Although a business continuity plan now typically covers more than just IT aspects, that doesn’t mean that IT issues are static. With mobility exploding among users in 2012, security threats are growing at the same rate as well. Worse still, they are affecting not only traditional software download and email delivery routes, but also the social networks hailed as the new marketing vector for businesses in general. How can you simultaneously ask people in your organisation to get involved in Facebook for example, and protect them from the now inherent security risks?
Read the rest of this entry »
News
Malware Threats and Your Business Continuity Plan
May 18th, 2012Automation and Business Continuity Plan Best Practice
May 16th, 2012When you’ve implemented business continuity plan best practices in your organisation, the next logical step is to automate them. The assumption is of course that you really do have best practices in place; otherwise automation will simply help you to be wrong more efficiently. In addition, BCM automation has a way of unexpectedly bringing things to upper management’s attention, so you’ll want to be sure that your BC planning has a solid foundation and sensible execution first of all. If this is the case, then there are two good reasons for automating.
What’s the Difference between Crisis Management and Disaster Recovery Planning?
May 14th, 2012What’s in a word? With the multiple definitions of disaster recovery planning already in existence, here comes crisis management as well. Example: let’s say your whole data centre crashes because of a faulty power supply configuration, leaving you with no sales and no customer support, and your IT staff threatens to walk out because of “unacceptable working conditions”. Is that a disaster or a crisis? Is there a difference in the way you should handle it, and will things get worse if you make the wrong choice?
Disaster Recovery Plan Templates for Critical Data
May 11th, 2012If disaster recovery planning seems like just one more of those things to do when you can get round to it, it may help to think about the critical business data you need to protect, and get started with a relevant disaster recovery plan template. Your organisation has information concerning customers, operations, and administration that is irreplaceable and that you cannot afford to lose. A template list like the one below can help get the ball rolling. Read the rest of this entry »
Small business crisis plans few and far between
May 9th, 2012New Zealand small and medium-sized firms are highly unprepared for a future crisis similar to the Christchurch earthquakes, a study has found.
Massey University’s annual BusinesSMEasure canvassed 1000 companies across the country. It found only a small proportion of the firms surveyed had a formal continuity plan in place and fewer than 10 per cent had a written crisis management plan.
Read the full article here: http://www.nzherald.co.nz/small-business/news/article.cfm?c_id=85&objectid=10803946
Business Continuity Plan Templates and the BCI 2012 Horizon Scan
May 9th, 2012The idea of a business continuity plan template is intuitively seductive: you take a “one size fits all” document, tick the boxes that apply to you and then “turn the handle” to generate your BC plan. There are certainly common principles, risks and factors across businesses and organisations in general; but the latest survey findings from the Business Continuity Institute (BCI) suggest that it’s now even more important to avoid overly generic or encyclopaedic templates. If you’re going to use a template, start off with the approach that’s right for your business. Read on to find out why.
Business Continuity Good Practice Guidelines for 2022?
May 7th, 2012Yes, you read that correctly – what will business continuity good practice guidelines look like in ten years’ time? Given the evolution of BC planning over the last ten years, what the next ten will hold could be anybody’s guess. Unlike traditional things in life whose worth depends on them staying close to a few solid and immutable principles with only a little leeway for variation (think of macaroni cheese, for example), business is driven to change by constant competitive pressure. Yet for those who want to be ready for 2022 starting from today, there is an answer.
Lessons from a Business School on Business Continuity
May 5th, 2012From time to time, it’s instructive to look around and see what organisations are doing with business continuity. With business continuity management now an increasingly important part of good business practice, business schools are led to include this in their courses, and hopefully practise what they preach. A visit to the website of the London School of Economics shows that the LSE has defined plans and procedures in this area, although it also leaves one question open.
ISO 22301 Societal Security for Business Continuity Management is coming
May 3rd, 2012New standards for business continuity management take a while to define, vote and promulgate, so a schedule that has changed slightly for ISO 22301 in the course of its development isn’t necessarily a problem. What was originally planned as a Q1 release of the standard now appears to be scheduled for May, although by this stage the contents of the standard should be more or less firm. How much the standard will consolidate the “sea change” of societal security has yet to be determined; a concluding remark in a presentation on the subject by the British Standards Institute (BSI) in 2011 could be interpreted in a number of different ways.
MTO and RTO in a Cloud Backup Context
May 3rd, 2012A couple of interesting cases came up recently about differences in cloud backup services, and the effect that this might have on MTO and RTO. As a reminder, maximum tolerable outage (MTO) is the maximum time you or your organisation can afford to be without a given system or resource; recovery time objective (RTO) is your goal for getting a system back in operation. The relationship between the two is MTO = RTO + work recovery (tackling the backlog due to the outage, for instance). In an IT context, whether or not you are over or under the limits set for these measures may depend on how fast you can recover backed-up data – but also on how fast you can back up that data in the first place.
Disaster Recovery Repackaged for SMEs
April 30th, 2012Small businesses typically don’t have much in the way of an IT department. Often as not, IT is somebody’s part-time responsibility while holding down the rest of a job. Neither do they necessarily have the funds to splash out on elaborate disaster recovery solutions, or the time to sit down and figure out how to join up all the pieces of equipment necessary for safeguarding their data. So it’s not surprising that a Californian start-up, another small business in its own right, has come out with an offer that addresses this situation. Read the rest of this entry »
Business Continuity Management for the Masses
April 27th, 2012Henry Ford would have appreciated the Wiley publishing company’s approach to business continuity management. In keeping with the rest of its “For Dummies” books, Wiley will (September 2012) be bringing out the “Business Continuity for Dummies” edition, mass-produced BCM in something of a one-size-fits-all approach. Not that there’s anything wrong with that – BCM deserves a wider audience and popularising some of its principles and techniques can be a good way to raise people’s levels of awareness at all levels of an organisation. The open question is whether or not people will “internalise” business continuity any more after they’ve read the book compared to before.
Business Continuity Test Scenarios and Predicting What to Test
April 20th, 2012You can’t test absolutely everything; it’s fact that rapidly becomes obvious when you start to put together business continuity test scenarios. Common sense dictates that as a priority you should test the scenarios that have higher risk and that do more damage, all part of the risk and business impact analysis that goes into BC planning. It’s interesting to see that at a recent FICO-hosted (FICO does credit scoring, among other things) meeting in London, financial services organisations considered cyber-attacks to be a major threat as the 2012 Olympic Games in London draw closer. Is that conclusion based on feeling? Or is it a prediction based on scientific analysis?
Building Business Continuity into the Heart of a System
April 17th, 2012While business continuity goes further than IT and data protection, it’s a sign of the times when computer hardware manufacturers start building BC directly into their systems. Twenty years ago, BC in the guise of “100% uptime” fault tolerant systems was the select domain of companies like Tandem and Stratus. Although costing less than some of the extravagant solutions of the time, their products were nonetheless expensive compared to standard computer server offerings. So what is Intel, mass-market chip and systems manufacturer, up to with its recent “best-in-class” business continuity announcement?