A Risk Management Approach to Business Continuity Planning

By November 20, 2018Business Continuity

business continuity

All businesses are at risk of major disruption. Whether it’s a natural disaster or a major cyber-attack, there is always the need to protect your data and ensure that you have a plan in place just in case you suddenly need to change the way your business works.

Business Continuity Planning is about preparing as much as possible for a full range of scenarios so that you can react quickly, manage risk and adapt to the circumstances while protecting your business.

And as companies become more data aware, here are the five key questions that you should be asking your data management team:

  1. Does your data recovery strategy actually work?
  2. What happens in the event of a disaster?
  3. Are you under regulatory governance to have a DR, Business Continuity & Backup in place?
  4. How quickly can you meet your RTO targets?
  5. What is your business continuity plan?
  6. Are you able to access data if your office becomes inaccessible?

 

Business Continuity Planning

Unexpected events such as power outages, infrastructure failure or even natural disasters can easily prevent you from operating your business. You need to consider where and how your staff will continue to work if the worst happens.

This is what your company should be looking for in a comprehensive Business Continuity Checklist:

  • Dedicated seating in various recovery suites with access to public transport and parking
  • 1Gb resilient connectivity to comprehensive DR systems in the event of a disaster
  • Large team of engineers available on-site for the transition period
  • Technical assistance with system recovery
  • RFID access restricted suites
  • Conference rooms with video & telephone conferencing
  • At least 100Mb Internet connection
  • Voicemail and contact centre including call recording if required

 

Disaster Recovery

Disaster Recovery is a large part of ensuring your business can carry on operating in whatever circumstances have been thrown your way.

And this business resiliency begins with the protection of systems and data across your entire environment. Any enterprise organisation should be ready to recover systems to full capacity and retrieve assets within the recovery time and recovery point objectives (RTOs/RPOs) your business requires.

This is what your company should be looking for in a comprehensive Disaster Recovery Checklist:

  • Enterprise-class replication providing coverage for all IT infrastructure requirements
  • 2048-bit SSL tunnels for encrypted data replication to a secondary off-premise location
  • Failover with multiple point-in-time recovery points
  • Disaster Recovery under the governance of ISO 27001
  • Assisted planned DR test
  • Invocation support provided from a 24/7 Network Operations Centre
  • DRaaS provided across Enterprise Cloud or Public Cloud platform offering

 

Cloud and offsite backup

The loss of data can close your company’s doors permanently. A fully managed, remote backup and restore service eliminates the need for manual tape loading and removal off-site, allowing users to work without interruption and ensuring round-the-clock data protection.

Moreover, modern ransomware will often work ‘under the radar’ and encrypt your backups first before anyone is aware. And this can often leave businesses vulnerable when it comes to trying to recover their data.

This is what your company should be looking for in a comprehensive Backup Checklist:

  • Full AES 256 encryption on all data at rest
  • Multiple solutions available for physical & virtual environments, servers & endpoints as well as Cloud solutions such as Azure, Office 365, OneDrive and Sharepoint Online
  • Regular testing of backup solution
  • Quarterly service reports
  • Redundant dual-site storage for resilient data backup archive
  • 24-hour alert systems with managed monitoring
  • Data deduplication

 

Protect your data against ransomware

There are lots of ways you can protect your data against ransomware. One way is to employ the capabilities of S3 Object Storage Lock via Cloudian and Veeam v10. Another solution for larger enterprises would be to take advantage of Rubrik’s immutable file storage system.

 

Crisis communications

When something unexpected happens, one of the most vital elements is to maintain clear and effective communication with your staff. This means they can respond quickly and stay connected with the company – wherever they are.

One of the best ways to do this is by using our Company Communications App which allows businesses to send simple push notifications to their staff via their phones. You can also use the app for a range of other necessary company tasks and workflows.

So, whether you’re in the middle of a crisis or not, you can still save time, communicate clearly and easily, and stay connected.

 

Read more

Backup and Veeam specialist Stephen Seagrave discusses how to move back following a disaster recovery event which you can read about here.

Interested in learning more about Business Continuity? Speak with our team today.