Why Companies Need A Next-Gen Approach To Business Continuity

Uploaded on 2022-09-30 in TECHNOLOGY--Resilience, TECHNOLOGY--Developments, FREE TO VIEW

During the pandemic, many organisations embraced a hybrid environment, allowing employees to work from home or anywhere else. On top of this, many have adopted or are now implementing infrastructure-modernisation initiatives and digital-transformation programs.

These significant changes bring various challenges, including increased complexity, potential vulnerabilities, and the burning question of how to keep operations running smoothly during a natural, hardware, human or cyber disaster.

To solve those challenges, IT teams must reevaluate their approach to business continuity. The IT metrics to measure business continuity remain the same: uptime, the availability of data and apps, and backup and recovery. But the widespread transition to remote work and digital technologies demands a new approach to business continuity that acknowledges IT's growing responsibility to enable a hybrid workplace and keep all digital systems up and always running.

This approach applies to every company that relies on technology to do business. For example, the French restaurant down the street that uses cloud-based software allows customers to order and pay on their phones. If there is a disruption, if customers place orders that don't go through, the restaurant loses not only the orders but the trust of those customers.

For every connected company, continuity is now an absolute requirement, whether that company is in the business of high tech or haute cuisine.

As they get increasingly digital, there is greater pressure than ever on organizations to achieve 24/7 uptime. An independent global study commissioned by Arcserve showed that 83% of IT decision-makers believe 12 hours is the maximum acceptable downtime for critical systems before a measurable negative impact on business.
And, for many businesses, even this is too long. Indeed, according to a 2021 study from IBM, just one hour of downtime for a single server can cost firms $100,000. So, for an organization with 1,000 servers, that comes to $10 million per hour.

To minimise downtime, today's organisations must take a next-gen approach to business continuity. Here's how they can do it.

Create A Plan

Every organisation should have a business continuity plan. It is a step-by-step plan that will guide your response to a disruption, a time when speed and clear thinking are of the essence. Your plan should encompass any contingency - natural disaster, electrical outage, or cyber attack - so you can address the cause, minimise downtime, and control damage to your revenue and reputation.

Your plan should be comprehensive. It should list the resources needed in a crisis, such as data backups and storage locations. It should also include workers' steps to properly alert company leaders, maintain customer communication, and sustain productivity.

Companies should test the plan regularly to ensure it will work when needed. Testing will help you identify and address weak points before being exposed to a crisis. With a robust and regularly tested plan, you can move forward with confidence that you'll be able to safeguard your data and restore it if necessary when a cyberattack or natural disaster strikes.

Make Data Backups Front Of Mind

Most companies will suffer a data-loss event at some point. In the recent survey commissioned by Arcserve, 74% of midsize companies said they had experienced data loss in the past five years, and 52% of respondents said they could not recover all their data after a loss.

Businesses should adopt a 3-2-1-1 data-backup strategy to prevent data loss. It means three backup copies of your data on two different media (disk and tape, for example), with one copy stored offsite for disaster recovery. The final 1 is immutable backup storage. Immutable backups are the key to successful disaster recovery and business continuity. They convert your data to a write once, read many times format that can't be altered, deleted, or encrypted.

Establish Your RPO And RTO  

A solid business continuity plan should also include recovery point objectives (RPO) and recovery time objectives (RTO), along with steps to achieve them.

RPO is the amount of data your business can tolerate losing in a disruption before the company experiences serious harm. It's the benchmark you use to decide how often you should back up your data and determine the infrastructure you need to enable that backup schedule. Companies can set different RPOs for different functions of the business. For example, dynamic files like financial transactions need a short RPO. Due to the number of variables involved, the recreation of such files is often not possible if they're lost. Static files like employee records can have a longer RPO.

RTO is the maximum amount of time after a disruption before your operations should be up and running normally again. Once you've established your RTO, you can make informed decisions about your data resilience plan. So, if you decide that your organisation can tolerate only one hour of downtime, you'll know you need to build a recovery program that enables you to be back up and running within an hour.

Final Takeaway

In the old days, companies waited for disruptions to occur, and if they did, they learned, adjusted, and moved on. Nowadays, with the threat of disruptions frequent and the damage done by data loss potentially fatal, companies need a next-gen approach to business continuity.

They need a solid and regularly tested plan. Organisations with such a plan will withstand the threats coming at them fast and furious, from natural disasters to cyber attacks. Organisations that don't have such a plan will find themselves in the rearview mirror.

Florian Malecki is Executive Vice President of Marketing at Arcserve

You Might Also Read: 

Containers Are Temporary, But Container Data Is Not:

 

« Securing The Future Of Open Finance
Lessons From The Cyber Front Line »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Exclusive Networks

Exclusive Networks

Exclusive Networks accelerate market entry and growth for innovative cybersecurity, networking and infrastructure technologies.

Homeland Security Investigations (HSI)

Homeland Security Investigations (HSI)

Homeland Security Investigations (HSI) is a premier federal law enforcement agency within the Department of Homeland Security (DHS).

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

Nexthink

Nexthink

Using our solution, hundreds of IT departments effectively balance offering a productive and enjoyable end-user experience with making the right decisions to secure and transform the digital workplace

Arab Information & Communication Technologies Organization (AICTO)

Arab Information & Communication Technologies Organization (AICTO)

The Arab ICT Organization (AICTO) is an Arab governmental organization working under the aegis of the league of Arab States.

H-11 Digital Forensics

H-11 Digital Forensics

H-11 Digital Forensics is a global leader of digital forensic technology.

CyberSaint Security

CyberSaint Security

CyberSaint’s CyberStrong Platform empowers organizations to implement automated, intelligent cybersecurity compliance and risk management.

Cyber Talents

Cyber Talents

CyberTalents is on a mission to close the gap of cyber security professionals shortage across the globe.

Thomsen Trampedach

Thomsen Trampedach

Thomsen Trampedach offers a tailored-made brand protection solution to each customer using a proprietary enforcement automation and reporting tool and a multilingual enforcement team.

Netacea

Netacea

Netacea provides a revolutionary bot management solution that protects websites, mobile apps and APIs from malicious attacks such as scraping, credential stuffing and account takeover.

BeyondTrust

BeyondTrust

BeyondTrust is a leader in Privileged Access Management, offering a seamless approach to preventing data breaches related to stolen credentials, misused privileges, and compromised remote access.

Creative ITC

Creative ITC

Creative ITC is a leading infrastructure and cloud enablement company. We design and deliver exceptional managed services and cloud solutions.

European Cybersecurity Competence Centre (ECCC)

European Cybersecurity Competence Centre (ECCC)

The ECCC aims to increase Europe’s cybersecurity capacities and competitiveness, working together with a Network of National Coordination Centres to build a strong cybersecurity Community.

Armolon

Armolon

Armolon provides comprehensive data breach and cybersecurity, as well cybersecurity audits and certifications, and disaster recovery/business continuity services to clients.

Longbow Security

Longbow Security

Longbow automates root cause for your application and cloud risks, enabling teams with intelligent remediation actions that reduce the most risk with the least effort.

True North Solutions

True North Solutions

True North Solutions provides a wide range of fully customized, vendor-neutral industrial engineering and OT automation solutions to companies across North America and around the world.