Depending on which vendor, analyst house or consultant you speak to, the statistics around the number of businesses with business continuity plans in place will vary greatly. In fact, a recent Cabinet office report suggests that whilst 64% of large enterprises have adequate plans, only 25% of small businesses have stepped up their efforts in this area. These figures are even more surprising when the same report highlights the fact that 40% of businesses experience operation downtime as a result of IT failure each year.
The potential damage from IT downtime can be wide-reaching, and small firms are certainly not exempt from this. It is essential to remember that for both large and small organisations, business continuity planning is not an exercise in box ticking to lower insurance premiums, but a project which potentially can keep the business afloat in the face of a very real threat.
Technology underpins most modern businesses. Servers host a range of business applications, storage devices often with terabytes of data, and increasingly today, mobile devices, such as laptops and BlackBerry handsets enabling remote connection and communication for employees on-the-move. If IT fails, then inevitably the business also fails; emails are not sent, orders are not processed and corporate reputation along with lost revenue can quickly have a significant impact.
Business continuity solutions, despite traditionally being perceived as a tool for large enterprises, are now crucial for even the smallest organisation. To put this into context, in June 2009, the thirty-strong team at ‘24 Hour Insurance' were told that due to overnight storm damage, the company's London head office was off limits; closed until further notice. Customer and broker enquiries mount up, invoices are backlogged waiting to be actioned, staff in the company's Middlesbrough branch are waiting for their wages to be paid by HR. The damage to the business is all too real.
Fortunately, senior management at the organisation had recognised the instrumental role that IT plays in the company's very existence and had initiated a disaster recovery plan that allows employees to connect to an exact replica of the company's key application servers at a remote site in Manchester. The HQ may be down, but with communications up-and-running through Microsoft Exchange, access to key applications enabled some form of business infrastructure exists, which allows the company to engage with internal and external customers and provide some level of service.
Of course, this is just a fictitious example, and technology is not the only factor in play here. However, by planning for disaster organisations can evaluate which applications and systems are core to the business and must be kept running at all times - even at a remote site, how long it will take to reinitiate the service and which type of disaster recovery best suits the organisation's needs.
Particularly in the current economic environment, small companies can look to protect only their most critical applications before implementing business continuity across their entire infrastructure, which may be a more affordable way to protect themselves during the recession. This shows that although the process sounds costly and complex; the truth is that it really isn't.
If the Home Office statistics reflect what is actually going on, then small businesses need to face the challenges of business continuity with a positive outlook, rather than the ‘it won't happen to me' approach which has been so common in the past. The threats are real, the impact on business is real, and fortunately the technology to safeguard core functions, such as IT, is also very real. Planning to fail can be described at worst as pessimistic, failing to plan, well, that's just inexcusable.
For more information please visit www.neverfailgroup.com