Can Your Business Survive a Natural Disaster?
On April 27, 2011, dozens of tornadoes ripped through the American Southeast, leaving scores dead and millions of dollars of property damage in their wake. On April 16, 2011, tornadoes killed 22 North Carolinians and destroyed more than a thousand homes and businesses. Japan’s earthquakes and subsequent tsunami resulted in tens of thousands of deaths, untold billions in damage, and an ongoing nuclear crisis. Even if we look beyond the tragic loss of lives, what about the businesses that remain and the people who work for those businesses? Are they all simply gone?
Doom and gloom-that depends.
What would happen to your organization in the event of an extended power failure? Or if some natural disaster—flood, fire, tornado, earthquake—wiped out your location, and your data? Would your business be able to maintain operations or resume them quickly? Not if your business has no continuity plan in place.
Maybe you already have some plans and preparations in place. How much is enough? Can you just put a plan in place and expect that’s enough?
Practicing What We Preach
Sunstates Security’s business continuity plan is the culmination of a three-year effort that optimizes efficiency and emphasizes redundancy in both systems and personnel. Even so, recent tabletop exercises uncovered a minor, but significant, issue with potentially serious consequences: insufficient access to master keys.
Sunstates’ existing continuity plan makes it possible for the company to maximize employee safety, to relocate its base of operations, to maintain customer data integrity, and to maintain company payroll, all within 24 hours of some catastrophic event at the company’s headquarters. Can you say the same of your organization?
Best Practices in Business Continuity
According to Sunstates Security President Glenn Burrell, staying one step ahead is critical. There is no such thing as over-preparation. Burrell recommends several ways for companies to structure their continuity protocols:
- Create a business continuity committee with senior-level participation. Contingency plans require top-down commitment; otherwise, they’re not worth the paper (or pixels) they’re printed on.
- Develop checklists of procedures for every member of the contingency planning team. Checklists should maximize redundancy and flexibility whenever possible.
- Require vendors to enact business continuity plans. If your vendors can’t function, how can your business?
- Commit a real budget to support business continuity. Expect that the plan must evolve to remain effective. Discovering security vulnerabilities will require consistent resources.
- Conduct both tabletop exercises and drills. Tabletop exercises can identify roughly 75% of the vulnerabilities, but the rest can be found only through real-life drills. Drills should be conducted during normal work hours to reflect real-world conditions. Holding drills at the end of the workday is one way to maximize productivity and minimize disruption.
- Train employees and refine the plan twice a year. Threats and situations constantly evolve, so it’s important to keep these plans active and current.
Sunstates Security can help your organization develop and maintain an effective business continuity plan, including drills, tabletop exercises and communication. Contact us today to find out how.