November 2014 IT Business Consulting Newsletter

Burning Down the House

By Tom K

Last week, disaster struck a prominent VRM company in the Outer Banks. A massive fire swept through their main offices taking everything, including their IT systems center. Fortunately, no one was hurt, but they have to completely rebuild. Our hearts go out to them.

While there are a tremendous number of issues involved with rebuilding their business, in our current world, quickly getting new PCs and systems and servers up and running is critical.

In this month's newsletter, I highlight some of the key factors that you should have in place to help your company recover from such an event.

Cloud and Servers and PCs

Any of your systems and data that are managed in a Cloud environment should be safe in a local disaster condition. You should, however, ensure your cloud systems vendors are properly caring for the systems they host (see "Security When In the Cloud").

But, a large percentage of VRM companies maintain servers for a number of purposes, and all of you still have PCs and infrastructure devices. These are the resources I discuss recovering below.


For those of you with servers, you HAVE to Back Up (BU) your servers at least every night. You need to not only BU all the data that is stored on them (PMS data, financials, email, company files, user files, etc) but you need to ensure you are backing up the servers' system states and Active Directory as well. I've seen people BU just the data and this is a BIG mistake. If you only BU the data, you'll need to spend hours and hours preparing the new servers and rebuilding Active Directory before you even begin to restore the data.

If you are not using quality BU software that does this for you, you should research this now.

I like to run BUs on premises for convenience and archival purposes, but I also strongly recommend Cloud based BUs as insurance. The product I use has a nice GUI, has good xmit compression, is encrypted, and 500 GB of storage only costs $100/yr. While I disdain the phrase "no brainer", this is THE no brainer.

I discuss BU systems and BU strategies in detail in my article "Backup the Company Jewels!"


If you have servers, you should be storing all of your users' data on the servers. No data should ever reside on a PC. If this is the case, then all your data is protected when you properly BU your servers. You're done!

Additionally, when the data lives on a server, replacing a PC, whether it is just one that blows out a hard drive or 30 that have been destroyed in a fire, is pretty much a matter of joining it to the domain & setting up a quick profile.

If you don't have a server (but you really should... if for nothing more than centralizing your data storage, user management, and PC management - see "Consider a Server to Manage Your Environment"), you'll need to BU the data from every one of your PCs every night. As you can imagine, this can be a daunting task, but I'll discuss this in detail in January's newsletter "Backing Up Your PCs Without a Server ".


One thing that is often missed in a Disaster Recovery plan is backing up the configurations from your infrastructure devices. These typically include managed Ethernet Switches, Routers, Firewalls, and Wireless Access Points. Anything that staff or consultants have consumed configuration time on can, and should be, backed up. Depending on your environment, this can save you lots of time and lots of cash when rebuilding.


The importance of properly storing your software and systems licenses is often ignored. Most small companies purchase commercial licenses that come as pieces of paper. If the paper is lost or destroyed, you lose proof of ownership as well as the installation keys. It is generally very difficult to replace these licenses without re-purchasing them. They should be scanned and stored digitally (part of the BU set), or kept in a very safe, secure, off site location, like a safety deposit box.


You want to ensure you have excellent systems documentation. When a full blown disaster takes everything down, good documentation will be invaluable during the rebuild process. Your systems documentation should include all the information necessary to re-create your IT environment, as well as contact information for all of your vendors. Excellent documentation will have most of your resources listed with purchase dates and serial numbers, which will be a godsend when attempting to inventory your lost equipment.


You'll have to deal with your insurance adjusters from the onset. The sooner you get this process started, the sooner you'll start getting reimbursements. Having a solid inventory is a great first start, and having receipts to back up your inventory can be huge. If you've scanned your receipts and saved them on the server which was backed up, or on a BU'd PC, you are golden. But most often, I've seen paper receipts stuck in a file cabinet on premises. If you keep paper receipts, you should handle these as we suggested you store paper licenses... in a very safe, secure, off site location.

Additional Reading

If you'd like help developing structured processes within your company to prevent those disasters you have control over and prepare for those disasters that are out of your control, see my two part series: "Dealing with Disasters via Prevention!" and "Dealing with Disasters via Preparation!"

And At Home

Your home PC usually stores data as important to you as your corporate PCs... your personal financials, precious pictures of a lost loved one, the video of your daughter's first steps. You need to protect this personal data via regular BUs as well.

You can use the same techniques that I'll discuss in January's newsletter on backing up corporate PCs when you don't have a server, but at home, it is simplest to use an on-line Cloud backup service. As noted earlier, my product of choice works great and only costs $100/yr for 500 GB of storage. Very inexpensive peace of mind!

If you have any questions about any of the info in this article, or if there is anything I can do to help you better prepare for a potentially business crippling disaster, please don’t hesitate to contact me at, or via my cell 443.310.5110.

My December newsletter will be the traditional End of Year Security Summary... my annual need-to-read security refresher, updated for 2014.

In January's newsletter I’ll discuss backing up your data if you still don't have a server, or while you're waiting for your new "pays for itself" Server to arrive.