Business Continuity Planning Isn’t Just for the Fortune 500
Businesses around the globe have been impacted by recent events related to Covid-19. Like it or not a bright light has been cast on the importance of businesses and their ability and preparedness to withstand a disaster. For some companies, continuity and disaster recovery plans are part their technology leader’s playbook, for small and mid-sized businesses however, it’s an activity that’s sometimes overlooked.
When some people hear “disaster recovery planning” it conjures up images of weather-related events that leave a path of physical destruction behind. That perspective is too narrow and leaves businesses vulnerable. Disaster can take many forms:
- Loss of access to physical building
- Loss of data or systems
- Loss of a key team member
- Loss of a key vendor or supplier
In the case of Covid-19 many businesses are facing at least 1 of these events. Whether voluntarily or by mandate, many businesses have had ensure they can operate from remote locations and this means ensuring key systems such as accounting and operations are accessible. The Covid-19 pandemic has also threatened the well being of people who may serve critical roles for and within a business.
A quick Google search will reveal many resources related to developing a business continuity and disaster recovery plan. Cloud infrastructure provides a secure, reliable and highly available platform for systems access and data storage. However, there is one point that businesses often overlook and it’s one of the most important things a business can do to help safeguard themselves.
There are some tell-tale signs of a business who may be doing well financially and yet who may be unaware of the perils they face. It can often be traced back to one thing: lack of IT governance and oversight. In the context of this article, IT governance means business leadership recognizing and valuing the importance of safeguarding information and ensuring technology is used securely to bring value to the company. There’s much more to that simple definition but if you’re a business with post-it notes and paper based processes, or if your perspective of IT goes no further than the computer on your desk, chances are pretty good you’d benefit from some assistance.
Who knows the answer to that?
Even if your company leadership doesn’t embrace technology governance there is something you can do to help protect yourself. We’ve all be in meetings or situations where a topic prompts a question like “who in the company knows the answer to that?” It’s often asked when important systems require attention or when key personnel are unavailable to answer questions about business processes.
Preserving institutional knowledge is one of the fundamental business continuity and disaster recovery activities a business can undertake.
Take the time to document key parts of your business such as:
- Who are the subject matter experts who know business and the information systems workflows?
- Where is your list of customers and vendors maintained?
- Who handles accounting? Who is their backup and do they have a continuity plan?
- Who maintains your list of account logins, identifier and pins? Consider using an encrypted cloud provider like 1Password.
- How often is your data backed up? Learn about recovery point and recovery time objectives ( hint: it’s about how much data and time you can afford to lose ).
Once you begin asking these questions you may be surprised how much of your business is knowledge a key employee or vendor has in their head. If you recall earlier we mentioned that loss of a key employee or vendor is part of business continuity and disaster recovery planning. Wrapping your arms around this, getting it documented, saved securely can go a long way towards ensuring your business has a continuity plan and a better chance at maintaining operations when an event occurs.
Free Business Continuity Plan
Download a free business continuity plan from FEMA and start protecting your business.
How We Can Help
One of the most fundament activities is documenting the who, what, where, when and why of your business. It begins with a mini audit and ends with a plan that we help you execute that has your data backed up regularly, institutional knowledge recorded, passwords securely stored and your systems analyzed for security vulnerability and made available via the cloud.
The saying “an ounce of prevention is worth a pound of cure” is really true. You’ve worked hard to build a business and we encourage you to be prudent while helping safeguard your business future.
Contact us today for a free consultation.