Jim Lippie, president of Staples Network Services by Thrive was kind enough to share some cautionary tales based on situations that he encountered, a couple of which we explored in an earlier blog titled "Real-Life IT Horror Stories to Learn From." Staples Network Services by Thrive offers a comprehensive array of IT services geared toward SMBs, and I must say I really enjoyed hearing about and learning from its experiences out in the field.
Today, I explore additional areas highlighted by Lippie. As usual, feel free to comment or share about cautionary tales that you might have come across.
The Importance of Up-to-Date Business-Continuity Plans
Lippie: "We had one client located on the top floor of a multi-level office building, and the building roof was getting tarred. Unbeknownst to the company, there was a small hole in the roof above the server room. Imagine their consternation when they discovered that tar had dripped down into the server room, coated the server and rendered it completely useless."
Fortunately, the presence of a disaster-recovery plan meant that data was backed up, and the team was able to put a new server up by the next day. Contrary to conventional business-continuity ideals in which SMBs might be urged to purchase "spare" servers, Lippie pointed out that having proactive and up-to-date plans is actually far more important.
He wrote, "The takeaways here: While companies don't necessarily need to have servers on standby, it's important to always have an accurate and up-to-date asset inventory, including equipment specs, so you can do an overnight order if necessary to preserve business continuity. Again, in terms of a comprehensive disaster-recovery plan, companies should have flexibility to adjust to not-so-typical disasters and include measures for communicating to employees and distinguishing between short- and long-term emergencies."
Have Procedures for Employee Departures
Despite what some might say about the worst of the downturn being over, the fact is that people leave all the time for different reasons. As such, it makes sense for an SMB to ensure that there are proper procedures for employee departures.
The problems resulting from a lack of procedures are many, wrote Lippie. "Too often, we see companies at risk of losing valuable information and intellectual property when employees leave -- without a coordinated, consistent approach to the IT aspect of employee terminations."
"It's not enough to make sure former employees are not sneaking out with their laptops or other equipment. SMBs need to implement a step-by-step checklist of procedures. These include, but are not limited to, deactivating key fobs and immediately shutting down that employee's access to the network, physical assets and shared resources. Don't forget, too, to change passwords where necessary, and to monitor employee activity to make sure they are not downloading proprietary information."
Lippie further suggests ensuring that equipment that might be at an employee's house is returned. This might range from BlackBerry smartphones, dongles for mobile data access and various computer peripherals that belong to the company.
Which leads to an interesting question: Has your small and medium business ever "lost" IT equipment or peripherals to staff who left the company? Were they ever recovered?