Business Continuity: Small Business, Big Problems By Marc A. Reich, CBCP, CDP, MBA



Similar documents
White Paper FASTFILE / Page 1

Why cloud backup? Top 10 reasons

Top 10 Reasons for Using Disk-based Online Server Backup and Recovery

WHY CLOUD BACKUP: TOP 10 REASONS

Read this guide and you ll discover:

Leveraging Virtualization for Disaster Recovery in Your Growing Business

Availability and Disaster Recovery: Basic Principles

Backup and Recovery Plan For Small Businesses

MOVING INTO THE DATA CENTRE: BEST PRACTICES FOR SUCCESSFUL COLOCATION

Expecting the Unexpected. Disaster Preparedness Strategies for Small Business

Are You Prepared to Recover from a Disaster? Offsite Backup of Your Data is Essential.

Emergency Management is responsible for coordinating the City of Houston s preparation for and response to emergency situations.

The more recent Scotiabank survey reconfirms the lack of planning on the part of SME owners for their exit from their business.

Special Report For Small Business Owners...

Little-Known Facts and Insider Secrets Every Business Owner Should Know About Backing Up Their Data and Choosing a Remote Backup Service

One major business challenge is maintaining and improving the efficiency and effectiveness of a company s information technology. Wouldn t it be nice

Emergency Response Program

Frequently Asked Questions about Cloud and Online Backup

11 Common Disaster Planning Mistakes

With a Data Backup Plan, Your Business is Safe. NCGIT.com

STEP-BY-STEP BUSINESS CONTINUITY AND EMERGENCY PLANNING MAY

The 9 Ugliest Mistakes Made with Data Backup and How to Avoid Them

THE CEO S GUIDE TO BUILDING A FAIL-SAFE DISASTER RECOVERY PLAN

The Complete Disaster Recovery Plan

WHY DO I NEED DATA PROTECTION SERVICES?

efolder White Paper: Beyond Business Continuity: How Backup and Disaster Recovery Benefits Your Business

MEDITECH Disaster Recovery

Factors to Consider When Developing an Evacuation Plan

Business Continuity Management:

Can you afford to lose your information?

BEST PRACTICE GUIDE TO SMALL BUSINESS PROTECTION: BACKUP YOUR SMALL BUSINESS INFORMATION

Cyber Security: Guidelines for Backing Up Information. A Non-Technical Guide

White Paper AN INTRODUCTION TO BUSINESS CONTINUITY PLANNING AND SOLUTIONS FOR IT AND TELECOM DECISION MAKERS. Executive Summary

BACKUP ESSENTIALS FOR PROTECTING YOUR DATA AND YOUR BUSINESS. Disasters happen. Don t wait until it s too late.

Matthias Machowinski, Directing Analyst for Enterprise Networks and Video, Infonetics Research, 20152

Insurance Insider Reveals the Secrets of Effective, Comprehensive Protection:

Disaster Recovery and Business Continuity What Every Executive Needs to Know

WA Businesses & Disaster Survey

The goal in creating a comprehensive disaster recovery plan is simple: limit the

The 10 Disaster Planning Essentials For A Small Business Network

TOP TEN TIPS FOR IT DISASTER RECOVERY PLANNING

Winter Conference 2014 Presented By Mark Wingfield Sales Manager PropertyInfo Co., Inc.

KEEPING PATIENT INFORMATION SAFE AND SECURE IN THE CLOUD

Business Continuity Planning advice for Businesses with employees

Five Tips to Kick-Start Your Company s Disaster Plan a publication of

It s the Business! Business continuity considerations for all organisations

The 10 Disaster Planning Essentials For A Small Business Network

Disaster Recovery When a Disaster Strikes, Will You be Ready?

Disaster Recovery for Small Businesses

5 KEY BACKUP FEATURES TO ENSURE A SUCCESSFUL BACKUP REDESIGN

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 125. When Disaster Strikes Are You Prepared?

Local Government Cyber Security:

Don't Wait Until It's Too Late: Choose Next-Generation Backup to Protect Your Business from Disaster

Emergency Preparedness for Design Firms. RLI Design Professionals Design Professionals Learning Event DPLE 244 September 16, 2015

IT & Small Businesses. It can help grow your small business and cut cost where you never thought possible.

BUSINESS CONTINUITY MANAGEMENT A Guide for Businesses In Northamptonshire

Business Continuity and Disaster Recovery Planning

Ensuring your DR plan does not Lead to a Disaster

12 Little-Known Facts and Insider Secrets Every Business Owner Should Know About Backing Up Their Data and Choosing a Remote Backup Service

Data Backup: Developing an Effective Data Retention Policy. By Global Data Vault

Technology Solutions That Make Business Sense. The 10 Disaster Planning Essentials For A Small Business Network

Tedi Bear s Insurance Activity Book

It s All About Restoring Your Data Achieving Rapid Business Resumption with Highly Efficient Disk-to-Disk Backup & Restore

BUSINESS CONTINUITY PLAN

Our Colorado region is offering a FREE Disaster Recovery Review promotional through June 30, 2009!

This policy is not designed to use systems backup for the following purposes:

12 Little-Known Facts and Insider Secrets Every Business Owner Should Know About Backing Up Their Data and Choosing a Remote Backup Service

ACS Backup and Restore

Titanium 3.0. Features. Virtual PBX Technology - Business Phone System

Benefit from Disaster Recovery... Without a Disaster

Backup & Disaster Recovery

Business Continuity Management

Business Continuity and Disaster Survival Strategies for the Small and Mid Size Business

Let s Build a Better Backup

SCHEDULE A DEMO BACKUP AND RECOVERY. deliver true Business Continuity in one, powerful, integrated system.

Midsize Enterprise Summit Business Continuity Questions

WHAT KINDS OF DISASTERS?

4 Criteria of Intelligent Business Continuity

BUSINESS CONTINUITY ASSESSMENT CHECKLIST

TABLE OF CONTENTS DR IMPLEMENTATIONS:... DRAAS:... DR BUDGETS:... INTRODUCTION:... KEY FINDINGS:... PREPARATION:... COMPLIANCE:... CONCLUSION:...

Business Continuity and Disaster Recovery Planning from an Information Technology Perspective

COMMON DISASTER RECOVERY PLAN MISCONCEPTIONS

Why is online backup replacing tape? WHITEPAPER

Introduction. Read on and learn some facts about backup and recovery that could protect your small business.

Disaster Recovery Plan (DRP) / Business Continuity Plan (BCP)

7 Ways You Can Save $ on Your Homeowners Insurance -- And Provide Better Protection for Yourself and the People You Love!

Business Continuity and Disaster Recovery for Law Firms CAROLINE POYNTON

An Insurance Insider Reveals the Secrets of Effective, Comprehensive Protection:

The Weakest Link in Disaster Recovery

RECOVERY CLOUD BACKUPS

The Difference Between Disaster Recovery and Business Continuance

Best practice: Simultaneously upgrade your Exchange and disaster recovery protection

Insurance Insider Reveals the Secrets of Effective, Comprehensive Protection:

Disaster Recovery Process

How To Plan A Crisis Management Program

Contents. Introduction. What is the Cloud? How does it work? Types of Cloud Service. Cloud Service Providers. Summary

Never Test Your Business Continuity Plan Again! For Audio: (1) Listen through PC speakers, OR (2) Dial and use access code

Abel Insurance Agency

a guide to the cloud Understanding the cloud and recreation management understanding the cloud and recreation management a guide to the cloud 683_14

! Insurance and Gambling

Transcription:

Business Continuity: Small Business, Big Problems By Marc A. Reich, CBCP, CDP, MBA The Small Business Administration of the United States estimates that 99.7% of the businesses in the US are considered small. The criterion for being a small business is set by the SBA's Size Standards Committee. Examples are less than 500 employees in mos manufacturing and mining industries or less than $6 Million in revenue in most retail and services industries (http://app1.sba.gov/faqs/faqindex.cfm?areaid=15). With these standards the SBA calculates that there are 23.7 million businesses in the United States and all but 17,000 of them are considered small. Canada breaks down businesses into smaller units with micro-businesses being described as less than 50 employees and small businesses are 50 to less than 500. They still estimate that 99.7% of their businesses are small. So with a plethora of small businesses in the world, why would there be any problems? The reality is that most business continuity planning and management is done in large companies. Yes, large companies mean larger budgets for BCM, and they can afford the time, money, and resources to get the best plans. However, that does not mean that a simple backup routine will be the panacea for a small business. The rest of this presentation lists five reasons; presented in no particular order, of great importance to small businesses do not have a business continuity plan, and solutions to get the planning started. 5) We are not covered by that regulation. Many regulations do not cover small businesses in the same way they require compliance in large businesses. When the HIPAA regulations were written in 1996, they gave leeway of at least a year in each regulatory section to smaller medical practices to help accommodate the cost to the small practices. Many regulations have monetary or employee limitation. OSHA's orders for posting evacuation routes is not invoked until the small business has a certain number of employees working in an area. This allows small businesses the time to afford compliance, but it also creates a loophole for some businesses to keep away from the regulations. The reality is that the regulations are coming. Those that do not cover small business now will in the future. As a small business owner myself, I know the latest laws and regulations can get overwhelming, but we have to keep up with them. Sarbanes-Oxley, HIPAA, and even the Patriot Act either have or will affect your business. If you have a strategic plan, there should be a place for planning the approach your company will use in working these regulations into your business. As the

company grows, you will see more regulations and laws affecting your business. Do your employees know the procedure of closing each day? Do they close the fireproof safe? Do they take the backup with them? The best way to deal with this is to use the strategic plan to deal with the What ifs and When s that these rules will apply and be prepared for them in advance. 4) I won't be around when the problem happens. At one client I asked what would happen if a disaster occurred. Their response was, I have enough years in this company to retire. They would not be around to help fix the problem, or so they thought. When the business is just you, there is no I'll just retire. You are either there or you are not. Your business is there or it is not. There are startling statistics on recovery time and business survival. University of Minnesota found that 80% of companies having extended disasters are out of business within 5 years. IBM Recovery Services reported 50% of companies having a disaster without a plan are out of business within 2 years. DATAPRO Research showed in companies with a major disaster, that 29% close within 2 years and 43% will NEVER reopen. Finally, University of Texas, Arlington discovered the average company will lose at least 25% of their Daily Revenue in the first six days and over 40% will be lost if the disaster lasts up to 24 days. These statistics are the reality of today's fast-paced world and a very sobering set of facts that a small business has to face. If you are commited to your business, there must be a plan for continuity of operations and leadership. A flood, tornado, or any natural disaster does not happen at a convenient time, so the time to plan is now. A small business really needs a succession plan and a continuity plan to keep the business going. The worst possible senario needs to be planned. What happens if the owner of the 8a, minority, company is lost? Where do we go when the river next to us overflows its banks? How do I protect my employees from a disaster? All these questions are a good start for planning. 3) A disaster is not going to happen here. A few years back, a company that built custom furniture bought a fireproof safe. Just in case a fire burned the building down, their custom plans were safe in the safe. They felt that the materials would be replaced and they would get on with work wherever they set up the shop, but the plans were irreplaceable. One night they all left and a fire did occur. It raced through their building housing their factory and, by the time fire crews were able to get it under control, the building was a complete loss. It was after the fire was out and they could go into the remains of the building that they found out that no one had shut the fireproof safe that evening. All the plans were lost. The only thing that saves this company was their reputation for quality custom furniture.

The customers actually came back and helped rebuild plans and waited extra time for their pieces of furniture. Anther example is that of a company whose headquarters was just about half a mile from their data center. One night a violent storm came, and there was a direct lightning strike on their microwave system that communicated at high speed between the data center and headquarters. The dish for the microwave connection was damaged so badly that a replacement had to be sent from the factory. This meant no communications between the two areas for three days. The business had no plans that described how to replace the dish and no way to switch to land lines. They had to hand-carry information from the data center to the headquarters for the time the microwave was down. All this happened in an area that is not known for natural disasters. Never think that a disaster is not going to happen to you. Two states in the US are well known for not having many natural disasters, New Mexico and Utah. The statistics just mean that the mean time between disasters is very long. There are always chances of a lightning strike or the first tornado in forty years. Neither does it mean there are no disasters. There are always fires, chemical spills, faulty sprinkler systems, and simple errors by employees. A plan is not the end-all of safety. It is a beginning. The plan works for the worst-case scenario and other problems that are not as severe. Testing and maintenance must be part of planning. With testing, you may find that the worst-case scenario changes, or a new report has found a natural disaster in your area that was not considered before. What has changed is as important to a plan as what works now. 2) I have a backup. If you have a backup, you are ahead of the game, but not the winner and world champion. The world is full of stories of backup nightmares. The first is the backup that has not been tested and turns out to be blank. I have seen this several times. In most cases, the backup had been running automatically for many years. The tape was verified, but the verification was just that certain headers were written. The rest of the data was not there, just the verified headers. Another is the backup that is sitting on the server in the server closet. If the backup is in the same room as the original data, it is not a backup, it is a copy. The server room or the desk of the system administrator who is in the same building as the server room is a great place for it to be when you cannot get into the building, like when the fire department or police have the area roped off for investigation for a few days. Finally, there is the backup that is placed in an area with water, highly corrosive chemicals, or magnetic influences. The inadvertent placement can

cause damage to the media the backup is on. There have been companies wanting to read tapes that are old from a drafty, damp basement. The format of the tape may be a problem in reading, but the condition of the media may make it impossible to pass through the reading device. I have seen all these nightmares. A backup is only as good as it is and where it is. It is a start to have a backup. It is even better to store the backup in a fireproof safe. Even better is off-site storage from the company. However, there are three steps that should be taken with all backups: Have an automated schedule if you can. Otherwise, schedule regular backups. Make sure the backups do take place and that the software used is verifying more than the headers. Test those backups regularly. A blank backup will not help you recover and continue. The backup should be tested at least monthly. Keep the backup in a fireproof safe if possible. This could be expensive, but it could be the best investment you make. If you store off-site, make sure that your media is stored in a fireproof safe. While you are at it add your software licenses, or copies of those licenses, to that safe. 1) I have no budget for business continuity. Small business is notorious for razor-thin budgets. Money is tight in many areas. With most money coming from personal funds, the entrepreneur cannot always afford the luxury of a business continuity plan. However, the situation is a reminder of the 1980's commercial for Fram TM oil filters, You can pay me now, or you can pay me later. The mechanic was looking into the camera describing how an old oil filter can cause engine damage. In the case of business continuity, the business is the engine. It will suffer if the disaster, continuity, and risk filters are old or not in place. Like an oil filter they must be checked regularly, usually twice a year at least. We do not expect our cars to run well with no or bad oil and filters, but we worry about the cost of a plan that filters many of the risks we have as a business and eliminates others. The cost of a business continuity plan pays for itself many times over in cost savings on customer loyalty, insurance, regulations and laws, and continuity of the company. Many consultants and software packages for planning have very daunting costs. However, the loss of the business is far more costly. Many of the top

ten disasters of the past ten years have cost Billions of dollars. The old joke of How do you start a flood? does not work any more. Liability insurance is not easy to get without some risk mitigation like that you find in a good business continuity plan. There is no easy way to say it, so suffice it to say Small Business needs a Business Continuity Plan! There are ways to get a quality business continuity plan and keep the price low. If you do not want to do it yourself, there are also consulting packages that can help you. Disaster Recovery Journal has an annual survey of business continuity consultants. Look for a company that will help you in the planning, testing, and/or maintenance your need. They may also have software or resell a software package for continuity planning. A plan is only as good as its last test. I will suggest a plan that can work for many small businesses. Have the consultant come in only when needed, e.g., once a month. This plan offers the small business a chance to have a plan built, maintained, and tested regularly. Continuous Solutions offers that type of plan under the MyCBCO TM plan (http://www.continuoussolutions.com). If you want to do it yourself, there are software packages and classes that you can take. The price of software may look expensive, but there are some very good low price packages that can help you pull together the information you need. Once again, a good list of these products is in Disaster Recovery Journal's annual survey of business continuity software. The best series of training for business continuity management is from DRII (http://www.drii.org). There you can get a basic understanding and also be certified in business continuity by the world leader in business continuity training. With the number of small businesses that are flourishing in the new economy, it makes sense that local disasters will cause more havoc. More businesses in one location means a broader problem if a disruption occurs. Having a continuity plan is invaluable in this case. When all around you are losing their heads, you may just keep yours, and your business as well. Marc Reich, CBCP, CDP, MBA, is the President and Principal Consultant for Continuous Solutions, Inc. located in Albuquerque, NM. He has over 25 years in the IT industry, including over 10 years as a Certified Business Continuity Professional. He is also a Certified Instructor for DRII. Marc can be contacted at marc@continuoussolutions.com.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information