Continue in 2 seconds

Shedding Light on 3 Business Continuity Blind Spots

  • Frank Picarello
  • June 27 2016, 6:52am EDT

The “Digital Transformation” of business is redefining the meaning of a “business disruption,” as information becomes the lifeblood of more and more organizations.

Across the spectrum of industries, enterprises of all shapes and sizes are defying physical boundaries and stretching their operations around the globe to a virtual continuum that begins with data, develops into information and, ultimately, transforms into knowledge.

The evolution of this continuum is fueled by the decreasing cost of storage and the increasing ease of access to vast flows and archives of data. Through this evolution, data as a virtual asset grows more and more valuable, increasing its importance and impact on society as a whole – but especially on business operations.

Much of the data that is generated, shared and archived in cyberspace rapidly is growing more valuable than some of the physical assets manufactured, shipped and inventoried in the real world. As a result, more and more C-suite discussions I have with clients are shifting from reducing the cost of IT infrastructure to minimizing security risks in data infrastructure.

Why? No mystery here. Just peruse some headlines from this very magazine and its sister publication, HealthData Management (HDM).

A recent story in HDM shared results from CompTIA’s vendor-neutral study “International Trends in Cybersecurity.” According to the report by the IT trade association, nearly three of every four organizations surveyed were victimized by at least one cybersecurity breach in the last year.

This onslaught is leading to a sweeping crisis of confidence, as evidenced by other research shared by Information Management. A survey by an auditing software firm shows that less than one fifth of organizations worldwide are “confident about their ability to beat cyber risks,” which is no doubt why 78 percent of those same companies consider “visibility into IT infrastructure” an absolutely critical part of their security strategy.

To gain this visibility, the field of vision must broaden from a narrow focus on actual assets to include virtual ones such as data. So, too, conventional thinking about business continuity (BC) planning must evolve.

The rapid spread of mobility and cloud services means the risks and consequences of cyber threats – e.g., data breaches, DDoS attacks, ransomware, etc. – should be treated with at least the same gravity as physical disasters--such as fires, floods, hurricanes, earthquakes and other calamities.

Business leaders can no longer deal with hackers and cyber crooks as a labor-intensive annoyance that should be relegated to the tech crew. Because the cost and effort of recovery from “virtual disasters” can drain millions of dollars from big corporations and drive small companies into bankruptcy, today’s BC optics should transcend basic back-up and restoration routines. Executives must cast light into every nook and cranny of physical and virtual considerations, or risk putting their organizations in peril.

Where should they shine their lights? I believe three common BC planning blind spots are good places to start:

Data Silos

In our organization, we define BC as a set of plans, procedures and resources established to maintain and/or recover essential services and functions impacted by an event that causes an interruption of normal operations. They are also integrated with our emergency operations plans. So, not only must your BC plan include people, places and things, but the data that flows between them.

No recovery should be considered complete until all databases are not only restored, but synchronized across departments, offices and functional areas.

Underestimating Mobility

As digital technology is transforming customer experiences, it’s transforming employee experiences, too. Today, managing mobility should be about enabling your users to be productive anywhere, anytime, through a secure content-rich experience.

Yet, in BC terms, planners should never neglect the devices. As companies craft extensive processes for recovering and restoring data from servers and data center backups, they also should extend this same effort to laptops, tablets and smartphones.

A company’s Recovery Time Objective (RTO), a critical factor in the cost of a disruption, is directly affected by the average download time for restoring an individual smartphone. Underestimating this timeline could lead to physical delays and virtual gaps in data. No recovery should be considered complete until all authorized mobile devices are operating with completely restored data.

Skipping Simulations

All BC planning is an exercise in saving time and money in the wake of various business interruptions. So, creating another type of distraction – i.e., training exercises and/or simulations – may seem like another event that will burn time and money. But BC programs are more about minimizing damage from disruption than avoiding loss altogether.

The old adage about an ounce of prevention applies here – and is multiplied when technology is involved. Consider the two previous examples in combination. If the process for restoring and synchronizing critical operational data across all of an organization’s authorized mobile devices is never simulated, then any RTO set by a company is pure guesswork.

Seen under the spotlight of digital transformation, it’s clear the discipline of Business Continuity is more than a matter of email filtering or installing a firewall. Not only are real and digital assets – i.e., data -- at risk, but so are a company’s intangible assets, such as profitability and reputation. These stakes are too high for any senior leadership team to leave any phase of BC planning shrouded in shadows. (About the author: Frank Picarello is chief operating officer for TeamLogic IT, a nationwide network of managed information technology services providers. His management career includes stints with IBM Global Services, MicroAge, Nortel Networks, All Covered and his own managed services firm.)

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access