As your business game plans for every scenario that could come your way with a Business Continuity and/or Disaster Recovery strategy, thorough planning is essential. Communication is essential. And testing your plan is of utmost importance.
Legendary Dallas Cowboys Coach (and also B-17 Pilot) Tom Landry, the author of the Doomsday Defense, was the consummate planner.
Unequivocally calm, cool and collected under even the most overwhelming of circumstances, Landry carried with him a philosophy that if his players executed the plans he laid out for them, if coaches stuck to a rigid, to-the-minute itinerary every week, the final outcome would be favorable. That mindset was developed in large part because Landry had averted disaster far beyond a missed field goal or even an 0-11-1 record his first season. As a member of the the 493rd Squadron of the U.S. Eighth Air Force, Landry flew a B-17 on 30 combat missions over Germany, narrowly avoiding disaster and coasting onto the runway on fumes on multiple occasions. Planning for every detail or scenario was a true Doomsday Defense for Landry.
This point is this. As your business game plans for every scenario that could come your way with a Business Continuity and/or Disaster Recovery strategy, thorough planning is essential. Communication is essential. And testing your plan is of utmost importance to ensure business operations do not halt when faced with unforeseen circumstances.
While “doomsday” scenarios – tornado, flood, hurricane – can be easy to write off today, there are numerous sudden and more likely scenarios that won’t steal headlines, but could very well steal valuable hours of your business operations.
Just a few, off the top of my head:
- Intermittent, five-minute power outages
- Data breach (ransomware, social engineering or other cyber-related attack)
- Accidental discharge of the fire suppression sprinklers within an office building
- Construction mishap (street, plumbing, building, etc.) that affects infrastructure services to your office building
- Traffic collision that crashes into a transformer next to your building
A Business Continuity Plan (BCP) is a strategy to get a business up and running as soon as possible in the event of some form of disruption. A Disaster Recovery Plan (DRP), a subset of BCP, is your strategy for restoring vital technology or support systems. When your technology is down, do you have a system to still conduct business, even in a degraded state? When disaster hits, are you able to continue operations without missing a beat?
Does your business have a game plan?
6 Defensive Strategies for Crafting Your Business Continuity Game Plan
1. Recognize that the Threat is Real.
There’s a reason not everybody succeeds in selling insurance and it’s simple: People are willing to roll the dice.
Your DRP or BCP is your insurance policy – and a sound one at that. According to Stax Market 2018 Report, 52% of businesses experienced a disruptive event(s) in the last five years. Additionally, according to FEMA, as many as 60% of small businesses never recover after a disaster and are forced to close, highlighting the need not only for trustworthy infrastructure, but a well crafted plan to keep operations up and running.
Saying “it will never happen to me” is essentially conceding that you’re willing to roll the dice.
2. Get a Technology Assessment.
It’s good to know where you stand currently from a structural standpoint.
A Technology Assessment delivers crucial operational risks that lie under the hood of your network infrastructure. They include endpoint security assessments, workstation and server operating system assessments and patch level assessments. They can also provide password management insight and asset reporting.
3. Quantify the Potential Impact.
This involves meeting with organizational leaders and finding out simply “how long can we operate without access to technology?” How much is it costing you for every hour you are down: When you can’t handle customer inbound calls? When sales people are not out prospecting? If your service technicians can’t have calls dispatched to them?
Meet with different managers to identify what is needed to conduct business, and then rank them according to priority. For example, managers with responsibility for revenue generation and team leaders with customer support responsibilities. Then start asking the questions… how long can we run without access to technology? How much is it costing us per hour?
The numbers compiled with help guide the spending necessary for a plan that is properly aligned with business needs.
4. Keep your Head in the Cloud.
A gold standard in disaster recovery is being able to continue operating at 100 percent. It’s expensive, but it’s doable.
Following best practices for data backup will ensure quick, accurate, and reliable data recovery when it’s needed most. A well-rounded approach may combine both local and cloud-based storage and recovery options. Avoid manual data backup processes whenever possible (common with smaller companies). Resist the urge of plugging in that terabyte hard drive, telling yourself “I’ll back this data up every Friday,” and thinking that taking it home on Fridays will suffice for establishing “geographic redundancy.” You’re likely to forget it, or Murphy’s Law will come into play and, unexpectedly, the hard drive will fail and so will your manual process.
5. Communicate Your Defensive Maneuvers.
Communication planning is a key part of preparedness and executing any Business Continuity Plan.
Failed communication can thwart even the most well devised strategy. This includes notifying necessary parties of the disruption, identifying the location of impact and providing scenario details. Also, as an example, for a customer support staff, it’s supplying the necessary scripts ahead of time to effectively communicate with customers what the situation is and how it’s being handled.
6. Invest…. Then TEST.
One of the biggest mistakes businesses make after investing money and time in infrastructure and disaster planning is a failure to test. According to Riverbank’s Annual Backup and Disaster Recovery (BDR) report, 46 percent of small to medium enterprises never tested their BDR Plan.
Ever been a part of a fire drill? An announcement is made that a test of the building fire alarm will occur at a given time. The time comes, the alarm sounds, and all employees exit the building. Now employees know what the alarm sounds like and what to do when they hear it. Disaster recovery infrastructure and business continuity plans require a similar approach to testing. In fact, firms that aren’t testing aren’t doing their due diligence.
For example, if your organization were to lose power to the building for 24 hours and your plan calls for sending people to home offices to work from home, what does that mean exactly? Are the Internet connections employees have at home fast enough for business use? Are the systems used by your business able to support working remotely? How will people communicate? How will conference calls occur? How will inbound customer calls be handled? What will the message be that you provide to customers, if any, about the power outage and the viability of your business to function? Et cetera, et cetera…
Tom Landry asserted his value in preparation with this simple, yet notable quote: “Setting a goal is not the main thing. It is deciding how you will go about achieving it and staying with that plan.” Are you prepared to give some serious thought about your Business Continuity or Disaster Recovery Plan, should the unexpected occur?
A Datamax Technology Assessment can be a great starting point for implementing your own Doomsday Defense. If you're simply interested in learning more, download our free eBook: "4 Business Continuity Planning Essentials. Click on the thumbnail below!
Image Source: Duxford, UK - May 23rd, 2015: B17 Flying Fortress 'Memphis Belle' seen at Duxford VE Day Airshow.