How Does Your Business Continuity Policy & Disaster Recovery Plan Measure Up?


According to CompTIA’s “Business Continuity and Disaster Recovery Research Brief”, 75% of businesses state their most valuable asset is their data. Yet only 31% of small businesses have a comprehensive Business Continuity Policy and Disaster Recovery (BC/DR) plan. Why such a low percentage? The reasons range but typically include businesses being unaware that their BC/DR plan is in-comprehensive due to a lack of proper data audits or business impact analysis, or not conducting reviews and testing of their solution.

Four out of ten companies decide to implement a BC/DR solution due to the increase in new regulations and compliance over the last few years. Additionally, society has grown less tolerant of downtime and clients expect IT related services and applications to be available 24/7. Guaranteeing uptime for businesses ensures they can continue to provide their services and communicate. Just a few minutes of downtime can result in critical loss productivity, disrupted supply chains and ultimately lost revenue.

Why Else Should You Have a Business Continuity Policy?

Besides regulatory compliance, why else would a company consider implementing a BC/DR solution? There are many unpredictable instances that are outside of our control such as natural disasters, self-inflicted security breaches and hardware failures. Many businesses owners are becoming more aware of the consequences of data loss and failed systems and due to this, Markets and Markets predicts the global cloud storage market will experience a compound annual growth rate of 40% through 2018.

So why cloud storage for your business continuity and disaster recovery? Gone are the days of the traditionally cumbersome and unreliable tape backup drives. Cloud storage offers many advantages such as easy accessibility, scalability and security. It’s important to understand there is still a physical storage aspect when your data is backed up to the cloud meaning that data is still stored on a physical server somewhere. The difference is, depending on your backup provider, your data should be stored in a secure and guarded data center that is closely monitored. These data centers are temperature controlled server rooms with 24/7/365 monitoring and no less than AES 255 bit encryption for all data in transit. This is a vast improvement from the typical server closet at a SMB business.

When choosing a business continuity or disaster recovery solution, it’s critical to choose a provider with experience and knowledge. According to CompTIA, Business owners need to ensure their provider conducts the following when implementing a solution:

  1. Data inventory / audit– Determine which applications and systems are most critical. Remember that QuickBooks may be critical to accounting but an ERP system is also critical to sales and marketing to conduct business.
  2. Risk Assessment (internal and external)- What regulatory compliance must your business adhere to? What are your network and/or infrastructure weaknesses?
  3. Creation of processes to address risk and compliance scenarios- Consider all possible scenarios on what would be needed to restore functionality to an operational point. Keep in mind expected vs actual recovery time. 4 hours may seem like a reasonable amount of time to restore services, but when the entire staff is sitting with nothing to do, is 4 hours really acceptable?
  4. Deployment of BC/DR technology and procedures- Deciding on what technology (offsite/cloud, onsite/premise or hybrid solution) best works for the business model and what to do if the BC/DR plan needs to be enacted.
  5. Review and testing- This step is critical. A business investing in a top notch solution means nothing if it doesn’t perform. There is always the unknown and unforeseen to be expected. It’s best to modify the procedures proactively rather than re-actively under stress.

In addition to choosing the best way to implement a business continuity policy or disaster recovery solution for a business, an experienced solution provider is familiar with best practices, tools and optimizing the solution will be very important. For example, it may seem logical to backup all data, but doing so will not only require additional storage but may result in a longer restoration time. There are numerous factors to consider while implanting and updating a business’s BC/DR plan, but ensuring you have a trusted IT partner working with you is the first step in protecting your business continuity.