Business Continuity originally emerged from the military’s need to protect their operations from failure due to reliance on a single centralized system. If a particular facility were destroyed, the whole system would go down. To remedy this they created contingency plans in the case of an outage.
Here are some common industry definitions:
Gartner: “Business continuity…is a broad disaster recovery approach whereby enterprises plan for recovery of the entire business process. This includes a plan for work spaces, telephones, workstations, servers, applications, network connections and any other resources required in the business process.”
The International Organization of Standards: “Business Continuity is defined as the capability of the organization to continue delivery of products or services at acceptable predefined levels following a disruptive incident.”
Tech Target: “[Business Continuity]describes the processes and procedures an organization puts in place to ensure that essential functions can continue during and after a disaster. [Business Continuity] seeks to prevent interruption of mission-critical services, and to reestablish full functioning as swiftly and smoothly as possible.”
Cloud Security Alliance: “Business Continuity and Disaster Recovery (BC/DR) are the contingency plans and measures designed and implemented to ensure operational resiliency in the event of any service interruptions.”
National Fire and Protection Association (NFPA): An ongoing process to ensure that the necessary steps are taken to identify the impacts of potential losses and maintain viable continuity and recovery strategies and plans.
As you will learn, Business Continuity is a business process, set of procedures, methodologies and an overall management approach to making a business impervious to any form of disaster which would disrupt business operations.
The Problems and Pains of Modern Technology
According to the RSA, there were 173% more fraud attempts on mobile between 2013 and 2015. Today’s modern world comes with it’s challenges and one of the biggest to date is managing sensitive data securely.
Here are some staggering cyber-security statistics graciously put together on Barkly’s blog:
In Q3 2016 alone, 18 million new malware samples were captured.
More than 4,000 ransomware attacks have occurred every day since the beginning of 2016.
The amount of phishing emails containing a form of ransomware grew to 97.25% during Q3 2016, up from 92% in Q1 2016
78% of people claim to be aware of the risks of unknown links in emails. And yet they click anyway.
52% of organizations that suffered successful cyber attacks in 2016 aren’t making any changes to their security in 2017
Of organizations who suffered an attack in 2016, 45% expect budget to stay the same and 7% expect budget to decrease.
The Emergence of Ransomware
Ransomware combined with pre-existing threats have evolved is taking the world by storm along with their money on many occasions. (To 2015 this was to the tune of $24 million and included hospitals, universities and even sheriff’s departments)
Ransomware works by: (1) introducing an infected file (2) locking up your files and or computer (3) providing a timer window that gives you a deadline to pay the designated “ransom” (usually through Bitcoin) after which you get your files back. However in some cases, some or all of the files will not wok or will not be returned. Prevention is the best cure.
Public, Investor and Regulatory pressure to perform (+ The liability when things go wrong)
The public, investors and especially regulatory bodies are not always the most forgiving when things go wrong. This means a lot of pressure put on managers, executives and organizations as a whole to get it right. This is why proper assessment, management and ongoing implementation is critical.
How BC Prevents the Pains of Disasters
Business Continuity is one of those things that is extremely easy to lay out and thing through but is far more difficult to implement day to day. And that implementation is the critical final step to truly be as disaster-proof as possible.
Some steps to keep in mind to prevent ransomware and other disasters from hindering your business:
- Network Fail-over – Having a secondary mode of internet in case the primary source fails. Typically we will recommend an air card on the PC or laptop which will activate in the event of a failure.
- Data Backup – Protecting your data by creating copies daily in multiple geographically spaced out locations. We do this through our various data centers across the nation.
- Operating System (OS) redundancy – Can the system be recovered and configured quickly? The key is to be able to not only recovering the data (through data backups) but rolling out the original OS with everyone’s settings in tact. Often people can access everything remotely which allows for a more location independent work vs limited to just the main office space.
The key to mastering business continuity is not only preparation but implementation of that preparation. Even small moves toward protecting your data and its users are better than dozens of year long document plans alone.
Best of luck with your Business Continuity planning!