Like QuickBooks, Acctivate becomes a core integral part of day-to-day business operations. Because of this, it's important to have a disaster recovery plan in place in the case of ransomware attack, server crash or another unforeseen event.
QuickBooks and Acctivate are probably the two most important programs for your business. QuickBooks handles all of your company's financial data and records and Acctivate handles inventory, order fulfillment, and more. Imagine if suddenly one day, you no longer had access to these integral applications due to a server crash or a ransomware attack. Would you be able to continue day to day operations? What kind of financial impact would this have? How would this affect your customers?
These questions and more are some of the most important questions you can ask. With subjects like ransomware and hardware stability being ever present in our current lives, it's more important than ever to come up with a disaster recovery plan for what to do if something happens and you are unable to access your ERP.
A disaster recovery plan is a plan crafted in advance with steps on what to do when/if you are ever hit with a disaster that can render your system unusable. Some of the most common scenarios that can lead to a loss of usability are:
- Natural disaster strikes and your server is damaged beyond repair.
- Ransomware hits and the attackers demand a large sum of money for the return of your files.
- Your server encounters an unforeseen software/hardware error rendering it unusable.
All of these scenarios can strike at any time and are real scenarios we've seen before. This article will walk you through steps and considerations for your company to create your own disaster recovery plan.
Backup QuickBooks and Acctivate often and copy your backups off site:
The main way to ensure you're not left in the cold when disaster hits is to back up your data frequently and store the backups off-site. This means backing up your QuickBooks file and Acctivate SQL database on a regular basis and then transferring these backups to a cloud service such as OneDrive, Google Drive, etc. We highly recommend storing these backups in a cloud service vs a physical hardware device. Neither Alterity nor Intuit stores customer databases, so it is your responsibility to back up your own data. We cannot help if you do not have a backup!
Create a backup routine that works for your company. Ask yourself "How much data can we afford to lose?" Is the answer a day? Maybe a week? Whatever the answer is should determine how often you backup your Acctivate database and QuickBooks company file. If you can afford to lose a week's worth of work, start backing up weekly. If you can't afford to lose more than a day's worth of work, then backup daily. Whatever the case, be sure you are sticking to a routine and backing up your database. If you're not aware of how-to backup the Acctivate database, check out this article. If you're not aware of how-to backup your QuickBooks company file, check out this article from Intuit.
You can also create an automated backup routine to automatically backup the Acctivate database on a schedule using Windows Task Scheduler. We have a guide on that here.
After you create your backups, be sure that you are copying these backups off site. This can be a OneDrive directory where you simply drag and drop the backup files from their directory to paste them into a OneDrive folder. This could be a Google Drive directory. This could even be a carbonite or other backup software cloud directory. Be sure you're keeping to a routine and organizing your backups. See below for an example:
Every other End of Day, Southwestern Industries' IT create a new folder on their OneDrive within the "Backup" directory. This folder's name is the date of the backup.
Within each folder contains the .BKF file for the database as well as the QuickBooks company file backup.
Backup your Custom Reports folder off site any time changes are made:
In addition to your Acctivate and QuickBooks database, you may also want to back up your custom reports. Currently these reports are not included in the database (although we plan to do so in the future.) For the time being, you will want to be sure that you're copying your custom reports folder (located on the server at C:\ProgramData\Alterity\Acctivate\CustomReports) to an offsite location (preferably with your database and QB backups) any time changes are made to a report, or a report is added.
Know your important license credentials/license number:
If your server fails or is inaccessible, you'll need to install Acctivate and QuickBooks on a new server. For Acctivate you'll need your license credentials which are found on your receipt when you purchased the system. You can also ask support or your account manager for this information. You'll also want to make sure you have your QuickBooks license information and product number as well. If you don't know how to get this, check out this article from Intuit. Don't wait until disaster strikes to get this information. Store it in advance so you can reference it.
Know how to re-setup Acctivate and QuickBooks on a new server:
Should you need to suddenly use a new server, it's important that you know how to setup Acctivate and QuickBooks on your new or temporary server to minimize downtime. For QuickBooks, refer to Intuit's article regarding that.
For Acctivate, you'll need to know how to do the following:
- Install Acctivate on the new server.
- Restore Custom Reports.
- Create a company file in Database Maintenance.
- Restore the database
- Point the workstations to the new server.
- Relink Acctivate with QuickBooks.
Routinely inspect hardware and security vulnerabilities
The best way to recover from disaster is to prevent it in the first place. Create a routine where your IT inspects your server technology to ensure all systems and hardware are operating accordingly. Use built in tools such as Windows memory management, or Performance manager. Watch for signs of slowing hardware, crashing programs, or boot speed. These are all signs of hardware that could be failing.
Also get into a routine of checking for security vulnerabilities. Can a user access a network resource they shouldn't have access too? Can a user in QuickBooks or Acctivate look at a module that doesn't pertain to their job? Are there any devices on your network you do not recognize? These are all important questions to discuss with your IT or management team.
Also be sure you're on top of training employees in good security practices such as not clicking links in emails from unknow sources, not downloading software on their work computer that doesn't pertain to work, and not using their work computer for personal activity. These are all good practices to teach your employees and can prevent a security nightmare.
Lastly, ensure that only those who need access have it:
What if customer data was leaked from your company? Or what if trade secrets were given away to a competitor. Could your company handle the bad publicity and recover?
Disaster can come in the form of a disgruntled employee who leaks trade or customer information. The best way to ensure that data is never leaked or lost is to ensure that all steps have been taken to ensure the data cannot fall in the hands of someone that shouldn't have it! This means setting appropriate permissions in QuickBooks and Acctivate. Each individual user should have their own user account with permissions tailored to their role. Your warehouse team should not have access to sensitive customer/financial information.
Ensure this is also the case with your backups! Don't allow access to your backup files unless the user is authorized. Backups can be restored to access sensitive information that a user couldn't normally access without permissions. Make sure that only a few select people have access to your backups. Not too few that if something happens your restoration falls on one person, but not too many that unauthorized employees can access data.
Be sure you're changing access password frequently and not sharing access accounts among users.
Other considerations for a disaster recovery plan:
Now that you know what all goes into a recovery, there's some other considerations to keep in mind not discussed above. Consider the following:
- Do you have other important documents outside of Acctivate and QuickBooks such as excel worksheets, financial statements and tax paperwork? Consider also backing these files up to a OneDrive or other cloud service.
- If your network is hit with ransomware, you should NOT reuse workstations for your new server until they have been completely wiped out and restored. Do NOT add a new server into a domain with infected computers as this can allow hackers to continue to spread across your network.
- Consider having backup technology for the case of a disaster. Should your server crash, how long would it take a new one to arrive? Is that time you can afford to lose? Consider either hanging onto older technology or having backup technology for this purpose. (Remember that you cannot downgrade SQL so if you're on SQL 2019, you cannot use a version of SQL lower than 2019. You will need to install 2019 or higher on the older technology.)
- Consider going with a cloud hosting provider if you're not able to form your own recovery plans. Cloud hosting providers can remove all the stress of disaster recovery by them hosting your data instead. Our partners such as RightNetworks, GoToMyERP, Noobeh and others can take the stress away from worrying about disaster recovery as all of your data is stored safe and securely in their environment. You can even use Windows Azure if you'd like to have more control over cloud hosting.
- Create a disaster recovery plan BEFORE disaster strikes. Do not wait until it is too late to come up with a plan for recovery. Your day-to-day operations could depend on it! In the words of Benjamin Franklin, "An ounce of prevention is worth a pound of cure."