Business Continuity Planning and Preparation
November 30, 2017 | Steve Simpson
What would happen if your network went down, your systems failed or disaster struck your organization?
Would you have a plan in place to get back up and running? If you have a business continuity or disaster recovery plan, do you know if it’s effective and if it allows you to recover quickly? Have you tested it to see how well it works?
These questions are essential for you to consider, because all it takes is one mistake, system failure or unforeseen event to halt your operations. Any amount of downtime can cost your organization potential profit and can negatively impact your reputation with current and potential customers.
As you ponder your answers to the questions above, read on for some practical steps to help reduce and/or recover from downtime and disasters.
What Does Downtime and Disaster Really Mean?
When you think of a disaster, you probably envision a major flood (like Hurricane Harvey), a tornado or an earthquake—ones that attract major media attention.
But IT disasters and downtime are different. Power surges, office fires and employee mistakes can also cause major devastation to your business. While computers are more advanced than ever before, they are still incredibly sensitive to temperature, condensation, airflow and user error. It doesn’t take much for a routine occurrence to become an IT disaster at any given moment.
Forrester reports that the top five causes of downtime are:
- Power outages
- IT hardware, software or network failures
- Human error
Natural disasters can happen and cause downtime, but power outages, technology failure and human error are much more likely to impact your organization.
Downtime and Disasters Happen Often
Research from Forrester reveals that one in three organizations have had some kind of disaster in the last five years.
When it comes to disasters, there’s always a tendency to think “That won’t happen to me! I don’t need to worry about those things happening to my organization.” While it may seem like your organization is safe from harm, the reality is that you could be minutes, hours, days or months away from a disaster. The future is impossible to predict, and the best anyone can do is plan for it.
Why Downtime and Disasters are a Big Deal
Every day, you want everything at your organization to run smoothly. Downtime and disasters halt your operations or even permanently stop them.
Forrester found that loss of productivity, lost business opportunities and low employee morale are the biggest impacted areas of downtime. These negative consequences of downtime and disasters aren’t fun to think about, but it’s important to grasp what you need to do to reduce the impact of any incident and how you would continue to serve your customers.
Create and Implement a Business Continuity Plan and Disaster Recovery Strategy
Before we go on, let’s briefly define business continuity and disaster recovery.
Business continuity is trying to minimize disasters from happening to your organization and having redundancy to get you through unforeseen disasters. In other words, it’s disaster preparation and prevention. It’s also thinking through emergency processes, employee communication and how to continue providing services and support to customers.
Disaster recovery involves the tools needed to put the damaged portions of your operation back together in a defined timeframe. Often, the focus is on the technology side of the operation, but also includes areas like customer service and infrastructure.
Now, let’s talk about how to best prepare your organization for downtime and disasters.
It’s critical to have disaster recovery and business continuity plans in place. These plans should clearly state what to do if a disaster occurs, and how to get your organization running again as quickly as possible. As you’re creating and implementing your business continuity plan, it’s also important to calculate the cost of downtime and determine recovery time objectives.
A key way to enhance disaster recovery following your plan creation is to conduct a tabletop exercise. This exercise will help identify a list of procedures and processes to follow to ensure everything is executed and implemented correctly and can help enhance your existing plan. A tabletop exercise will educate employees on the exact procedure if an incident occurs and enables them to follow the plan with more confidence in moments of stress.
Identify At-risk Areas and Recovery Objectives
To identify at-risk areas in your organization, there are a few things you can do.
First, test your business continuity plan and see if there are any flaws or areas that need improving. Doing this ensures that everything is still accurate and the best it can be.
Second, you might hear vendors refer to response time objective (RTO) and recovery point objective (RPO). RTO refers to how quickly you want to be back up and running after a disaster, while RPO identifies the timing of your data backups to coincide with resuming mission-critical operations after a disaster occurs. Make sure your organization sets both objectives, so there is a standard to adhere to and follow.
Third, take a hard look at your current IT operations. Are there any areas where you’re struggling? What are your current security measures? Cyberattacks are a massive threat to organizations. Preparing for downtime and disasters include having effective cybersecurity solutions in place to prevent hackers from stealing your data and disrupting your operations. According to Trend Micro, 64 percent of organizations need to restructure their security to protect against hackers and cyberattacks. Ensure your data and organization are safe by implementing a solid cybersecurity strategy.
Find Services That Minimize Downtime and Data Loss
Creating a recovery plan and fixing at-risk areas are essential steps to take. However, it’s also important to have regularly scheduled data backups and restore testing processes.
It’s amazing in today’s data-driven world how many organizations don’t regularly backup data and files. Websites, internal documents, employee information, health care records and even financial information can all be lost in seconds if the right safeguards aren’t in place.
Ideally, your organization should have automated and encrypted backups being stored both onsite (on a secondary device) and in a remote data center facility. That way, if a disaster does strike, you can be back up and running within minutes or hours, without losing important transactions, data or communications. This is often referred to as a warm disaster recovery site, where your data, system storage and infrastructure are replicated and safe in the cloud, so you can continue to interact with your customers and remain virtually uninterrupted.
Having a plan for downtime or disaster is imperative for your organization and can be the difference between surviving or collapsing.