How technology fits into business continuity planning

Every business should have a business continuity plan.

Most companies lacking business continuity plans are small-to-midsize businesses. FEMA estimates that as many as 25% of businesses do not reopen after a natural disaster. 

Although natural disasters like floods and fires are more physically harmful, cyber disasters like malware attacks and data breaches can be equally devastating. Creating a business continuity plan that accounts for both types of disasters is paramount. 

These facts are the reason that cyber liability insurance providers are increasingly requiring businesses to provide some form of business continuity plan as a part of their due diligence procedures. Even the United States Homeland Security Presidential Directive (HSPD-5), the Management of Domestic Incidents has developed business continuity plans for the nation. 

A cyber attack might be more disruptive for businesses than a snowstorm that sends employees to work from home. Likewise, loss of data is more substantial than loss of hardware. Since data is more important than hardware that can always be replaced, it is important that data be backed up, protected, and retrievable as needed. 

HubSpot Video

What is a business continuity plan? 

In the event that you are caught off guard and fall victim to a breach or recognized threat, it is typical for business to be interrupted. This will usually create displeased customers. If customers are displeased and find out that you fell victim to something preventable, your reputation might take a hit. Ultimately, profits will be negatively affected (and possibly brought to zero if your business goes under).

In short, a business continuity plan is just a business’s strategy to respond to recognized threats and risks such that it can continue to provide clients services through disruptions.  


What is the primary goal of business continuity planning?

The main goal of a business continuity plan is to carry on essential business functions in the event of a disaster. These essential functions are to be continued until all other business functions return. A business continuity plan would hopefully also aid in returning peripheral business functions as quickly as possible. This all requires well thought out planning which includes prioritizing functions and assessing the essential ones. For this reason, business continuity plans usually include step-by-step procedures, checklists, and flowcharts to be relentlessly systematic


What goes into a business continuity plan?

Data backup and disaster recovery are the backbone of a business continuity plan.

Business continuity plans should be systematic and written down, but it is important to recognize that if you store your plans on a server that goes down or an office that cannot be accessed, then they are useless. It is important to have a team of people with a basic idea of your business continuity plans within their heads. Better yet, having a third-party company protect you against things like technology failing or being uncooperative can be beyond helpful. 

A lot of problems can be avoided with simple contingency planning. Some solutions are easier than others: it could be using a mobile phone in the event that a desk phone won’t work, having a physical system if a digital process fails, or having a managed service provider to cover your back on all things IT. Business continuity plans are really all about preventing recognized threats from inhibiting your business.

Although not immediately considered when thinking about business continuity strategy, it is important to establish good, working relationships with vendors to help prevent or mitigate a crisis (or recover from a crisis after the fact). For example, having a company to call to replace computers or recover data can expedite recovery time.  

Contact Sagiss today if you need help setting up your company's business continuity plan.