No one likes to think about disasters. There are other things to think about, plus there’s often no immediate payoff. But if you run a business, just like if you run a household, not planning ahead can add more disasters on top of the first one!
Here’s how the planning you do at home is parallel to the planning you do at work. You probably don’t call it Disaster Recovery Planning, Business Continuity Planning, and Compliance Planning at home, but they’re essentially the same thing! Take a look:
Getting your backup supplies ready = Disaster Recovery Planning
To prepare for something like an ice storm, tornado or another type of disaster at home, you make sure your family has backup supplies. You’ll have flashlights, candles, fire extinguishers, gallons of water, some canned food and a can opener, cash, a list of emergency phone numbers, a radio and some spare batteries, wood for the fireplace — the kinds of things you’ll need to see you through a few days. You may even have a whole-house generator and the fuel to run it, depending on your situation. And you’ll have homeowner’s or renter’s insurance to cover any damages.
In business, your Disaster Recovery Plan includes backups — of your data, equipment, phones, Internet providers — to prepare for storms and other kinds of disasters like network failures, hacking and sabotage. Your backups will be as recent as your unique needs (with some things being backed up more often than others) and you’ll have them tested regularly to make sure they work. You’ll also test your disaster recovery plan so that the first time you try it isn’t during an emergency! Would you test the batteries in the flashlight at home? You bet.
Who does what, when, where, how and how much will it cost = Business Continuity Planning
Having emergency supplies isn’t enough. Your family needs to know how to use everything. Where are the candles and the matches? How does the emergency radio work? How do you heat canned food if the power is off? How do you operate that fire extinguisher? You’ll also want to plan for where you’ll stay if you can’t stay at home and how much that will cost. And if you have to make a major repair, you’ll want to know how you’ll pay the roofer while you wait for the insurance check to come in.
There are a lot of details — details you will not want to deal with during a disaster.
Your Business Continuity Plan covers the same types of things. It’s a comprehensive, written plan that’s been developed with input from each of your departments — and probably input from a business continuity consultant as well. The plan should cover everything (everything!) so your company can be operational again as quickly as possible, and your customers and cash flow can experience the least amount of disruption as possible. Your plan will include specific procedures like where everyone will do their work, how they’ll communicate, who will be responsible for which tasks (and who will be on standby if that person can’t do it), which services go to backburner for the time being, how you’ll implement Plan C if Plan B doesn’t work and anything else that you can think of in advance. The goal? Minimal panic. Continued operations. As close to business-as-usual as you can get. Clearly you’ll need to train your team just as you’ll have your family practice where to meet if there’s a fire.
Protecting yourself from vulnerabilities in the first place = Compliance (Security) Planning
The best emergency plan is to not have an emergency in the first place! While you can’t stop Mother Nature, you can take concrete actions to weather storms and make it harder for bad guys to break in. At home, this means making sure your roof is sealed and your wiring is to code, locking your doors, getting (and using) a security system, installing outdoor lighting, keeping the stairs in good repair, and having enough homeowners insurance to rebuild after a disaster and enough life insurance to pay off the mortgage after the worst kind of disaster.
There’s a checklist of things to do to protect your business, too — many checklists, actually. They’re called compliance standards and include smart cybersecurity practices. Compliance (Security) Planning covers everything your company needs to do to operate in a way that protects the people involved and their interests. They differ based on industries and needs but the goal is the same — taking every reasonable action to avoid security breaches. And having good insurance to back you up.
Even if your company isn’t required by law to comply with certain standards, you probably want to meet (or beat) the checklists anyway. Your ability to avoid the worst consequences of a disaster improves exponentially when you protect each layer of your business. Plus you’ll cover your bases against potential lawsuits — you’re legally responsible for all kinds of things and can be sued even if you are in full compliance. Just as you don’t need regulations to tell you to lock your garage door at night, you don’t need regulations to tell you to protect what you’re responsible for.
Leapfrog is deeply involved with helping people understand how to protect their IT ecosystems. And we are constantly seeking out better, more secure ways to help companies stay up and running even in the worst possible circumstances. The complexities don’t dissuade us — we thrive on details! And on planning ahead! And on being front and center to help resolve the situation in case something does, unfortunately, go wrong.
|You may also be interested in: