• 04 December 2024, 07:48 AM

Category Archives: Business Continuity

Bsuiness Continuity

8 Steps to Business Continuity

The why and how of introducing a Business Continuity Management strategy

Business Continuity involves building resilience in your organisation by identifying its key products and services and the critical activities that underpin them, then devising strategies so that you can trade through a disruption and recover afterwards.
Most organisations recognise that they should have a Business Continuity plan in place but see it as too expensive and time consuming to address, however this doesn’t have to be the case.

The benefits of introducing continuity awareness within the company far outweigh the risks associated with just hoping bad things won’t happen (although statistically they will!). Companies are looking ever more carefully at their supply chain to identify potential weaknesses and are asking for evidence of a documented and tested strategy to prove service level agreements can be maintained in any event.

The biggest mistake is trying to do the whole process in one fell swoop which, if ever completed, is likely to be a huge document that is put on a shelf and ignored for a few years. By breaking the process down into simple manageable phases where you can tick off the “quick wins” and demonstrate progress you introduce a culture of ongoing review; it is vitally important to constantly update your recovery plans in line with business growth and operational changes.

Steps for Business Continuity Management:

  1. Carry out regular risk assessments and take steps to eliminate, or at least minimise, potential threats to the operation of your business.
  1. Consider possible scenarios and analyse their impact on your business – forewarned is forearmed.
  1. Compile an action plan of what should be done in order to maintain Business As Usual in any event. Put formal contracts in place which will enable fast recovery of vital operations.
  1. Document key business processes and ensure no critical activities can be done only by a single individual.
  1. Review the resilience of your suppliers and their capability to meet Service Level Agreements. Consider multiple sourcing to reduce reliance on a single supplier.
  1. Protect your company information and ensure it can be accessed or rapidly restored in any event without compromising on security.
  1. Carry out regular tests to prove you can continue to function should you lose access to your premises or vital services, or in the worst case, your entire business environment.
  1. Encourage all employees to get involved with the preparation and testing of Business Continuity plans so they buy in to the importance of keeping your business alive.

To discuss your Business Continuity strategy further please contact us.

disaster recovery plan

Do SME’s Really Need A Disaster Recovery Plan?

When it comes to keeping your business running, it’s important to have plans in place to deal with both good and bad times ahead.

Business continuity plans and disaster recovery plans are an excellent way to ensure the protection of your organisation, however, it’s easy to get the two mixed up. Many people assume that because they have implemented a business continuity plan (BCP) they do not require a disaster recovery plan (DRP), and vice versa.

It is true to say they are very closely linked, but to briefly explain; BCP’s take a more proactive approach to minimise and avoid the risk of downtime, whilst DRP’s focus on recovering from the disaster.

In this article we will look specifically at the business continuity plan, why it’s a good idea and why you should have one.

Generally people do not enjoy paperwork, and business owners understandably will see a business continuity plan as just another tedious task to complete that will probably go unused; so here are a few interesting facts which could highlight the importance of a BCP.

On average, a medium-sized data centre will experience over three downtime events each year, with the average power cut lasting over 3.5 hours. Source: Eaton UK

Some 77 per cent of UK organisations (approximately 4.2 million) experienced connectivity failures in 2016. On average, UK organisations were also found to have suffered 4-5 outages each during 2016 and a wait of six hours every time for service to be restored. Source: ISP Review

Just over half (54 per cent) of UK companies have been hit by ransomware attacks resulting in variable amounts of downtime (58 per cent of UK companies pay up to get access to data and systems again.) Source: Malwarebytes

Almost all (97 per cent) of network professionals in a survey by Veriflow agree that ‘human error’ is the most common reason for network outages. Source: Network World

Depending on your company’s area, losing vital business systems could ultimately cost you customers, because your existing customers could choose to go elsewhere. In addition to this the damage to your reputation and the lack of credibility if there is no BCP in place could be extremely costly!

Hopefully the above has persuaded you to think about the importance of having a business continuity plan so in the event of a power cut, connectivity issues, network outage or cyber-attack your business can ride the storm and get back to business as soon as possible.

If you’re under the impression that a disaster is unlikely to happen to your business, you might be mistaken. It could be something as simple as a staff member keeping watch of an absent colleagues emails whilst they’re on holiday and accidentally opening a cleverly presented, yet malicious, email. If that email contained ransomware, and the attack was successful, it would only take a few seconds for all the files on the computer and everything else connected to it – namely the server – to be encrypted.

Before you know it, your network is unavailable, staff are unable to work, and a disaster recovery plan is vital. In addition to downtime, failing to have a business continuity plan in place could cost a business severe reputational damage, and it could even raise certain compliance issues.

When you’re busy running a business, it could be easy to forget that you are a prime target for cyber hackers, and many have made the mistake of assuming that these hackers are only interested in going after bigger organisations. But, the fact is that when you’re an SME, your cyber defences are easier to hack, reason being you will not have the same budget available to you to spend on cybersecurity as a larger business, and attacking a small company carries a much lower risk than attempting to infiltrate a larger organisation, as the cyber criminals are less likely to be caught.

Not to mention, hackers know that a small business is more likely to pay a ransom to have files decrypted quickly, so that business can get back to normal and downtime can be minimised. That’s why it’s essential that you have a robust Business Continuity Plan in place, so you can avoid these situations, and deal with them swiftly should the need arise. Below, I outline the key aspects you should take into consideration when creating a BCP.
Key considerations for a Business Continuity Plan

  • Key business functions – what is going to cost your business the most if they are affected by an IT outage or system downtime?
  • Minimise the risk – what could be done to avoid critical business functions being affected by downtime, implement preventative solutions such as cyber awareness on risks/threats, staff education and network monitoring,
  • Recovery times – what could you do to reduce the time taken to get critical business functions operational again? As a suggestion, increase the frequency of backups for critical data.
  • Failover plans – what could you do to get important business functions operating during an incident? For example, if your head office suffered a power cut could staff work from another location?

Do you require more information?
Read more about the options we offer here
Alternatively, please feel free to contact us

Workplace Recovery Suite

5 things to consider in a workplace recovery plan

A workplace recovery plan will build resilience into your business, and prove to your staff and clients that you’re serious about keeping your business alive in the event of a disaster.

But what does a good plan look like? Here are five important factors you should consider:

  1. 24/7 access

A business continuity workarea recovery site which isn’t accessible 24 hours a day is something you want to avoid. While it’s easy enough to find a site that you can access during normal working hours, you should also consider the wider impact of a disaster scenario. You may, for example, need to use the disaster recovery (DR) site out of hours during a disruptive incident. Moving kit and people in the early hours is hard enough without the added issues of access.

  1. Facilities

When disaster strikes it’s easy to get caught up in the bigger picture and forget about the everyday resources your office needs to function. We’re not talking about servers and desktops but the smaller items that make life easier – like cables, phone chargers and even stationery – as well as a way of storing them.
The presence of local amenities and accommodation are also easily overlooked, but could be of great significance to you and your staff if you have to stay at the site for many weeks.

  1. Staff support

The top priority for most firms is the well-being of their staff. This was confirmed in a recent survey carried out by the Business Continuity Institute (BCI), which found that 90% of practitioners put staff safety before other factors, such as security of critical data, customer support and productivity.
Having a team of professionals at hand who can deliver a smooth transition for your business when you most need it is invaluable. Your workplace recovery provider should be committed to making your move into a backup office location as easy and uncomplicated as possible, especially during the initial stages following an incident.

  1. Security and privacy

In an ideal world you’d want your business continuity work area to be a replica of your current office. Of course, this isn’t always possible – which is why it’s important to concentrate on your core requirements. One such requirement may be a high level of security and privacy. For example, if you’re working with sensitive or regulated data you may decide that a shared space is simply out of the question for your business.

  1. Scalability

Many companies make the mistake of not thinking ahead; it’s important to consider your medium and long-term needs, not just the must-haves in the aftermath of an unexpected event.
Depending on issues such as permanent damage to your original premises, you may find that you need to stay in your backup site for longer than originally anticipated and that your requirements change over time.
Your plan should therefore include details on how many workplace recovery positions you require in a disaster scenario over a period of time, as well as how long you can reside there