Preparing for the Unexpected: 5 Tips for IT Business Continuity Planning

It’s a question you need to answer before disaster strikes: how well can your organisation deal with disruption to your business?

Business continuity plans are only as good as the IT strategies that enable them. IT departments must play a pivotal role in every aspect of business continuity, from strategy and planning to resource allocation to implementation and monitoring. Here are five important IT considerations to help your organisation implement a business continuity plan.
1. Be Proactive

Business continuity is not something you implement at the time of a disaster.  It’s all about proactive planning and assessing your risks before a problem occurs. Learn how IT fits into every aspect of your organisation’s operations, from deliveries to ordering, from voice capabilities to data storage and retrieval. By knowing how your IT operations are connected to these functions, you’ll be able to work with colleagues in other departments to develop an effective, cross-functional business continuity plan. Remember: failure to develop an effective plan can prevent you from delivering your products and services on time, resulting in lost customer confidence, decreased sales and revenue, and possibly even a big hit to your brand reputation and future profits.

2. Evaluate your Communication Dependencies

To be an effective partner in the business continuity process, identify your organisation’s most valuable assets and critical business functions – i.e., those that must be preserved in an emergency – and then determine how dependent those assets and business functions are on the company’s business systems and networks. Think about it this way: organisations are connected across offices, cities and continents; workers collaborate using mobile devices, laptops and tablets, from remote sites and from home; meanwhile, your customers and partners expect instantaneous access and response times. Now ask yourself: in the event of disaster, outage or shutdown, which of these technology channels would be absolutely essential to keeping your most important business assets functioning? Which functions could your business do without, and for how long? Knowing the answers to these IT questions will go a long way toward building an effective business continuity plan.

If you are concerned about the dependability of the telco or service provider’s redundancy to your business, take the time to explore the following five items with your telecom provider:

  • Understand your business communications system requirements
  • Talk to your telecom provider about their network resiliency status
  • Focus on the services required, not the technology
  • Define and have your telco/service provider build the required level of resilience
  • Ask your telco/service provider for network audits of routing details (pathing)

The key goal of telecom network disaster recovery is restoration of communications systems to the same level of service provided before an outage or catastrophe. But it is also critical to maintain connections while things are still being disrupted in order to keep important information flowing.

If telecom is vital to business survival, you should consider redundant, diverse, private, or higher availability networks to meet your continuity needs.

3. Understand your Vulnerabilities

You also need to help identify your company’s critical components, such as facilities, employees, business processes, IT systems, applications, data, platforms, and networks. Understanding which components are most important to your daily operations will help you identify the vulnerabilities in your business processes and network infrastructure. It will also help you assess the impact a disaster, outage or shutdown would have on employees, customers partners, and other stakeholders.

4. Set Priorities for Risk Mitigation

It is essential to determine how long you can afford to be inoperable and to define the impacts of a disruption to every level of your organization’s operations – business, financial and communications platforms. From there, you can begin to develop a risk mitigation strategy that takes into account each of those impacts, and to identify objectives, requirements and priorities for the recovery of critical business components.

5. Develop Your Recovery Plan

This is an essential point, because no matter how many preventive measures you have in place, disruptions still happen. You can greatly reduce the negative impact on your business and speed up recovery times by preparing your network and IT procedures in advance:

  • Implement system and data backup arrangements and the key procedures to support your recovery strategy.
  • Leverage third party colocation data centres, including those that offer cloud computing, to minimise IT risk issues.
  • Negotiate vendor contracts and/or lease agreements to acquire equipment and services that will help you in the event of a disaster.
  • Upgrade network and business data security such as firewalls, intrusion detection, hacker protection, password authentication, and data encryption.
  • Assess and strengthen your network redundancy and re–routing capabilities, as well as your work–around procedures and/or contingency plans.
  • You should also determine critical vendor and business partner disaster recovery capabilities in the event that they’re impacted by the same disaster.

The role of IT managers and planners will only increase as more business processes move onto company networks and into the cloud. These are just a few very high-level considerations to think about from an IT business continuity perspective.

If you have not fully addressed your communication dependencies and need a trusted adviser, consider Zayo’s team of professionals. Our experience and insight means we can help you quickly pinpoint vulnerabilities, address potentially dangerous situations and document a plan to mitigate the risk should an event ever occur. Zayo can advise, build and manage the right solution for you that is on strategy and on budget.  We can help you protect your access to your information and your IT services no matter what the environment.