Monday, May 31, 2010

ERM-BC-COOP: Keep Own Copy


An organization with which I am affiliated had a web site.

The web site host provided the organization's site gratis - free, even.

Somewhere along the way, the site was hacked - several times. (My geek son tells me the hacker had an easy time due to sloppy PHP programming; I don't know who did the programming.)

Anyway, the site was taken down until it could be restored to a "pre-hacked" status.

Now here is the "got'cha."

Because (I was told) the site was a freebie, no one ever made back-ups of the files on the server. While I find that hard to believe, it seems true. (Yes, I know you can do selective backups, but all things considered, it seems easier to backup the entire server occasionally than to sort out the paid from the freebies.)

I have my own site ( hosted by ( I pay for the space and I know that 1and1 backs up my files. Over the course of several years, there was one hiccup and all my files were restored to "pre-hiccup" status.

Still, "things" happen, so I make it a practice to keep a copy of at least the newest files on the Toshiba, if not in all the formats I put up on 1and1, then at least in the basic word processor format; I always can recreate the HTML coding, write to PDF, and save as text as long as I have the original file. (My HTML is hardly sophisticated and I have the code strings saved in a text file for east cut-n-paste into the word mangler. CutePDF provides the PDF version.)

Even in "native" format, the word processor files hardly make a dent on the Toshiba's hard drive capacity. Add a few graphics and there still is lots of free space on the drive; plus after a couple of months - when I am absolutely, positively certain 1and1 has backed up my files, I DELete them from the hard drive.

(My first internal hard drive had a 20 MB capacity, so purging unused files from the drive became Standard Operating Procedure (SOP), a procedure that became a habit hard to break. My digi-cam with a slightly-larger-than-a-postage-stamp memory card has many, many times more capacity than my initial hard drive. And is a lot less expensive, too.)

If we ever get the organization's site up again - thanks to allowing the thing to fall through the (time) cracks, the domain name no longer is retrievable - and if I have anything to do with it, original files will be saved locally and replicated to the web host's servers.

It's simply good business practice to CYA - cover (protect) your assets - especially when someone is doing you a favor (or maybe it just seems that way).

John Glenn, MBCI
Enterprise Risk Management practitioner
Hollywood/Fort Lauderdale FL

Comments are welcome, but they MUST be in English to be published.

No comments: