Planning For Catastrophe: Business Continuity & Disaster Recovery
80% of businesses suffering a major natural disaster go out of business within three years. Your business runs 365 days a year; your systems run 24/7 and your data is needed in real-time. To ensure that your business continuity is protected, you must take a proactive approach that ensures that everything is protected. This means all of your systems, data, and files are protected against all types of disastrous events. Business continuity planning should be the number one priority when preparing for a catastrophic disaster.
So, what types of disasters-exactly-should your business be prepared for? Let’s take a look:
- System Disasters. This is your hardware, software, all systems and data centers; when they fail, you want to make sure that your business doesn’t have to. The 2018 Cyber Resilience Report found that 67% of companies in 61 countries experienced at least 1 cyber incident in the last year, caused primarily by phishing & social engineering, malware, spear phishing, denial of service, and out-of-date software, rendering the organization’s own network either contaminated or inoperable.
- Natural Disasters. Due to global climate change, natural disaster occurrences have increased and intensified. Since 2010, we have suffered 2,018 natural disasters (averaging 336 per year). The US is second only to China for the number of natural disasters. Natural disasters have cost the global economy $2.5 trillion since 2000. 80% of businesses suffering a major disaster go out of business in three years.
- Human Error Disasters. The most frequent, most common, and often most detrimental cause of disasters that can disrupt business continuity is unintentional human error. 70% of the successful attacks on businesses came from internal threats like employees and contractors. Even small data losses – those with fewer than 100 files lost – cost between $18,120 and $35,730. A single poor choice by a single employee can lead to catastrophic data loss.
Any one of these disasters could destroy your business, or at the very least, cost you thousands of dollars.
Your business continuity planning is essential; one key component in that planning is thinking big picture and covering all your bases.
What does that mean?
Ensure employee well-being. Communication during and following an emergency presents a variety of challenges. So, crafting an employee safety and communication plan that works is absolutely essential. Obviously, email is the easiest way to reach a large group of employees, but if your company’s email server is down, you are out of luck. A call tree, sometimes referred to a phone tree, call list, phone chain or text chain, is another popular method for distributing important information to employees during and following an event.
Keep customers in the loop. Managing customer relationships is obviously critical to the ongoing success of your business. As such, it is important to craft a plan for distributing information to your customers during and following a disaster event. The scope of your customer communications plan will vary widely depending on the nature of your business.
Enable IT uptime. To understand the IT piece of disaster recovery and business continuity today, it helps to look at the not-so-distant past. It really wasn’t very long ago that backup meant daily incremental and weekly full backups to tape or a dedicated disk backup target. Disaster recovery from offsite tapes were-and are-painfully slow and bring considerable downtime. Your IT disaster recovery plan should be built around two concepts; your recovery time objective (RTO) and recovery point objective (RPO). RTO is the amount of time that it takes to get a system restored following a failure or disaster event, and RPO is the point in time to which your data can be restored.
A better way to enable your IT uptime is to run applications from image-based backups of virtual machines. This capability is commonly referred to as “recovery-in-place” or “instant recovery.” Recovery-in-place dramatically improves RTO because operations can continue while primary servers are being restored. RPO is reduced as well—snapshot-based, incremental backups at 15 minute intervals are a common practice.
Keep your business moving. Some possible considerations for your organization to focus on when planning for a disaster are insurance coverage, employee training and facilities issues. In addition, knowing your downtime impact is crucial to your recovery efforts. Many organizations today have limited tolerance for application downtime and if your employees or customers do not have access to essential applications and data, there will be a direct impact on productivity and revenue. While this sounds obvious, many organizations do not consider the actual costs of downtime for a business.
To better understand the cost of downtime and how it can cost your company dollars, our RTO (Recovery Time Objective) Calculator is a great tool to begin measuring exactly where your business vulnerabilities are and how to better protect your data assets and continuity.