Preparing IT for when disaster strikes: 5 tips to get you started

It’s a question you need to answer before disaster strikes; how well can your organization deal with disruption to your business that can overwhelm your ability to provide the technology services and resources necessary to deliver critical business functions?

As we all know, business is increasingly a 24/7 activity, one that relies heavily on the capabilities of complex, interconnected business systems and networks. IT professionals’ ability to keep everything running is more important than ever, and when you throw in the occasional emergency situation – a network failure, business system outage, power blackout, or pandemic – things become even more complex.

One of the most valuable things I’ve learned about emergencies is that business continuity plans are only as good as the IT strategies that enable them. IT departments must play a pivotal role in every aspect of business continuity, from strategy and planning to resource allocation to implementation and monitoring.

It’s not that every IT manager needs to be an expert in this field, but you do need to understand your role in the larger picture. That means acting as the in-house expert on network and communications technology to ensure that your business works at maximum efficiency, no matter what the situation.

Here are five important things to consider when you’re helping your organization implement a business continuity plan.

1. Become proactive

Business continuity is not something you implement at the time of a disaster – it’s all about proactive planning and assessing your risks before a problem occurs. You need to learn how IT fits into every aspect of your organization’s operations, from deliveries to ordering, from voice capabilities to data storage and retrieval. By knowing how your IT operations are connected to these functions, you’ll be able to work with colleagues in other departments to develop an effective, cross-functional business continuity plan. Remember: failure to develop an effective plan can prevent you from delivering your products and services on time, resulting in lost customer confidence, decreased sales and revenue, and possibly a big hit to your reputation and future profits.

2. Evaluate your communication dependencies

To be an effective partner in the business continuity process, you need to identify your organization’s most valuable assets and critical business functions – i.e., those that must be preserved in an emergency – and then determine how dependent those assets and business functions are on the company’s business systems and networks. Think about it this way: organizations are connected across offices, cities, and continents; workers collaborate using mobile devices, laptops and tablets, from remote sites and from home. Meanwhile, your customers and partners expect instantaneous access and response times. Now ask yourself: in the event of disaster, outage or shutdown, which of these technology channels would be absolutely essential to keeping your most important business assets functioning? Which functions could your business do without, and for how long? Knowing the answers to these IT questions will go a long way toward building a business continuity plan that works.

If you are concerned about the dependability of the telco or service provider’s redundancy to your business, take the time to explore the following five items with your telecom provider:

• Understand your business communications system requirements
• Talk to your telecom provider about their network resiliency status
• Focus on the services required, not the technology
• Define and have your telco/service provider build the required level of resilience
• Ask your telco/service provider for network audits of routing details (pathing)

The key goal of telecom network disaster recovery is restoration of communications systems to the same level of service provided before an outage or catastrophe. But it is also critical to maintain connections while things are still being disrupted in order to keep important information flowing.

If telecom is vital to business survival, you should consider redundant, diverse, private, or higher availability networks to meet your continuity needs.

3. Understand your vulnerabilities

You also need to help identify your company’s critical components, such as facilities, employees, business processes, IT systems, applications, data, platforms and networks. Understanding which components are most important to your daily operations will help you identify the vulnerabilities in your business processes and network infrastructure. It will also help you assess the impact a disaster, outage or shutdown would have on employees, customers partners and other stakeholders.

4. Set priorities for risk mitigation

It is essential to determine how long you can afford to be inoperable, and to define the impacts of a disruption to every level of your organization’s operations – business, financial and communications platforms. From there you can begin to develop a risk mitigation strategy that takes into account each of those impacts, and to identify objectives, requirements and priorities for the recovery of critical business components.

5. Develop your recovery plan

This is an essential point, because no matter how many preventive measures you have in place, disruptions still happen. You can greatly reduce the negative impact on your business and speed up recovery times by preparing your network and IT procedures in advance:

• Implement system and data backup arrangements and the key procedures to support your recovery strategy.
• Leverage third-party data centres or colocation, including cloud computing, to minimize IT risk issues.
• Negotiate vendor contracts and/or lease agreements to acquire equipment and services that will help you in the event of a disaster.
• Upgrade network and business data security such as firewalls, intrusion detection, hacker protection, password authentication and data encryption.
• Assess and strengthen your network redundancy and re-routing capabilities, as well as your work-around procedures and/or contingency plans.
• You should also determine critical vendor and business partner disaster recovery capabilities in the event that they’re impacted by the same disaster.

The role of IT managers and planners will only increase as more business processes move onto company networks and into the cloud. These are just a few very high-level considerations to think about from an IT business continuity perspective. And always include a detail evaluation of any cloud provider environment continuity and resiliency position.

If you have not fully addressed your IT dependencies and need a trusted adviser, consider hiring or engaging a team of professionals with your interest in mind to protect your business and customers in keeping their business resilient. With cyber threat occurring regularly, as if they were on steroids, do not lose faith and build the right (not easiest) solution for you that is on strategy and on budget.

You can’t predict an emergency, but you can prepare for one.