Disasters come in all shapes and sizes and can strike at any time. There are natural disasters, weather patterns that roll in leaving destruction in their path. As we learned globally and first-hand in 2020, pandemics happen and can be incredibly disruptive to businesses, governments, and economies. And, for business owners, potential IT disasters need to consistently be top of mind during these times of increased cyber vulnerability.
Is your organization prepared for an IT disaster? The 2018 Korean Olympic committee thought they were prepared. Right up until a cyberattack wreaked havoc with their opening ceremonies. Despite having a cybersecurity advisory group that had met 20 times in the planning lead-up and had undergone cyberattack simulations, they still fell prey to an attack that took out internet access, shut down their website, grounded drones, and prevented ticket holders from printing out tickets in order to attend the ceremonies.
September is National Disaster Preparedness month, and the theme for this year is Prepare to Protect. This is a good reminder about the importance of disaster preparedness, and how critical it is to understand your organization’s unique risk factors.
At the forefront of any disaster planning activities is disaster recovery, which is an organization’s ability to maintain business continuity, both during and following a disruption event. Downtime can be detrimental for a business, as these statistics from Comparitech demonstrate:
- The average cost of a data breach is $3.86 million, and it takes, on average, 280 days to identify and contain breaches
- Ransomware attacks typically average 16.2 days of downtime
- Downtime is expensive, costing the average small company $8,000/hour and the average medium-sized company $74,000/hour
- 96% of businesses surveyed had experienced at least one outage in the previous 3 years
The good news? Costly downtime can easily be avoided through comprehensive business continuity planning. By taking a proactive, rather than a reactive, approach to IT emergencies, your organization can avoid the loss of momentum, productivity, and profit that accompanies downtime.
WHY BACK-UP PLANNING IS SO IMPORTANT
Remember when floppy disks were part of the back-up equation? Nowadays, if you aren’t backing up using cloud services, you’re not truly backing up.
Back-up planning is another piece of the business continuity planning puzzle that can’t be overlooked. A 3-2-1 strategy should be employed when it comes to backups. This translates to having 3 separate copies of your data:
- One on your computer
- One on local storage
- One on off-site storage
HOW TO ADDRESS BUSINESS CONTINUITY IN YOUR ORGANIZATION
Once upon a time, business continuity planning was treated like a form of insurance; something that should probably be in place in the unlikely event of a disaster. It is no longer sufficient for organizations to treat business continuity planning as “something that should probably be in place.” It should be treated like an essential step in ensuring organizational resilience.
At the outset of the COVID-19 pandemic, Mercer reported that less than half of companies surveyed reported having a business continuity plan in place to combat a global emergency. Business continuity planning isn’t insurance: it’s a strategic differentiator. And rest assured, those 49% of organizations that had planned for a global emergency of the magnitude of the COVID-19 pandemic were able to better navigate those challenging months better than those who did not. 99.9% of businesses in the United States qualify as small businesses. Of that 99.9%, 34% are now closed compared with January 2020.
You can bet that the companies that have survived have a strong appreciation for the value of business continuity planning. Benjamin Franklin said it best: If you fail to plan, you are planning to fail.
YOUR DISASTER RECOVERY PLAN
A comprehensive disaster recovery plan (DRP) is key to business continuity. Every organization’s DRP should be customized, based on their specific business needs and requirements. But there are a few general rules of thumb to minimize risk and resume operations as expediently as possible.
- Recovery time objectives (RTOs): establishing the amount of time needed to recover applications will help in keeping recovery costs low
- Disaster recovery sites: where all your critical data and applications will be stored during times of disaster
- Response procedure guidelines: documenting strategies like communications procedures and post-disaster activities will assist in expediating recovery efforts
- Crisis communications planning: identify how you will communicate with your various stakeholder groups in the event of a disaster
- Practice makes perfect: and finally, test your plan at least once a year and adjust as needed
BRINGING IT ALL TOGETHER
Most IT downtime doesn’t result from widespread disaster. Most IT downtime isn’t a result of sophisticated cybercriminals determined to show off their cyberattacking skills on the global Olympics stage. Most downtime can be traced back to human error and lackadaisical IT security.
This is where the right managed services provider (MSP) partner can be a gamechanger. Amnet has been providing IT consulting services and network security services (and keeping Colorado businesses cybersafe in the process) since 1998. By getting to know you and your organizational needs and pain points, we’ll ensure your business is stable and secure and ready to weather any cybersecurity disasters that might come your way. Schedule your complimentary DRP review today.