Monthly Archives: October 2015

7 Steps toward more resilient business continuity

Business continuity and disaster recovery have become more complex and challenging matters in the era of digital operations, as companies are far more reliant upon advanced technology today than ever before. Even small issues or vulnerabilities can end up crushing a company's bottom line, and will all too often lead to the closure of an organization, given how quickly the costs of outages tend to rise.

The Federal Emergency Management Agency estimated that roughly 40 percent of all American small businesses will close their doors forever following a major disaster, as they are not prepared to handle recovery needs. This should make it clear that all companies need to have a a strong disaster recovery and continuity plan in place, but especially entrepreneurial firms since they tend to be more vulnerable than their larger counterparts in these matters. 

Understanding the basic and more advanced best practices involved in these strategies is critical, while the support of a managed service provider can go a long way toward boosting a company's performance in these areas. Some of the easiest changes to plans will make a world of difference, while leaders will need to remain diligent when trying to keep their continuity plans relevant and optimal over time. 

Disaster planning needs to be a priority among all business leaders. Disaster planning needs to be a priority among all business leaders.

Here are seven steps toward successful recovery and continuity strategies:

1. Data backup
Starting with the simplest one of all, business leaders who have not yet deployed data backup solutions will need to do so as soon as possible. The cost of data loss can be immense, while the services available to protect information are becoming far more affordable as time goes on. Rather than relying on traditional, outdated assets for these purposes, small-business owners will want to leverage cloud-based tools to better defend their information from loss. 

2. Seasonal specificity
From a planning perspective, entrepreneurs might want to consider building a broad plan that covers needs throughout the year, but then also have more specific ones in place to handle threats that occur on a seasonal basis. Since winter is right around the corner, business leaders should focus on this one primarily, and mitigate the various threats such as extreme cold, power outages and powerful storms. The Insurance Information Institute estimated that winter storms cost the U.S. economy $26.9 billion last year, and more progressive protection is needed to cut back on this in the coming months.

3. Employee training and awareness
One of the more commonly missed aspects of recovery and continuity involves the preparation of ground-level employees for their responsibilities when a disaster occurs. Training and development can help to boost intelligence related to these matters, while experiential assessments and learning will give staff members a better chance at handling their responsibilities under duress in the event of a major event. 

4. Protect networks
Networks are another component of infrastructure that businesses often leave out of their continuity strategies, which is a major error. Gartner's Andrew Lerner estimated that the average cost of network downtime is roughly $5,600 per minute, and $300,000 each hour. Network contingencies should be implemented to avoid these massive losses and keep the business running even when primary systems have been compromised. 

5. Create flexible operational processes
Telecommuting and remote work have become more commonplace in the past few years, presenting entrepreneurs with opportunities to create more agile recovery and continuity plans. When employees are capable of working from home – having access to mission-critical apps and data, as well as other assets remotely – the business will be better-positioned to function normally even when the main operating facility is unavailable. 

Telecommuting programs can bolster operational continuity in the event of a disaster. Telecommuting programs can bolster operational continuity in the event of a disaster.

6. Test and refine
The Disaster Recovery Preparedness Council reported that 23 percent of companies never test their continuity plans, while 65 percent of those that do fail the evaluations regularly. This might be why nearly three-quarters of the survey group were far behind when it comes to maintaining continuity. Testing is perhaps the most important aspect of recovery and continuity, and business leaders must ensure that they are regularly refining their programs to avoid loss and disruption. 

7. Don't forget security!
Continuity and recovery are most heavily rooted in uptime and operational contingencies, but security is a growing threat that can impact virtually any company's bottom line and livelihood. Having a separate IT security plan in place is certainly advisable, but incorporating certain components into recovery and continuity frameworks can be helpful, especially when modern backup solutions are being used. Protecting primary and backup storage, networks and other assets will go a long way toward mitigating the cybersecurity threat. 

As always, working with a managed service provider that specializes in small-business disaster recovery and continuity needs will work to the advantage of entrepreneurial firms. Investing in these services can be more efficient than trying to go it alone, and will likely bolster the success of the programs over time. 

Knowledge is power in business continuity

Not so long ago, experts and advocacy groups worried that the average small-business owner was fearfully unprepared for a major man-made or natural disaster, and that many of them did not understand the basic tenets of continuity. In the past few years, awareness has appeared to spread, but entrepreneurs cannot relent on their path to not only become more well-versed in the best practices of continuity and recovery, but also incorporate them into standing strategies efficiently.

Research can go a long way toward boosting recovery and continuity performances, as a well-informed business leader will tend to be better positioned to protect corporate assets and operational processes from various disruptions. Luckily, there has been a major push for use cases and studies on these types of topics, giving entrepreneurs plenty of resources to pull from when developing, executing, evaluating and refining their disaster recovery and continuity programs.

Facts of note
BizTech Magazine recently explained some of the more common ways in which companies fail to maintain consistent operations in the event of a disaster, as well as the riskiest threats facing modern continuity and recovery management. For one, the source pointed out that the Federal Emergency Management Agency still places the likelihood of businesses to close forever following a major disaster at 40 percent, which is better than 2009 but still leaves plenty to be desired.

The government has become more involved in educating the private sector regarding the various risks involved in disaster recovery because of the massive economic damages incurred from unprepared companies. According to the news provider, many firms are simply not getting the basics right, as evidenced by the types of issues that tend to cause the greatest disruption and longest-lasting outages among organizations today.

A seasoned professional will often be necessary to tighten up continuity plans. A seasoned professional will often be necessary to tighten up continuity plans.

As a note, this is also why so many firms have turned to managed service providers to help out with their continuity and recovery needs, essentially reducing the risks most closely associated with internal negligence and errors. BizTech Magazine pointed out that human error is responsible for nearly three-quarters of datacenter issues, and that many firms remain susceptible to disruption thanks to a lack of contingencies for mission-critical systems.

To back up that assertion, the source cited a finding from the Disaster Recovery Preparedness Council that mechanical failures within primary IT systems cause 50 percent of outages. Backing up these systems with cloud services can essentially negate that risk.

Better guidance
While research into internal and external matters can help to improve decision-making related to recovery and continuity strategies, nothing is more valuable than a highly tailored line of guidance from experienced professionals. Small-business owners can work to reduce the strain placed on employees and bolster the effectiveness of these initiatives by identifying a managed service provider that specializes in supporting entrepreneurs through their relevant endeavors. 

A closer look and more specific guidance following a professional evaluation will almost always take continuity and recovery performances to the next level. 

Improving the outcomes of DR tests

One of the more critical aspects of disaster recovery planning involves the testing of relevant technologies, processes and policies, as well as the users involved, to ensure that the framework can actually work when an event takes place. Unfortunately, this is among the most overlooked aspects of continuity as well, meaning that many firms will not learn if their recovery plans are actually effective or not until a real disaster comes to pass, increasing risk in the process. 

With the right disaster recovery testing, various needs that were not seen or understood in the original planning stages will come to light, giving companies the opportunity to refine their programs prior to them being necessary. When working through the testing aspects, there are certain components that should be handled with a bit more care, as these procedures should lead directly to changes and improvements that can protect the company from long-term outages and disruption. 

Lessons from the government
Because governments are becoming more reliant upon digital technologies as time goes on, agencies have increased their efforts to streamline disaster recovery. State Tech Magazine recently explained some of the lessons that were garnered from the Virginia Information Technologies Agency last year, as well as how the public sector entity has improved upon its continuity and recovery skills since conducting the test.

DR plans must be tested and revised.DR plans must be tested and revised.

The source pointed out that this was no small job, since more than 22 separate departments were involved that have more than 200 servers in play at any given time. First, leaders found ways to completely overhaul its existing framework, which was very much a cookie-cutter approach that did not necessarily tackle any of the actual needs of the agency through advanced change management and culture shifts. 

According to the news provider, part of the overhaul involved the transformation of the ways in which the continuity and recovery technologies were being used, while testing showed that measurement of performances across systems that are used on an everyday basis was critical. Furthermore, State Tech Magazine noted that "validation" was a major step in the right direction for VITA, and the group of branches that were the focus of this strategy are now more resilient to disruption and outages. 

Apply to business strategies
Companies that do not test their plans and refine them regularly will be inherently less secure and protected than those that do, and these processes do not need to take all that much time to complete so long as they are frequent. Additionally, this can be a more difficult requirement to reconcile among smaller firms with less experience in these types of matters, so working with a provider of disaster recovery support and services can go a long way toward actual performance improvements. 

When testing is tight and the plan is agile enough to adjust when new risks come to pass or future technologies are deployed, businesses will be in a better position to remain successful despite what challenges arise. 

Nailing the strategic elements of business continuity

Corporate strategies are almost always reliant upon the adequate management of people, processes and technology, and this could not be any truer than when it comes to business continuity and disaster recovery. Any one vulnerability or issue can quickly upend the effectiveness of the strategy at large. To use a cliche, these programs will only be as strong as their weakest links and, suffice it to say, businesses cannot afford to allow any frailty to enter the equation. 

Risk management is all about being thorough, and the melding of management programs and policies to ensure that every large and small component of the relevant strategies are efficiently covered will be invaluable in the fight to shore up defenses against threats of all kinds. This begins with the core policy elements of disaster recovery and continuity, which must be tightly handled before moving on to the provisioning of technologies and distribution of guidance to employees. 

Essentials in planning
Supply Chain Management Review recently listed some of the core demands involved in manufacturers' disaster recovery and continuity planning, affirming that leaders must be exhaustive in their relevant actions. Even if a business is competing in a different industry, manufacturing presents a unique and helpful example of the best practices of recovery and continuity management given the immense and complex risks involved in the modern globalized supply chain. 

Planning is critical in business continuity. Planning is critical in business continuity.

According to the news provider, the creation of policies should be informed by plenty of internal and external research, with managers identifying all of the potential risks involved and proactively incorporating contingencies that cover every possible problem during recovery. Then, the source suggested implementing a measurement system that efficiently and accurately assesses any changes in the business or its market that could transform its continuity needs. 

This is one of the more overlooked aspects of continuity planning, and it is one that could lead companies to either spend too much on their relevant investments or fall victim to disasters that were not outlined in the original strategy. In that same vein, Supply Chain Management Review noted that the maintenance of these plans should be a constant priority among leaders who are responsible for keeping them in optimal form, with adjustments and analysis occurring regularly. 

Moving on to technology
Another advantage of putting enough effort into the planning stages is the fact that the subsequent policies and included information will make it far easier to make the right decisions on technology investments. This includes the provisioning of data backup and virtualization services, as well as supportive tools from managed solutions providers that can guide the company through the various stages of recovery. 

With this in mind, small-business owners will likely see their needs a bit more clearly following the creation of an exhaustive and intelligent continuity plan, and then can identify a service provider that closely aligns with the specific requirements involved in their operations. So long as leaders are thinking comprehensively, continuity and recovery performances can be quickly improved by these more progressive planning practices. 

Tightening up recovery strategies

With natural and man-made disasters becoming a bit more damaging and widespread as the years progress, more companies are beginning to get serious about continuity and recovery planning to avoid the prospect of disruptions and outages. However, when looking back only a few years, a majority of small business owners did not have a plan in place to handle situations associated with disasters, meaning that many are still trying to get these programs right. 

Luckily, managed service providers have stepped in and proven invaluable to many firms, especially those in the small business sector, as these entities can help to ensure that the policies and underlying technologies are aligned with best practices and set up for success. In the coming years, one can only hope that entrepreneurs will remain focused on immediate and long-term performance improvements within their disaster recovery and business continuity plans. 

Signs of failure
CIO Insight recently listed some of the more prevalent factors that will tend to hinder effective recovery following a disaster, affirming that many of the issues will tie directly into the planning rather than the actual technologies being used to protect systems and data. This is a common thread throughout the IT management conversation, as the tools provisioned and assets integrated into a company's standing technology frameworks will only prove valuable when the guiding plans are tight and relevant. 

The planning stages of recovery are among the most critical. The planning stages of recovery are among the most critical.

According to the news provider, one commonly overlooked aspect is backup power, especially for companies that are hosting their own servers, networks and data internally, which translates to lost information and disrupted systems. Comprehensive planning would generally work to reduce these types of missteps, uncovering every potential vulnerability and proactively incorporating processes and contingencies that will reduce the relevant risks involved. 

The source pointed to an especially popular problem that needs to be eradicated entirely, which involves plans that are not relevant to the risks faced at the present time – often a symptom of developing a strategy once and never giving it a second look. Entrepreneurs need to understand that recovery and continuity plans will only be effective when they are regularly reviewed and updated to ensure that all new threats are covered in a timely fashion. 

Intelligence available
Small businesses will tend to have the fewest resources and least experience with the disaster recovery and continuity aspects of management simply because they are new to the game and do not have large IT departments. In spite of this, many will still try to go it alone, thinking that they can conduct a few quick searches online and get all of the information they can possibly need to protect their operations from disruptions and outages. 

However, this is simply not the case, as plans need to be tightly aligned with the specific needs of the company, as well as the objectives formed with respect to uptime. With the help of a managed service provider, though, recovery and continuity strategies can be ironed out more effectively and efficiently. 

Industry-specific requirements in business continuity

Although many of the more prominent trends in IT to proliferate throughout the past few years have impacted a range of industries similarly, each business has to take a unique approach to management and deployment to get the job done correctly. Additionally, each industry will be impacted in at least some unique fashions by major trends, regardless of how consistent the technology is being used by individual firms given the differentiation between standards and best practices, as well as compliance.

In the realm of business continuity and disaster recovery, the only aspect shared among all companies regardless of industry or region is that a plan needs to be in place and plenty of technologies must be implemented to support the strategies. Law firms are increasingly seeing the value of expanding their recovery and continuity plans given the much higher volumes of digital assets being held in the sector today, and provide a strong example of how specialized programs can benefits companies more so than cut-and-paste approaches. 

Continuity in law
Foley and Lardner LLP recently listed several suggestions for law firms in the United States that want to boost their resilience to outages and disruptions through the use of more advanced business continuity and disaster recovery strategies. In a high-stakes industry such as law, companies that fail to maintain strong continuity will run into a proverbial universe of issues over time, including the prospect of losing clientele for not being viewed as reliable. 

Although many of the more prominent trends in IT to proliferate throughout the past few years have impacted a range of industries similarly, each business has to take a unique approach to management and deployment to get the job done correctly.Law firms need to get serious about business continuity.

What's more, legal issues can arise when outages begin to hold lawyers and other staff members from completing their tasks, especially when they are involved in litigation proceedings that rely upon constant availability and timely responses to opposing attorneys or the courts themselves. According to the law firm, when business continuity is at optimal levels of performance, negative legal exposure can be proactively mitigated by companies in this industry. 

The source also pointed out that law firms will be less likely to properly and successfully handle cases when they cannot handle their own risk management needs, making this a core responsibility rather than an optimal addition to standing policies. Furthermore. Foley and Lardner LLP noted that the use of third-party disaster recovery services is growing today, and these can be especially advantageous for firms that do not have much experience in the relevant responsibilities and tasks. 

Getting assistance
Any business that falls into as sensitive of an industry as law should always consider the prospect of leveraging managed services for their continuity and recovery needs, as taking a flippant approach can lead to significant increases in risk. Smaller law firms that do not have a robust IT department on payroll will likely benefit the most from these types of services, as they significantly reduce strain and disruption in one fell swoop. 

Working with a provider that offers a range of recovery and continuity services can go a long way toward protecting businesses from the immense damages associated with long-term outages and data loss.