Business Continuity Plan – Implementing and Testing
Now that you’ve reviewed your infrastructure’s Business Continuity requirements, you’ve also discussed your needs with your UniVista Account Manager and you’ve allocated your budget accordingly, it’s time to implement and test the plan.
The Scenario: Systems are down. Now what?
A key part to implementing and maintaining a Business Continuity Plan is documenting it. Provide a Master Plan or User’s Manual for when the inevitable strikes your organization. This will allow various members of your team to know how to proceed with the recovery. Create a comprehensive, easy to understand and, most importantly, easy to follow document. At a high level, you want your document to cover: Who, What, When, Where, Why & How.
WHO: Who will implement the plan? Identify your Recovery Team(s).
WHAT: What are your business’ Critical Functions. What infrastructure or service are they running on?
WHEN: When do you implement your recovery plan? How quickly after a loss is identified, do initiate the Disaster Recovery plan?
WHERE: Where does recovery happen and how do you connect to it? All your company’s efforts will be for nothing if no one can locate or access the recovery infrastructure!
WHY: Why are you initiating your Disaster Recovery plan? What acceptable loss factor has triggered the disaster flag?
Additionally, you will also need to identify how to access your plan in the event of a total loss of your data and email storage. For example, in the event of a fire or flood, keep multiple copies of your Business Continuity Plan printed with key employees or stored online in Microsoft SharePoint.
Keep your plan up to date. Schedule periodic reviews, both internally and with your UniVista Account Manager to ensure your plan remains viable and will work when you need it to. There’s nothing worse than trying to recover from a scenario with a poorly implemented or outdated plan.
Testing and why “Fire Drills” are important… Your organization’s plan is documented, you have implemented backup solutions, now you must test your Disaster Recovery plan – essentially, run your “fire drill.” These “fire drills” are important to determine if you’ve covered everything and will help to identify where you may have weaknesses. Your initial Disaster Recovery test may uncover gaps in your plan which require attention. Work towards resolving those gaps, but more importantly: schedule your next test. Determine whether you’ll be testing quarterly, biennially, or annually. If you need help determining how often to run your test, please feel free to consult with your UniVista Account Manager.
Evaluate your testing experience… Regularly testing your plan keeps you, along with key members of your team, familiar and ready for when disaster strikes. However, you will also need to review and evaluate the recovery plan on a recurring basis. Evaluate and review these questions; Is your list of Critical Functions up to date? Is their hierarchy of importance weighted the same as when the plan was initially documented? Have you added, removed, or changed a service or team that needs to be reflected in the plan?
Moving forward with a plan… Now that we’ve discussed key elements of implementing and testing your Business Continuity and Disaster Recovery Plan, what questions do you have? Are you able to understand the process, but aren’t sure how to get started? Are you unsure if your business has an additional compliance element that requires a Disaster Recovery plan? Do you have an old Disaster Recovery plan that needs revisiting? Let your UniVista Account Manager know. We can answer questions and create a project that fits your specific disaster recovery needs.
Following your Business Continuity Plan Assessment, naturally comes planning and implementation. This is where the hard work begins. “This COVID economy has made money tight and my staff is already too busy”, you say. We understand your situation all to well. Human nature often causes us to put things off that we know we should deal with. Unfortunately, every now and then, that thing that we keep putting off becomes a situation we need to deal with NOW. When this invariably and eventually happens to your organization, your customers suffer because your business can no longer support or supply something they need. This exact scenario is why having a Business Continuity Plan is so critical. Don’t make the mistake of trying to put off implementing a plan due to current costs. The sooner you get starter the better and safer it will be – for you, your employees and your customers.
Luckily, getting a business continuity plan together is as easy as calling your UniVista Account Manager. Our project team will manage the entire continuity process for you, leaving you free to focus on your customers.
Technology Lead Times.
Often, your business continuity plan will require additional products to protect your current infrastructure. As a result of the current COVID-19 pandemic, the technology supply chain has become unpredictable, to say the least. Lead times for technology products, even trivial products, frankly, are getting longer and trickier. Rest assured, our team is great at assessing and managing these lead times for you.
A good portion of technology is manufactured in countries like China, Mexico and India. Unfortunately, not only has a great deal of their manufacturing either slowed or stalled, shipping times have increased, as well. This means, without proper planning, replacing a critical system may take weeks and not days. When we create or revise your Business Continuity Plan, we’ll always keep current product availability and lead times in mind.
What is the Cost of Your Business Being Down?
Technology can be expensive and difficult to justify. “By buying something, will I end up saving money?”, is always one of the hardest questions any business can answer. We try to make this question easier for you to answer. Early in the business continuity planning process, we will help determine what the daily cost to your business is when critical functions are unavailable. This metric will make any purchase decision magnitudes easier. Suddenly, that tech becomes a cheap and an appropriate measure vs. the potential cost of your business being down.
When to Buy? Now vs. Later
Unfortunately, there is always a relationship between product availability and cost. Since the start of the COVID pandemic, these relationships have become more complex and the cost of some items have increased. It’s important to consider these new technology costs, along with the increased lead times, when making a new Business Continuity Plan and factor those changing costs into your budget.
You’re not alone in making this assessment. Your UniVista support team will discuss what technology your organization requires, or may be lacking, and will weigh the risks of procuring, or not procuring, any required technology immediately as part of your Business Continuity Planning process
If you have any questions regarding proceeding with your Business Continuity Plan, please contact your UniVista Account Rep. We are always here to help!
We last discussed the importance of having a Business Continuity Plan, along with the importance of regular assessments. Now, more than ever, it’s important to ensure your business processes will remain safe and viable irrespective of what may occur. If you haven’t already, take advantage of our Business Continuity Assessment Quiz: https://univista.com/univista_dr_quiz/ If you need help answering any of these questions or making additional determinations, your UniVista Account Manager can help!
What are my Critical Business Functions?
To get started on your assessment you’ll first need to identify ALL your business’ critical functions. Followed by rating each critical business function based on their importance in at least two critical areas:
What is your acceptable Maximum Data Loss?
You will need to decide how much backup data you can afford, or are willing, to lose. For example, If a disaster strikes at 11pm and your nightly backup isn’t scheduled until Midnight, your backup did not run… is this an acceptable amount of data loss to your organization?
What is your acceptable Maximum Time Loss?
Evaluate how long your business can be down before it becomes critically impacted. Is one day too long, maybe one week?… Whatever the acceptable time amount, determine a reasonable metric you feel is both reasonable to recover from, plus wont impact your overall business too severely.
Assess your current backup situation…
Now that your better acquainted with what your critical business functions are, you can look at your current backup and recovery scenarios. Begin with an audit of your critical systems and their current backup scenario. It’s easy to determine what your critical systems are; they are the systems required by your critical busines functions. This list should include your phone system along with email to support customer communication, or your website to support online sales. Once you have your list, then consider and document 4 important questions about each system:
What is our location for backups?
Are both local and offsite backups included?
What is the retention period of EACH backup?
Who is your contact in the event a data recovery is needed?
Does my current backup scenario meet my Maximum Data Loss and Maximum Time Loss goals?
Expect Surprises…..and quite a bit of work ahead.
If this is your first time through this process, I guarantee there will be surprises. Don’t worry, you are not alone. Everyone has a critical system, while though it may be thoroughly backed up, the recovery may take days and the potentially data loss may also be unacceptable.
How to make sense of your assessment?
If at any time during your audit or assessment you find yourself overwhelmed, or don’t know what processes to consider critical, please don’t hesitate to contact your UniVista Account Rep. Everyone needs a second set of eyes to doublecheck their work. UniVista is happy to help in any way we can.
If you don’t have time to get started, but you agree that business continuity is critical, then let us do it for you. After experiencing 2020 with all its challenges, we cannot stress strongly enough the importance of having a Business Continuity Plan IN PLACE for the inevitable. Remember, as they say: when you fail to plan, you plan to fail.
Even if we completely set aside the COVID-19 Pandemic as a once-in-a-lifetime anomaly and just reflect on what other lessons 2020 has taught us, a key lesson is the importance of a Business Continuity Plan. In just the past few months wildfires have ravaged homes and business out West, an unprecedented double hurricane followed by flooding occurred in the Southeast, a derecho in the Midwest damaged an entire year’s worth of crops, and numerous organizations around the country have experienced the adverse effects of civil unrest and the ever present Cyber Attack danger. Businesses and organizations throughout the nation have been affected, some irreparably. Now, more than ever it’s critical to ensure your business’ survival with a solid Business Continuity Plan.
What is Business Continuity Planning?
Business Continuity Planning is a preventative process an organization undergoes to create a recovery system from potential threats, both manmade and natural disasters, or even cyber-attacks. A Business Continuity Plan is designed to protect personnel and assets, then make sure they can function quickly when disaster strikes. Basically, a Business Continuity Plan helps an organization mitigate its downtime, and ultimately its losses, when an issue occurs.
We have addressed the importance of Business Continuity in past articles here:
Are You Prepared?
Irrespective of the challenges you and your business, or organization, are dealt, have you considered whether you’re adequately prepared? Is your data infrastructure protected, is it safely accessible from anywhere? Are Cyber Security measures up to date? Should something happen, could you continue operations and keep your business going? We are only at the tail end of Q3 for 2020, who knows what else will get thrown at us in Q4?
Every organization no matter how big or small needs to review their ability to operate when unexpected issues arise. If you already have a Business Continuity Plan in place and have for some time, great! However, just having a plan isn’t enough. Regular, periodic reviews of your existing plan are important to identify and address any holes or new issues and threats. Take our Business Continuity Assessment Quiz to see how ready your organization is: https://univista.com/univista_dr_quiz/
If you’ve never considered a Business Continuity plan for your business, it’s critical to do so – NOW – and get something in place immediately. Please contact your UniVista Account Manager to schedule a consultation to review your organization’s needs, we can help you implement an effective plan to help keep your business safe during challenging times.
You’ve probably heard this a hundred times by now: COVID possibly has changed all of our business practices to the point that all of us may never go back to the way we all did business. These changes require that business processes are reevaluated and updated. For example, much like protecting yourself and your loved ones during COVID by social distancing, good hygiene and wearing a mask, during all challenging times it’s equally important to protect your business with good Security processes.
Business on Business Computers Only
We have mentioned this previously, but it is certainly always worth repeating: Counsel employees to limit their work exclusively to Business Computers. While it may not always be convenient for the employee, your business systems contain the latest security technology and are updated/maintained regularly. While some employees may be more diligent than others keeping their personal technology safe, it is not worth the risk with the ever-present dangers of hackers and malware, etc. Home-based networks rarely contain the same level of security and oversight which organizational networks do. Be very emphatic with this business policy.
New and Ongoing Cybersecurity Threats. Stay Vigilant.
Since we brought up hacking, it’s important to realize that COVID has unleashed a whole new level of hackers, hack bots and COVID-related scams. Unfortunately, this is our reality and it’s important that employees are aware these things are happening both online and via phone. Don’t get distracted by the daily challenges and changes with COVID and become lax with cyber threats and scams. The U.S. Department of Homeland Security is a great resource which issues alerts and guidance on current attacks and vulnerabilities. Hackers thrive during periods of crisis and chaos and your employee’s actions (or inactions) are your best and first line of defense. If you haven’t already now is the time to clarify policies to employees regarding acceptable use practices. If you have any questions or concerns on how to mitigate cybersecurity issues in your organization, or if you would like us to run a home security network assessment please reach out to your UniVista Account Manager.
Even prior to employees working from home, organizations could find it challenging to manage all the devices allocated to their employees. Microsoft Intune is a cloud-based mobile device manager which allows organizations to, not only control their devices, but also control the content on those devices. Intune will manage Apps remotely as well as manage App permissions. It will dictate backups on all devices and in the event a device is lost or stolen, the app will even allow organizations to remotely “wipe clean” all the content on the devices. In Tune will help mitigate the concerns many organizations have about their private data winding up in the wrong hands.
All the previously mentioned measures, technology and practices will help improve your business’ chances of surviving not only during our current crisis, but any future chaos which may occur. To improve your business viability during a disaster the next best step is to establish good Business Continuity processes. This month we will discuss how to establish and maintain a good Business Continuity plan that will grow with your business. We are also going to list a variety of services that you can incorporate into your business to make your Business Continuity Plan more powerful and easier to use.
If you’re like me, your personal finances and assets are linked in some manner directly to your business. This can be a potentially scary proposition during time like these. If the past few months have taught you some lessons about business continuity and you’re ready to begin working on your Business Continuity plan then please reach out to your UniVista Account Manager to schedule your Business Continuity Assessment.
Link: Department of Homeland Security – Alerts and Guidance on Current Attacks and Vulnerabilities.
Even prior to the COVID-19 outbreak and subsequent quarantine(s), there was already a segment of the workforce who worked remotely full or part time. While the benefits of working in your pajama bottoms and avoiding a frustrating commute are real, there are also some drawbacks which include: working too much, lack of real socialization, falling into, or back into, poor health habits and more. Below are some observations from long-time remote workers, along with some helpful strategies for yourself and your team.
Maintaining a Work-Life Balance
While the knee-jerk reaction of many managers and business owners may be that working from home leads to reduced productivity without constant managerial oversight, however, the contrary is actually true. Individuals who work from home tend to work far more and far longer hours, especially if they’re managers or business owners. While this may appear as a great boon for employers it can actually lead to burn out and job dissatisfaction, if not identified and managed properly. To help mitigate this phenomenon it’s important to set concrete hours and stick to them. If in your average office environment a work day would typically start at 9 AM and end at 6 PM, then an at-home work day should begin and end likewise. At home there will always be a temptation to just “do that one last thing”, whether that be respond to an email or something else. Once you start with “just that one last thing” you’ll find yourself two hours later with a whole new task list, or worse pulling an all-nighter trying to get ahead on a project. When the day is done, you’re done: turn off your laptop and turn off notifications. Walk away.
While setting time boundaries for yourself and your employees is important. E.g. I will be unavailable after 7PM. It’s equally important to set boundaries for your house-mates, family and friends. Explain that if they (family, etc) had a similar problem (e.g. I can’t find the duct tape) would they just show up at your office? Then while you’re working at home, unless it’s an emergency, you are not to be disturbed. This is particularly important if a big portion of your day is on video or conference calls. If there are young children at home, then someone must be tasked with managing their needs, whether that be a spouse, a hired sitter, or another family member. If both you and your partner are in a similar situation, with no outside support for the children – set a schedule to trade off days where one is responsible and works around the others schedule and vice-versa, but keep it fair. It’s critical to have boundaries established and set expectations from the onset – both for your employees, your colleagues and for your family. Additionally, allocating a space that creates a physical boundary will help you and others get in the habit of respecting work and personal time. Consider working in a separate room or a section of a room that is solely for the purpose of your job. Resist the temptation of entering that room or space when the day is over.
A great way to break the habit of working longer than you should is to set appointments for the end of the day. This forces you to have things wrapped up accordingly. Additionally, it’s important to take breaks. Set break reminders on your watch or computer – that’s a great time to get up, get some fresh air, stretch your back and take your dog out for a walk. Even a 15 minute break and a bit of movement will give you some renewed energy and will clear your head.
Prioritize Your Work
Procrastination can sabotage productivity. We all have that one or two things in our job that we just put off. Whether it’s because they’re tedious or require some extra effort, you can find yourself doing a myriad of other things around your home rather than just knocking that annoying or tedious thing out. Don’t set out to do too much in any given day. Set a reasonable goal to just do that one, most important thing, get it out of the way first. Not only will you enjoy a feeling of accomplishment, but you’ll also be better focused for the rest of your workday. Additionally, don’t try and tackle all the hard things at once. There’s a 1-3-5 rule managers, owners and employees should follow; do one big thing, 3 medium things and 5 small things each day. If everyone works off this plan, you’ll find that everyone manages to get through their task list.
Technology and internet driven distractions can be a time-killer and productivity sucker. Alerts from a phone or computer can set you down any number of unintended worm holes. There are a number of apps (10 Apps to Help You Focus and Block Distractions: https://zapier.com/blog/stay-focused-avoid-distractions/) available that can help minimize distractions. Which apps to use is largely dependent on how strict your organizations wants to be. But, internet distractions are very real and can range from being a mild bad habit to downright destructive and can also waste money (remember the Facebook ad compelled you to by that item you didn’t need?). According to researcher Matt Killingsworth, distractions also make us less happy *. Individuals who can focus on one thing at a time are much more satisfied than those who aren’t. In short, distractions can be destructive.
If you’re single and live alone then start working from home, the lack of socialization can really become an issue. While many introverts thrive in a work-from-home environment, humans are naturally wired to seek companionship, so it’s still important to encourage employees to get out of the house. Recommend taking lunch at an alternative location, like a park, or encourage them to make it a point to meet with someone (from a safe social distance) like a friend, colleague or even a neighbor once a week. If nothing else, order some take out and pick it up versus having it delivered. Just the time chatting with fellow patrons or the counter person can be enough to offer some much needed social interaction, even if everyone is wearing a mask. If the quarantine situation permits encourage employees to make an effort to join a networking group, Meet Up club or similar to get out of the house.
Keeping and maintaining a healthy lifestyle can be a challenge with the pantry and refrigerator only 50’ away from your work space. Putting off exercising in favor of getting that last bit of the project done is also very real. Encourage your employees to keep their refrigerator full of healthy ready-to-grab snacks, like sliced cucumber chips, to keep them away from that very real bag of potato chips. When it’s break time, go for a walk rather than getting a snack. During lunch break take the dog out and play fetch. Do some stretches. In other words move and get active. Learn to recognize when eating is from stress or boredom versus eating for hunger otherwise the pounds will start adding up quickly. If you enjoy alcohol, limit it to after work hours only. Not only will this keep you from drinking during the day, but it will also help you to end your work day at a reasonable time if you assign yourself a “7PM Happy Hour.” Try to get outside daily. If you have a dog, take it for a walk or a run. Go for a bike ride or putter around your yard if you have one. Humans need some sunshine and vitamin D to stay healthy, especially if they’re stressed and in front of a computer screen all day.
Don’t Take Popular Technology at Face Value – Ask Us First!
In our current Coronavirus-infused-work-from-home reality, the need to stay vigilant with respect to cyber-security remains high. Multiple published sources have reported that hackers have become more active lately. In fact, since January there has been a 15-20% increase monthly in overall hacking incidents. Hackers have also begun utilizing terms like “coronavirus or COVID-19” to trick users into clicking on illicit websites or emails that are designed to steal sensitive information or install malicious software.
With all the attention being paid to the CARES Act and the Paycheck Protection Program, it’s easy to forget about another important milestone that was enacted in the recent Corona Virus recovery legislation.
April 2 marks the date in which employers must comply with President Trump’s Families First Corona Virus Response Act. This law includes the Emergency Family and Medical Leave Expansion Act, along with the Emergency Paid Sick Leave Act. This Act takes effect on April 2nd and ends on December 31, 2020.
While it may
not have been perfect, we’ve definitely discovered the hours that we’ve spent
Business Continuity planning (see Disaster Recovery and Business
Continuity Planning) have definitely been worth it. Even with all
the planning we’ve done, we’ve never used a pandemic as one of the scenarios to
test, so there are a few items we’ve had to figure out along the way.
It was the best of times. It was the worst of times.
As the Corona Virus continues to become an ever increasing threat in the United States, provisions need to be made for the very real possibility of working remotely. Even if we get lucky and not much happens here in Texas, it’s good to posess the ability for individuals to have the option of working remotely in the event of some other occurrence; a natural disaster or employee illness or injury.
However, Remote Working has become a very real and ideal option for many of today’s businesses and has increasingly been replacing the traditional workplace environment. Today numerous individuals work remotely full or part-time, or even while on business travel as a general practice.
While Remote Work may allow an organization to spend less on physical real estate, it’s important to remember, where you save on physical space you need to invest in the appropriate technology infrastructure to allow for safe and efficient remote access. In the long run, you may find that investing in infrastructure to allow individuals to work from home not only creates a better work-life balance, saves individuals time and reduces the traffic burden on our roads, makes for happier employees (who actually stay with a company as a result), but may even save an organization money.