By Drew Londgren, Regional Vice President and General Manager (Seattle), Cbeyond
Superstorm Sandy exposed how vulnerable small businesses are when faced with disaster, challenged by communication, transportation and power disruptions that impeded typical workflow. In the worst cases, owners and employees encountered severe difficulties resuming operations in light of destroyed equipment, data and records.
While metro-Seattle is far removed from “hurricane alley,” we are just as susceptible to floods, fires, security breaches and other natural and man-made disasters. Would your business know how to secure critical data and resume operations should a disruptive event take place? Think about what is at risk – years of tax records, confidential employee information (including Social Security numbers), customer contracts and records…and that’s just a start.
The beginning of the year is a great time for business owners and employees to revisit or build their disaster recovery plans to prepare for the worst case scenarios in the unlikely event disaster strikes.
Here are the five most common disaster planning mistakes businesses make, and the fundamental steps you can take to avoid them and ensure continuous, secure operations should the worst happen.
Mistake #1 – “I don’t need to worry about disaster planning – that will never happen to me”
The businesses that encounter the most trouble following a disaster are those of the “not here, not me” mentality. According to The Winter 2012 Cbeyond Business Leader Snapshot™, only 63 percent of small to medium-sized businesses (SMBs) have a business continuity plan in place.
A basic continuity plan begins with defining your most mission-critical technology, data and applications, and determining necessary steps to protect them. Next, identify a chain of communication should your office become unavailable, and how to contact essential parties and stakeholders that an office closing would impact.
Business continuity planning also includes updating cyber services, such as anti-virus software and firewall protection, to guard against network threats. Teams that assume their software updates automatically are more likely to spend days cleaning out viruses or recapturing lost data. Our recent survey found nearly one-third of small businesses faced cyber-security breaches within the last year.
Plan now to revisit and update your strategies every three to six months to identify operational gaps, accommodate new technologies and determine takeaways from any previous incidents.
Mistake #2 – “Our data is backed up on-premise, and thus secure”
The biggest threat to your business may be sitting in your storage room.
Amazingly, more than half of SMBs only back up data on-site, with another 28 percent using a combination of on- and off-site services. Keeping data backup files on-premise exposes your business to greater risk in the event of a flood, fire or theft. A secure backup solution enables off-site data storage, recovery and access to critical information online – through secure authentication of course! Businesses in Sandy’s path that stored files in a hosted data-center before the superstorm struck likely resumed operations swiftly, as employees could download, save and reinstate data with minimal interruption.
Mistake #3 – “Storing information in the cloud is expensive, and will confuse my team”
Transitioning information and processes to the cloud has become a popular off-site storage avenue. With the cloud seemingly more the norm than an exception, business owners are relieved of the double burden of complex cost and cumbersome usage – in fact, most teams may be using cloud processes to access email and manage documents without even knowing they are “cloud processes.”
Should an event occur that closes an office, employees can continue operations from the cloud, in any location. Companies also can rest assured that their information will be secure in the cloud, as typical server facilities are surrounded by hardened infrastructures and strict human and cyber protection.
Mistake #4 – “My network is strong enough to withstand anything”
Both natural and man-made incidents could potentially disrupt connectivity. Because businesses rely on internet and phone service, companies should have plans in place to restore their networks quickly and securely, or move them to functional IT environments. Consider evaluating which redundant connectivity services, and wireless backup systems, could best get your network running again should your normal lines become disrupted.
If you’re debating, or already in the process of, moving data to the cloud, you should also evaluate fusing it with a secure, private network to provide even tighter security and easier access to your unique processes and applications.
Mistake #5 – “There’s no way we’ll go silent should something happen”
While smart phone and tablet technologies have enhanced employee communication, and made workers more “disaster-ready,” don’t automatically assume that every employee is remotely connected.
Create a “communication checklist” to ensure all employees can access email remotely (through computers or smart phones). You’ll also want to make sure they are able to forward their office numbers to cell or home phones, and access emails off-site.
Communication is essential to working through a catastrophic event, and businesses should verify now that they can maintain contact with key stakeholders should their offices become unavailable.
While an event of Sandy’s magnitude is a rarity, your business may face an unexpected event – whether natural or man-made – that impedes your traditional workflow.
Planning for such events does not need to be elaborate. However businesses that leverage the latest technologies and strategies to protect their most vital assets, and learn from the mistakes of others, will be best prepared to resume operations should that time come.