Business Continuity Planning: 8 Tips to Help You Get Started
It’s the nightmare scenario of every business owner or leader. You’ve invested time and money in buying and integrating the right hardware and software. You’ve built the right broadband and wireless connectivity and implemented the proper support processes to keep your employees productive. So far, so good.
The bad news? It can all come undone if the wrong people – hackers, criminals, and other descriptors not suitable for this blog – manage to break into your meticulously built infrastructure and wreak havoc. Less insidiously, if your data centre or server room takes a direct hit from a flood, fire or similar disaster scenario, you’re in just as much trouble.
Do you know what you’d do if disaster struck? If you suffer a major hardware or software failure, if you’re hacked, or if you lose access to your data, who do you turn to? What’s it going to cost? And most importantly, will they be able to get you – and your business – back to work?
Traditionally, businesses have built disaster recovery plans – or DRPs – to document the what-ifs of restoring what’s been lost. But in today’s always-on, 24/7 economy, simply replacing your hardware and software is no longer adequate. A DRP remains an essential process to follow, but it’s no longer enough. The name of the game today is business continuity, and how you keep the lights on even after everything has been compromised. Here’s how to get the business continuity ball rolling:
Grab or build a template. If it isn’t documented, it isn’t happening, and documentation is always easier when you start with a properly structured template. The following templates make great starting points for most businesses: DisasterRecovery.org and TechTarget.
Build an inventory. Know what you need to protect. List all hardware, software and services that drive your business. Assess levels of importance to establish priority.
Know your people. Employees, contractors and vendors must also be part of your inventory process. Capture detailed contact information for all, and ensure the contact database is accessible to those who need it.
Outline anticipated scenarios. No one can predict the future, but it helps to document a few key loss-of-service scenarios that could potentially impact your business. Consider business impact analysis to better understand the potential bottom line cost of specific scenarios, which can in turn help build effective and efficient response plans.
Define near- and long-term recovery targets. Establish measurable milestones for interim and complete recovery to ensure you’re focusing your efforts only on the activities that keep your business moving forward following a disaster or outage.
Update the plan regularly. Since your business is changing all the time, your business continuity plan needs to evolve, as well. Set milestones at specific intervals – every 3, 6 or 12 months – to review what you’ve got to ensure it still meets current and anticipated needs. Update as necessary.
Practice. Your first exposure to the business continuity plan shouldn’t be after a disaster has occurred. Schedule dry runs to ensure all key personnel are familiar with it. Align this activity to scheduled updates.
Seek help where needed. Don’t think you have to do this alone. Help is available from experts that have worked with companies just like yours, and know the ins and outs of disaster recovery and business continuity planning.
The bottom line
Many of us often fail to plan for the inevitable until the inevitable actually happens. Unfortunately, customers don’t have much patience when businesses can’t deliver the goods. Failing technology – whether it’s from broken hardware, malevolent hackers or inadequately trained personnel – is no excuse, and businesses today need to have a Plan B for when everything goes dark. DRPs no longer cut it. You need business continuity, and developing your own business continuity plan helps to ensure that your business has a successful security strategy.
By Carmi Levy
The Bell Blog team