Security

Expect the Unexpected: How to Build a Better Business Continuity Plan

Software vulnerabilities and network downtime can happen anywhere, anytime. To protect critical assets, companies need better business continuity plans.

Rajiv Jain

Rajiv Jain is a Field CIO/CTO for the Financial Services Vertical at CDW.

Most companies that I speak with already have business continuity plans in place. That’s certainly true in the financial services industry, where even short and mild network disruptions can cost billions in revenue and wreak havoc on a business’s reputation.

It’s a good thing, therefore, that companies have plans in place for ransomware attacks, natural disasters, power outages and other events that can disrupt normal operations. But as the boxer Mike Tyson once famously said, everyone has a plan until they get punched in the mouth.

In July, through no fault of their own, millions of businesses took that punch as a global IT outage knocked many organizations offline for hours or days. Billions of dollars in losses were reported and recriminations continue.

For businesses, the outage was an opportunity to see how their business continuity plans would hold up under real-world conditions. For the many that did not like what they saw, the hard truth is that something like that outage was inevitable and will likely happen again.

A business continuity plan that accounts for the unexpected will help them better navigate issues when they arise.

Click the banner below to learn more about disaster recovery plans.

x-cyberresillience3-static-2024-na-desktop

x-cyberresillience3-static-2024-na-mobile

Elements of an Effective Business Continuity Plan

While no two continuity plans are identical, three elements are critical for success:

Put it in writing. With digitalization of assets and documents now a priority for organizations, it’s tempting to take a digital-only approach with business continuity plans. But what happens when systems go down and digital versions aren’t available? Business continuity plans should be accessible online, on local digital media, on physical storage devices and in hard copy. This way, even if networks crash and the power goes out, teams can still reference continuity plans and prepare for next steps.
Make it granular. Different types of emergencies require different levels of response. The first tier of business continuity response is basic disaster recovery failover: If servers go offline or experience catastrophic failure, companies need a plan in place that shifts services to a backup environment with minimal disruption, giving teams time to address primary system issues. Other tiers may include cloud service failures, ransomware or distributed denial of service attacks, or large-scale disasters that leave companies without internet access for days or even weeks. When it comes to business continuity, more maturity means more granularity.
Test everything. The final component in building an effective business continuity plan is testing. First, companies need to test all patches and upgrades before they are installed. Even if trusted providers give the go-ahead, every business IT environment is different, and what works in theory may not work in practice. It’s vital that test runs be performed before continuity problems occur. This offers a dual benefit: IT teams get the chance to evaluate plans in action, while business end-users experience how the plan will impact day-to-day operations and how workflows will adjust to compensate.

Get Help With Business Continuity

It’s one thing to understand the need for a better plan; it’s another to put it into practice.

With CDW’s help, businesses can be better prepared to manage emerging challenges and meet recovery goals. From archiving to backup, converged infrastructure and disaster recovery, CDW has the tools and technologies companies need to navigate the new world of business continuity.

Organizations also get the benefit of expert assessments and advice to design plans that reduce the impact of unexpected incidents. CDW experts can help your company answer four key questions about its continuity plan:

What should be in it?
How should it be implemented?
How often should it be updated?
What often gets forgotten?

IT disruptions will happen. By building a better business continuity plan, companies are better equipped to manage downtime, minimize response times and mitigate impacts.

This article is part of BizTech's EquITy blog series.