This article is about ensuring the continuance of your business. Mention Business Continuity and many organisations will say they are covered as they have back-up computers. The odd thing is that you will usually get this answer even if you ask business people rather than members of the IT department. The term Disaster Recovery is often confused with Business Continuity. Having ‘back-up computers’ will not provide Business Continuity; in fact it will probably not even provide real Disaster Recovery.
What does the term ‘disaster’ mean? This is something that disrupts the smooth running of your business. It can be anything from a loss of an entire set of offices, losing the people who run the business or losing data from a computer system as a result of a virus or malicious hacking.
How long can your organisation survive in the case of a disaster? If you are manufacturing company and you lost your premises, where would you relocate to, and how long would it take to relocate? If you are a public body and you lost your major systems, what impact would this have on your ability to provide service? If you are a financial institution and you lost access to your corporate data how long could you survive without it? Likewise, if you are a dot.com company how long could you survive if your web servers were unavailable?
Notice that of all these questions, only the final one relates solely to IT. For a dot.com company, the loss of the website (by losing the web server) is a disaster as anyone attempting to access the website would find it unobtainable and would go somewhere else, possibly never to return. For all other questions, a good Business Continuity plan could actually stop a company from going bust in the case of a disaster.
Obviously any plan will include information on Disaster Recovery - i.e. the technical side of Business Continuity. This will cover a full plan as to what will happen to voice and data communications, and how computer applications will be provided in the case of a disaster. The full Business Continuity plan will also cover other items relating to the business requirements, such as plans for the duplication or restoration of paper records and also details of where the business will relocate to if a disaster made the premises inaccessible
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.