports IMAP migration.

An IMAP migration pulls information from your source mailboxes and hands it over to Office 365. However, IMAP migration doesn’t transition anything other than email. Calendar items, tasks and contacts all stay in the original inbox and have to be migrated manually by the user.

You’ll also have to create a mailbox for each user before initiating the email migration – something other migration types automatically create for you.

IMAP migrations have a limit of 50,000 total mailboxes and 5,000,000 items. And once the migration is complete, any new mail sent to the original mailbox won’t be migrated.

Get Expert Office 365 Consulting and Migration Help From KMicro

If you’re still not sure which Office 365 migration type is best for you — or you know you need help taking the first step — get in touch with one of the experts at KMicro.

We’ve helped dozens of businesses with their Office 365 migrations, and we have the knowledge you need to move forward without disrupting your day.

Schedule a phone meeting or give us a call now to learn more: 949-284-7264.

Getting Started With Power BI

Microsoft Power BI is an analytics solution that lets you visualize your data and share insights across your organization. The tool connects hundreds of data sources to bring your complex data to life with live dashboards and reports.

Power BI is an ideal tool to learn for many types of business and IT professionals, from developers to administrators to designers. In this blog, you’ll learn how to get started with Power BI in five easy steps.

What Is Power BI?

Power BI is a collection of apps and services that turn your unrelated data from various sources into rational, interactive insights. When you add Power BI to your business infrastructure, you gain greater ability to make informed decisions based on the data you have collected over time.

There are three elements to Power BI:

  • Power BI Desktop, a Windows desktop application used by designers and developers to build and publish dashboards and reports
  • The Power BI service, an online Software-as-a-Service application used by consumers and non-power users to view reports
  • Power BI mobile apps for Windows, iOS and Android devices

All three elements of Power BI allow business users to easily access, create and share business insights in whichever way best suits their role.

There’s also a fourth element, Power BI Report Server, that lets you publish reports onto an on-premises report server. But you’ll mostly work with the main three.

So who uses Power BI?

Designers, developers and administrators can all use Power BI to create reports. Other roles — from salespeople to customer service teams to warehouse managers — will use the Power BI service to access those reports and keep track of their respective teams’ progress and performance.

Now that you know what Power BI is and who uses it, there are some things you can do to learn more about the tool and get comfortable using it.

Getting Started With Power BI

Here are five Power BI tips to help you get started:

1. Sign up for a Free Power BI Trial

If you don’t already have an account, you need to get one. Register for a free Power BI Pro trial account to begin. The trial will last for 60 days and allow you to test out the program without the stress of paying for something you might not want.

2. Import Your Data

After you sign in to Power BI, it’s time to import some data to see what it can do! At the bottom of the left navigation bar, you should see a button to get data, which will allow you to import Excel, CSV and Power BI Desktop files. Once imported, you’ll be able to start making visuals.

3. Explore Your Dataset

Once you’ve imported some data into Power BI, you can create dashboards to see how certain sets of data change over time.

You can filter the data by date, sales, month, price, units sold and more, and then use those filters to choose what type of visualization works best. For example, if you filter by “Date” first, you’ll see a table, while filtering by “Gross Sales” first will produce a chart.

Once you’ve found a data visualization that is interesting to you, you can pin the chart to a dashboard by hovering over the visualization and selecting the “Pin” icon. With the chart stored on your dashboard, you can watch as that specific information evolves.

4. Continue Exploring With the Q&A Box

Power BI uses natural language processing to understand what you’re looking for and immediately pull it up when you need it. Simply type a question in the Q&A box about your data, and watch as Power BI presents a visualization of that information. You can then pin it to a dashboard.

5. Clean up Your Resources

When you’re done with a dataset or want to remove the information you imported for testing, go to “My Workspace” in the navigation bar. Choose the “Datasets” tab, click on the ellipses and choose “Delete.”

Deleting a dataset will also delete any related reports or dashboards.

Benefits of Using Power BI

There are plenty of benefits of getting started with Power BI. For one, because it easily integrates and connects with other tools like Dynamics 365, you don’t have to worry about the transition from gathering data to extracting insights from it.

Power BI allows you to extract the most important insights from your data without having to sift through confusing lists and charts. With clear data visualizations at your fingertips, your organization can take the necessary next steps to increase sales, improve processes and reduce waste.

The platform also keeps your data secure, so your business can manage data while maintaining compliance.

Unlock the Full Potential of Power BI With KMicro

If you’re ready to start visualizing your data — or you just want to transition to a new data analytics tool — Power BI might be the right system for you. But after you’ve made the decision, what next?

KMicro can help you transition your data from one platform to the next, evaluate your current business intelligence, locate data sources and learn how to navigate Power BI as a company. Let us help you by setting up a call with one of our IT experts, or simply give us a ring here: 949-284-7264.