The new EU General Data Protection Regulation (GDPR) came into effect in May 2018 and represents the most radical change in data protection legislation in the last 20 years. Since then, several of you have been in touch, expressing concerns over the level of expenditure that is needed to build in resilience to your IT infrastructure, and indeed raising the point that implementing such precautions may be cost prohibitive to small and medium sized recruitment agencies.
Today I wanted to expel this myth, because whilst a decade ago high resilience systems and sophisticated disaster recovery plans were the preserve of rich large enterprises, with advancements in technology there are now many good solutions out there that are affordable for SMBs, and can guarantee system up-time.
Nowadays it is really not the case that business owners have to accept IT systems will periodically fail unless they have made a massive investment. Whilst it is nigh on impossible to guard against every potential disaster, there is a much that can be done to safeguard any organisation against the majority of causes of costly downtime, some of which I have detailed below:
Network monitoring tools can be very useful, as when configured correctly they can highlight potential problems before they cause costly downtime. This allows for proactive maintenance to pre-empt problems such as disk space filling up, backup errors or potential security threats. Some of these tools, such as Epoq IT’s MySupport service are now available as a cost-effective charge per month, with the provider doing the monitoring and advising on any necessary remedial work before your business is affected by downtime.
The advent of virtualisation technology has also made restoration of full servers much easier, as there is no longer a dependence on having to restore onto near identical hardware. This means that with the right network design, backup technologies and procedures, the server infrastructure can be configured with some spare capacity, allowing a failed server or service to be restored onto another piece of hardware quickly and easily.
For services where the business cost or compliance implications of any downtime would be prohibitive, there are also real-time replication solutions available that allow data to be replicated “live” between primary and secondary server environments. Whilst these are still a bit more costly than some of the other options, they have still fallen in price dramatically over recent years and are within the reach of many SMEs now.
And for those agencies who just want all the worry, cost and hassle around network resilience removed from their plates, there are also services available, such as Epoq IT’s MyRecovery service, whereby your disaster recovery and network resilience can be managed ongoing by an expert team for an affordable monthly fee, ensuring that you are guaranteed system uptime, and that vital services like email are configured such that there is zero downtime, even if a piece of equipment fails.
And of course cloud technology can also offer the benefit of your data being stored in multiple Data Centres, configured in a highly resilient arrangement. Although, as I have touched on in previous blogs, I would caution that any agency needs to undertake their due diligence to ensure that they fully understand the implications around security, confidentiality, data residency and GDPR compliance before moving any data (whether live or backup) to the cloud.
Resilience can also be built into Internet connectivity, with diversely routed circuits or circuits delivered via different media such as wireless and fibre, thereby protecting against the majority of Internet downtime. With falling costs of Internet connectivity, I sometimes find that it’s even possible to achieve a dual Internet connectivity strategy for the same cost as the previous single line.
Many firewalls now also offer relatively low cost active/passive arrangements where one unit will take over from the other in the event of a failure, thus eliminating another single-point-of-failure from the network.
And user education and awareness also forms another vital part of the network resilience plan. Simple tips around password security and exercising caution with opening attachments or clicking on links, can go a long way to avoiding problems such as ransomware attacks, at very little cost.
In summary, there is much that recruitment agencies can do to ensure they are compliant and that they minimise the business risk of costly downtime. Changes in technology have meant that many of the solutions available today are affordable and practical for small and medium size recruitment agencies.
If you would like to find out more about improving your agency’s network resilience, or you would like assistance in protecting your data for GDPR compliance, please do not hesitate to contact me on (01494) 444065 or email email@example.com