It is impossible to think too much about protecting your data. If you are operating in the cloud, your provider is responsible for the data that their systems provide. If you are responsible for Information Technology at your firm, protecting data has to always be top of mind. Backup and recovery is not an area you can leave to chance. Everything that you don’t put in the cloud, you have to take the responsibility to backup. If you don’t have your data, your business is likely to fail.
Saving the right amount of data for the right amount of time and being able to recover the data in a timely fashion is important risk mitigation for a firm. We’d like your firm to recover from hardware failures in 2 hours or less, and from catastrophic incidents, like a fire, in less than 72 hours. We also don’t want data saved beyond your normal retention policies. Beyond that, from a regulatory perspective, data must generally be kept in the country in which it is used.
What are you willing to lose and how long can you afford to be out of operation? What is your current position? What is your risk appetite? Consider how long you can work without computing or your data. The size of your organization often dictates your appetite for risk.
Think about your organization’s need to be able to operate. How much does it cost you per hour when your computer systems are not working? Run your own numbers, but consider the weighted cost per hour of your team members. Consider this example:
If your labor cost per hour is $35/hour and benefits are about 1/3 the hourly cost, then the hourly cost of downtime is approximately $50/hour x 10= $500/hour for every ten employees. Therefore, one day of down time would cost the organization $500 x 8 or $4,000. If you believe your cost per hour per employee is different, substitute your real numbers into our illustration. However, you should always consider the hourly cost of downtime to the organization.
Ask your cloud provider about their service level agreement (SLA), which is a form of guarantee of service. You should also ask for a history of downtime in the past, which is often presented as a percentage of up time. You are looking for the service to be available four to six nines (99.9999%) of the time. This would mean approximately 30 seconds to 53 minutes of downtime in a year.
You do not have the ability to control the up time of a cloud based service or the reliability of your internet provider, but you can take steps to minimize the risk such as having more than one way to access your applications, or paying the premium of having redundant, failover communication lines. If you have a local hardware failure, it could take hours or days to copy your data back to local hardware. If you are running in a pure cloud service, you are counting on that provider’s expertise to execute their own recovery process and to put you back in service. Cloud providers have very skillful IT people, possibly more skillful than you can afford for your own computers or network.
If you are a single location firm, your owners and their homes are probably in the same geography. A major storm could cause loss of data from local hardware in both your office and home. The applications themselves are rarely backed up in this scenario, and if the applications are backed up, they can’t easily be restored to dissimilar hardware. Recovery times should be expected to be 72 hours or more.
Further, if a removable hard drive or USB stick with client data is lost or stolen, this could force your organization to report the missing data to your clients as a security breach. In most jurisdictions, if the removable device is encrypted, your organization is exempt from reporting if the device is lost or stolen. In the case of a data center, the reporting expense for a breach falls on the cloud software provider, potentially saving you a notable amount of money or time.
A key advantage to working in the cloud is that you can work from your office, a client site, or your home, and the data and applications are available in all places. If you run a multi-location organization or have a lot of mobile users, working in the cloud makes this much easier. Further, with cloud based applications, you can access your applications from any computer, and often from other devices like tablets or mobile phones.
Beyond the business advantages, if working in the cloud saves your business, you will consider the service provided priceless.
Want to join the the FreshBooks Accountant Network? Get certified to enjoy member-exclusive perks and subscribe to the newsletter.