"If you fail to plan, you plan to fail" - Benjamin Franklin
When it comes to formulating a business plan, few MDs would willingly put "failure" into their strategy. Yet it's actually an integral component - albeit for different reasons than you're expecting.
Continuity Planning is all about preparing for the worst - readying your business for a rapid response in the event of a data or service disaster. You'll want to make sure that your major tech is identified, the effects of its failure are known, and the response to any major event is as efficient and effective as possible.
It's a large undertaking, no doubt, but a recent study by the Business Continuity Institute demonstrates that as threat awareness grows amongst businesses, so too does the demand for preventative and reactive measures. The Institute's Horizon Scan Report 2019 lists unplanned outages, health and safety incidents, and even political discourse as threats to business continuity, proving that it's more than just technical failures that are fueling the concerns.
We've covered technical solutions such as Disaster Recovery and Data Backup in previous blogs, but however crucial these components are they're one of many components that form your full continuity plan; you'll also want to consider your assets, partners, human resources and more besides. After all, it's not only your technology that will be suffering the adverse effects - it's your people too.
Your first step, therefore, is to identify your vulnerabilities with a full risk assessment - covering the above and beyond. Your considerations include:
- Loss of Staff
- Loss of Systems
- Loss of Everyday Facilities (water, gas, electricity)
- Loss of premises (or access to)
- Transport disruption
Your second step is to form a Business Impact Analysis, or BIA. This is a researched prediction on the consequences of each compromised business function. If the phone lines went down, for example, would you be able to resolve incoming customer enquiries? If not, how would this affect your output, and how would that output affect daily earnings? What would the expense be for any recovery actions?
Your BIA should include an estimated cost for any worst-case scenarios, as well as estimated recovery times - your RTOs and RPOs. If you're not familiar with those acronyms, you can read more about them here. This'll give you an idea of how long and how costly each potential disaster could be. It can feel like a staggering amount to consider, but it's easier to do the planning now than midway through a major catastrophe!
Thankfully, the third step - implementation - needn't be so difficult with the assistance of a Managed Service Provider. By speaking to yours about your business strategy and the risks outlined in your continuity plan, they'll be able to design and implement solutions for any technical hindrances. No MSP can provide an out-of-the-box solutions for every business, however, and it's important to relay the needs specific to yours if their solutions are going to cut the proverbial mustard.
With your plan in place and any appropriate technology installed comes your most important step - testing. After such rigorous setup and installation, you'll at least want reassurance that your solutions are near-bulletproof. Training your staff will be paramount here, ensuring that each knows their responsibilities and the actions they'll take to get their systems back on track. It's also shrewd to perform a simulated scenario. We don't recommend breaking your entire infrastructure, but it might help to orchestrate an incident that won't cripple your business operations and requires your teams to enact their recovery plans. An arranged 'Penetration Test' with your Service Provider could be the perfect way to test this in a controlled environment.
Preparing your Business Continuity Plan is no mean feat, not least with the wealth of data, departments and devices to consider. Yet preparing yours in advance is paramount: Cyberattacks alone force 60% of SMEs to fold within 6 months, and that's just one example. Laying down the groundwork now could be the difference between smooth sailing and a mad scramble to fix a sinking ship.
Whatever your plan entails, you'll want to ensure that all your tech solutions can pull it off without a hitch. At Mirus, we offer protection both before and after a major disaster, while our cloud, print and SaaS offerings all provide protective measures for full peace of mind.
Understand your Cybersecurity situation and future needs with our Cybersecurity Questionnaire.
When was the last time you reviewed your Cybersecurity setup?
Our Cyber Questionnaire helps us provide you with a quick and concise breakdown of your company’s security setup, letting you prioritise key performance inhibitors in your next IT security assessment.
Click the image to complete our questionnaire.