5 Tips for Holiday-proofing Your IT Infrastructure
If the store shelves at Home Depot and Lowe’s are any indication, the holiday shopping and decorating season started mid-summer. Consumers may complain about the early appearance of traditional Christmas décor and gifts, but the National Retail Federation (NRF) reports that, “each year about 40% of consumers begin their holiday shopping before Halloween.” That doesn’t mean that 40% finished up — or that the other 60% won’t be waiting until the last minute to get started.
In other words, the end-of-the-year holiday rush is still on. And when it comes to its potential effects on your organization’s IT infrastructure, it doesn’t matter if your business is in the retail sector, some place in the supply chain, or in an unrelated industry. The period between Thanksgiving and New Year’s Day can put a strain on your IT resources. If your company is not already prepared, it’s time to start. These five tips can help.
1. Prepare Your Internal Resources
Your IT staff will likely want some much-deserved time off over the holidays. Figure out schedules now. Make sure that mission-critical information is shared among all team members. If someone is covering for someone else over the holidays, you want that person to have all the information needed to do the job and the person who is not working to not be interrupted while off the clock. Have team members “shadow” each other for a day or at least for a few hours. Good, recently verified documentation is also essential. Just in case, have up-to-date contact information and a call tree available for all team members.
2. Take Advantage of Managed and Professional Services
If your IT department is understaffed, over-worked, and stretched thin, things could get worse over the holidays. Tip #1 above will likely not be enough. It may be a good time to consider outsourcing some of the day-to-day IT responsibilities and functions to a service provider. If you have a major IT project starting up, such as DR planning or a data migration, or just need to temporarily augment your staff, hiring a professional services team that specializes in those specific project types and services could free up your internal resources, save your company money, and keep your internal customers happy.
3. Get Ready for the Surge
If your company maintains a web site that handles ecommerce of any kind — gifts, special event ticketing, travel arrangements, etc. — make sure it’s ready for the holidays. With ad campaigns, special promotions and “the season of giving” all generating heavier than normal web traffic, there’s a good chance your site could get bogged down or, worse, go down. The result: lost sales and unhappy customers.
Do you have access to resources that allow you to scale up to handle traffic spikes and scale back down when traffic subsides? If not, consider a public cloud service, like US Signal’s flexible resource pools. You select the memory, storage, and compute resources that best meet your requirements. Then, dynamically allocate your resources by creating and destroying any number of VMs to fit your applications and needs.
Another option: use a load balancer, available from your cloud services provider, to evenly distribute your traffic across multiple web servers, preventing any single one from overloading. If a server does fail, the load balancer will redistribute the traffic across other servers. Re-distributing web traffic also helps reduce overall latency for your web site visitors.
4. Test Your Disaster Recovery Plan
Whether a freak blizzard delays traffic, keeping team members from getting to work, or an unexpected wind storm causes a power outage, you don’t want that business-disrupting event — or any other kind of disaster — to wreak havoc on your infrastructure. Make sure you have tested DR plan in place, including the resources needed to execute it. (Need help putting together a DR plan? Take advantage of the information in US Signal’s Guide to DR Planning.) Ask your providers about their DR plans and operational redundancies as well. It’s in your company’s best interest to hold its technology partners accountable.
5. Bolster Your IT Security
Cyber-attacks are not limited to a season, which is why IT security is a 24/7/365 endeavor. However, the holidays are a tempting time for cyber thieves. To make sure your security profile is as strong as possible, consider the following:
- Invest in an external security audit. If gaps are discovered, immediately take care of them. This should be in addition to any PCI DSS compliance your organization undergoes.
- If you’re working with a cloud services provider, is it PCI DSS compliant? Your organization is ultimately responsible for meeting its compliance obligations — which typically include technical security issues — but a PCI DSS compliant provider can help. If you’re not working with a PCI DSS compliant provider, it’s a good time to start looking for one.
- If you run an ecommerce site, don’t offer online guest checkouts but do enforce address and credit card verification. Your systems should also be monitored constantly with alerts set up based on activity, transaction amount, and volume.
- Only allow secure connections, which means using HTTPS instead of HTTP.
- Avoid storing sensitive data. If you must store sensitive data, make sure it is encrypted. Also review your data access and authorization tools and policies to ensure the right people access the right data at the right time.
- Take advantage of managed security services. Third-party managed security providers maintain the most up-to-date technologies, tools, and expertise to combat malware and other types of cybercrime.
- Make sure all patches are up to date. (This is another area in which offloading this task to a managed services provider can help ensure you get the benefits of the most up-to-date services and resources.)
- Educate everyone in your organization on the various threats and how to respond to them.
Make Your List. Check It Twice.
Don’t wait until the winter holidays are upon us. Make a to-do list for preparing your IT infrastructure, double check it and act. It will be one of the best gifts you can give yourself and your IT team this year.