How would you define disaster? According to Merrian-Webster dictionary it’s “a sudden calamitous event, bringing great damage, loss or destruction// natural disasters.” Although they do occur, disasters aren’t just hurricanes and floods in the worlds of business and technology. They’re also misplaced spreadsheets, coffee spills on your hardware, deleted files or data breaches from phishing attacks or a malware infection. As you can see a lot of these disasters are employee related.
According to one PC World report, 75% of data loss is caused by human error and is the single greatest cause in the workplace. Data is what keeps businesses alive today and is necessary for operations to go on as usual. There are businesses small enough that the financial costs of downtime might put them out of business completely. The most unfortunate part of this is that most companies don’t put the proper protections in place until after they experience a disaster. When it comes to your business there shouldn’t be a limit when it comes to cybersecurity.
What is Business Continuity Planning?
Business Continuity Planning (BCP) is proactive in it’s approach and involves identifying potential threats that are associated with specific business processes that have the potential to adversely affect the organization as a whole. With this kind of planning, your team must determine what processes are core to your organization’s day-to-day operations and what data is most significant. If you need technology to function then you need a plan for when it fails and that involves prioritizing.
Another element of this is predicting the potential consequences of particular disasters. You can’t prepare for the worst unless you have a sense of what you could be dealing with. Ultimately the final part of the process entails outlining the processes that will be implemented to rectify any issues and restore operations as usual.
RTO and RPO
To get a little more specific there are other elements in the BCP equation. Recovery time is critical and RTO and RPO are two of the most important parameters of Business Continuity Planning. RTO stands for Recovery Time Objective. This is the duration of time an organization can experience downtime before the consequences become truly damaging. In order to plan for the worst you need to have a sense of how quickly things need to be restored. There’s no need to lose your business over lack of planning and backups.
RPO is Recovery Point Objective. This refers to the maximum length of time a business can tolerate a computer, system, network, or application going down after a failure. A significant part of BCP is having an awareness of which parts of your technology you need in order to get back to business. This is the prioritizing part of the planning. RTO and RPO must be clearly defined in order for your organization to succeed in the event of a disaster. Without them it’s almost impossible not to take a loss after experiencing downtime.
Backup and Disaster Recovery
Another component of Business Continuity Planning is a Backup and Disaster Planning (BDR) solution. The backup part of this involves copying your data so it’s secure in another location or in the cloud. Disaster Recovery is the act of going through the processes outlined in the business continuity plan. There are a lot of things to consider. How much of the organization’s resources could be lost? What efforts would be required to recover, How long would recovery take? What is the overall impact on the organization?
A reputable Managed Service Provider (MSP) will work with you to determine what kind of backup is right for your business.
An effective BDR solution should include:
- Cloud Storage for your data to keep it safe and out of the office. In addition, it protects your information against in-office malware attacks and security breaches
- A fully automated backup process
- Backup that is monitored around-the-clock enabling quick access to data
- Replication of data to another location (ideally between 2 data centers on opposite coasts)
- Data restoration in hours, minutes or even seconds
- Image-based backups