Disaster Recovery Dos & Don’ts

 

Credit unions have had their fair share of setbacks in the last year. However, the recent 4th quarter report from the National Credit Union Administration (NCUA) shows that assets, shares, and deposits grew during the last months of 2021. To capitalize on that momentum, your credit union must continue to provide more on-demand and real-time products and services while you grow your member base.

But you can’t do that without a top-tier disaster recovery plan. But what does a good plan look like? Let’s go through some disaster recovery dos and don’ts.

Do: Set Plans & Goals for Your Disaster Recovery

Every disaster recovery system needs to be tested. And for you to measure how well your test and disaster recovery system work, you need to have something to measure against.

The best way to do that is to identify and set goals for KPIs (key performance indicators). The most common include recovery time objective (the amount of time that can pass before your business has been impacted by the disaster) and recovery point objective (the maximum amount of data that can be lost).

Best practice is to test your disaster recovery and business continuity plans at least once every year. This includes emergency evacuation drills, walkthroughs, and risk assessment reviews along with your recovery plans.

Don’t: Rely on Protecting Just the Basics

It’s important to protect the core components of your business in your disaster recovery plan, including the items that you need for compliance reasons. But that should just be a starting point. As you work on your disaster recovery strategy, it’s important to look at all aspects of your credit union’s operations.

Are there contingencies in place that will allow you to communicate with remote or offsite staff members? Are your software, app, or plugin vendors considered in your plans? Do you have a detailed description of who does what during the disaster?

Even if you don’t prioritize everything on a scale from most important to least, thinking through the intricacies of your credit union’s operations can help you mitigate damage and mobilize support when it’s necessary.

Your disaster recovery plan can consist of several smaller plans based on your credit union’s branches, departments, and even the emergency type.

For example, your IT department may need to have different priorities in different disasters. This can be based on the potential threat to the physical components of your security system versus the digital ones.

Do: Make Your People a Priority

You’d be surprised how many disaster recovery plans go into exquisite detail about the operations and technology considerations, but they leave out the human element.

Many disasters are natural or physical in nature – and that presents many opportunities for your staff to be harmed. Here are a few things to think about as you create your credit union disaster recovery plan:

  • Where are the shelters or gathering areas for things like a fire, flood, tornado, hurricane, or another natural disaster?
  • What is the survival plan for your employees if there is an active shooter?
  • If people are injured, how do you want your teams to help? Which staff members should be prioritized? These questions and plans may need to be augmented by a medical professional’s opinion.
  • Who will contact the authorities in the event of a disaster, accident, or other harmful situation?

You can’t ensure business continuity if you aren’t protecting the ones who are doing that work for you. And don’t forget to make sure that all your employees are able to get to your designated areas without trouble. This includes people with physical disabilities (from limited mobility to deafness or blindness)

Don’t: Forget to Define the Impact of the Disasters You’re Preparing For

You can increase or decrease the scope of your credit union disaster recovery plan to include a business impact analysis.

A business impact analysis can help you measure and prepare for how each different disaster will actually affect your operations. This includes everything from employee tasks that are interrupted or rendered unusable, impact on credit union members and member services, data loss, and more.

Here are some examples.

Let’s say the disaster you are preparing for is a ransomware threat. In the business impact analysis, you’d list the impact of that disaster: data loss, employees unable to access files which lead to lost productivity, corruption of technology and other digital assets.

However, if the disaster is a tornado, the impact is much different: loss or damage of equipment, buildings, etc., potential data loss, information systems going offline, human injury, loss of productivity, member services and experience will suffer.

These impact areas may be different based on the size and operations of your credit union. But a good business impact analysis will not only prepare you for what to do in an emergency, it will also show you what areas will suffer. This gives you insight into what and how you should implement preventative and other measures to create a successful disaster recovery plan.

Worry-Free Disaster Recovery Services

Server crashes, human error, malicious activity, natural disasters – your credit union could succumb to any one of these disasters at any time.

Disaster recovery is an integral part of your business continuity. As more and more people rely on real-time banking technology, any downtime and data loss are major hits to your credit union.

IMS offers worry-free disaster recovery. We help you keep your credit union operational by ensuring your critical servers, branches, and third-party vendor communications are all recovered quickly.


Debunking 3 More Credit Union Cloud Myths

 

In a previous blog post, we debunked 3 credit union cloud computing myths, and we’re here to do it again. Cloud computing has been gaining popularity for years, but the events of 2020 and 2021 have accelerated widespread adoption. And with that rapid change comes new concerns. Let’s debunk 3 more common credit union cloud myths.

Myth: The Cloud is Only Good for Backup & Disaster Recovery

This myth is a little difficult to debunk because we must omit just a single word (“only”) from the myth to make it true. Cloud computing is a secure way to back up your data, and it’s also an effective option for disaster recovery practices.

But this is just the tip of the iceberg. For example, IMS’s Private Cloud Services also include:

  • Infrastructure-as-a-Service provides a safe and secure home for your servers
  • Core Hosting: IMS can manage and operate your credit union’s core system to whatever extent you need
  • Virtual Desktop provides a complete virtual workspace, a crucial element in this newly remote world.
  • Colocation Services keeps your data perpetually available by adding redundancy to your systems.    

Myth: One Cloud Will Rule Them All

There’s also a prevailing double-edged cloud myth, and it is that you either need to be extra meticulous in choosing the one cloud solution that will “do it all,” or that once you have broken the seal and start using one cloud service, you’ll end up needing dozens or hundreds of different cloud providers in order to successfully do all the things you were already achieving with your in-house or data center-based system.

Many organizations choose a multi-cloud strategy, but that doesn’t mean you can’t have success with one cloud, and it also doesn’t mean that you will have to collect cloud management systems the way people collect stamps or comic books.

Myth: Cloud Data = Public Data

Another extremely common cloud myth is that once it’s in the cloud, your data is accessible to the public – as in everyone. There are tons of jokes in movie scenes about how once something is up in the cloud, you can’t get it down, and the information (no matter how private or incriminating) is now broadcast for all the world to see.

The Florida Institute of  Certified Public Accountants shared some great insight on why this notion is a myth: “There are public clouds (shared environments) and private clouds (dedicated environments.”

Public clouds like Google, for example, have multiple tenants and typically operate under pay-as-you-go models. A private cloud, however, is a single-tenant environment where all hardware and network components are dedicated to one client (or business).

Either way, there are no options where storing your information in a cloud network is akin to putting your data on a public billboard or allowing random individuals access to your credit union’s sensitive business or member-based data.

Bust Your Credit Union Cloud Myths – See the Results for Yourself

IMS offers Private Cloud Services that can help you safeguard your member data at all times, but especially when your credit union is most vulnerable. Contact IMS for more information.


3 Ways To Stay On Top Of Credit Union Technology

credit union technologyEvery time a member completes a simple transaction, chances are they won’t be thinking about all the integrations your credit union implemented for it to happen. Members aren’t thinking about how the core is integrated with applications whenever they check their account balance. They just expect their account data to be there, and for your app to work as it should. It is now your credit union’s responsibility to anticipate members’ needs and provide the specific tech solution they demand.

But how can your credit union provide these solutions if there is little awareness of available technologies?

Technology advances every single day. Staying updated on the latest available innovations not only gives your credit union a competitive edge, but it also helps you provide a wider range of member services.

Here are 3 quick and practical ways your credit union can keep up with the latest technology:

Opt In To Tech Marketing Communications

Third party technology providers usually send out marketing emails that you can subscribe to. While not every email may offer the insight or breakthrough that you’re looking for, keeping tabs on what’s new will help you stay up to date on credit union technology. Your core system provider might be offering services you could use to your advantage but you didn’t know that they were available to you and your members. It’s rare that you discover innovations if you aren’t looking for them!

Attend Industry Webinars

Tech partners often announce and hold webinars. These are low-risk and high-reward ways to educate clients and partners. Sessions typically last 30 minutes to an hour. Providers often discuss new and emerging innovations, or more effective ways to use current systems. If one of your primary goals is to optimize credit union operations, it’s crucial that you learn to use core technology to its fullest potential.

ELearning Programs And Other Online Resources

As of this writing, there are multiple credit union associations that offer helpful eLearning programs, as well as online resources provided by technology partners. These learning centers develop and share industry training and professional development to help partners improve in several areas, including operations, compliance, research, marketing and strategy.

By regularly exploring these resources, your credit union will have a better idea on which areas of knowledge you should invest more time in.

Continuous education is a critical part of being an excellent financial institution, although leadership often underestimates it. It’s easy to fall behind when it comes to tech and service offerings since they constantly improve and change. If you embrace the wealth of resources that credit union technology partners offer, you’re well on your way to staying on top of industry technology and core solutions.