The Meridian Blog: Tech News, Tips & More for SMB and Enterprise Environments

Business Continuity Planning for SMBs – How MSPs Can Help

Robert Bruce

Posted by Robert Bruce
Thu, Mar 26, 2015

If time is money then logically, lost time must equal lost money. Downtime due to a disruption in the business process, for any reason, is difficult, if not impossible to recoup. A business continuity plan (BCP) that addresses how an organization can continue functioning after disaster strikes is essential for any organization, regardless of whether it's small or large, profit or non-profit.

Because information technology (IT) is so ingrained in the business process, any BCP must include the organization’s IT systems. In fact, IT plays two positions on the business continuity team, one on defense and another on offense. A BCP aims to secure the IT network and critical data, and employ IT proactively to ensure business continuity in the event of a business disruption. 

This was exactly the case right here at Meridian last month when one of the snowiest winters in recent memory shut down our headquarters here in the Washington DC metro area on several occasions. Luckily, our ability to stay connected and to work remotely allowed most of our operations to function smoothly — after all we are in the managed IT services business!

 Of course, the BCP will of course vary from enterprise to enterprise, but most will include these core units:

  • Risk Analysis
  • Business Impact Analysis
  • Network Failure
  • Disaster Recovery and Response Plan
  • Testing

Notice earlier I said systems not IT departments, because many small-to-midsize businesses (SMBs) don’t even have an IT employee, let alone an IT department. Large enterprises generally have the ability to sustain business interruptions better than small-to-midsized businesses (SMBs). But that is where a managed services provider (MSP) can help an SMB develop a big business style continuity plan. It is important that the MSP understands the client’s overall mission and business model.

Related: Do DC SMBs Need Cyber Liability Insurance for Security and Business Continuity?

Business Risk and Impact Analysis

This initial phase is vital because it will enable the team to prioritize and focus on (a) possible disrupting events, and (b) the probability of occurrence and potential impact to business operations. At one end of the spectrum there are low probability/ low impact events. At the other end the opposite – high probability/high impact. In between, there are various combinations of probability and impact that must be estimated and prepared for. This is not a simple task, and here it is vital that the MSP understands your business process and is not just trying to sell goods and services.

Let’s go back to that snowstorm. There is a pretty good chance of a shutdown snowstorm hitting the Wash. DC area every winter. The probability is high, and the impact, since it entails a temporary loss of business processes, is probably in the medium range for most organizations. Downtime due to snow should definitely be a part of any DC area enterprise’s BCP.

On the other hand, earthquakes have a very high impact potential, but in this part of the world they are very unlikely to even occur let alone cause serious damage. So we have to decide how much time and resources to devote to high impact/low probability events like natural disasters. Scoring of probability is difficult because we don’t know what we don’t know. Fires, floods, explosions, tornados, acts of vandalism, etc. can and do occur, but who knows when?

In today's business environment, the chances of a business interruption due to IT failure is a very real possibility.

Network Failure

In today’s business environment, the chances of a business interruption due to IT failure is a very real possibility. Cyberattacks and data breaches that shut down an organization are much more likely to come from human error, hackers and cyber criminals than from tsunamis and hurricanes. Because loss of business continuity is frequently due to IT failure, a BCP should anticipate the failure of core components such as the secure server room’s climate control and power source, the server, and connectivity to a service provider.

Depending on the enterprise, the failure of any of these systems could result in the loss of revenue, increased expenses, regulatory fines, or lost clients. Therefore, network redundancy, such as having dual service providers, and backup power sources may be a viable option for some businesses. Storing vital data in the cloud and virtualizing business processes are also ways to mitigate risk. For SMBs this is where a consult with a managed services partner is critical. 

Disaster Recovery and Response Plan

If business continuity is disrupted due to IT failure, it is essential to have a disaster recovery strategy in place. There should be a plan to prioritize the restoration of all hardware, software and data that is essential to business operations as quickly as possible.

The plan should outline and clearly define all processes, checklists, roles and responsibilities detailing what needs to be done, and who needs to do it in order to effectively recover from an IT failure event.

Testing

Planning for the loss of business continuity also requires testing and drills. Having built in technology safeguards and redundant systems is no substitute for rehearsing and planning for the worst case scenario. Without such preparedness, even minor disruptions in business continuity can cause major problems to an SMB’s bottom line.

 Ready to get started? A thorough assessment of your technology environment and business processes can improve system reliability, streamline business processes, and improve focus on core competencies. Click here to request an assessment.

Robert Bruce

Ready to Become a Pro?

 Our White Paper can help.

whitepaper-4-key-elements-for-building-your-technology-road-map-thumbnail-3Subscribe to our blog and get your copy of "4 Key Elements to Consider When Building Your Technology Road Map"

You'll learn:

  • What role people play in determining your road map
  • How to build a plan in a multi-device world
  • What types of applications need to be considered
  • How data plays a key role in success

 

Subscribe to get your copy

Leave A Comment

About this blog

News, best practices and more to help you get the most out of your office technology. Whether you're an SMB owner who wears a lot of hats, or an enterprise IT director, facilities manager or just someone who wants to work smarter — this blog has the resources you need to maximize the business impact of all your tech investments. Be sure to subscribe to receive email updates about new posts!

Download our eBook

 
DM_Workbook_Cover_Page.jpg

Download

Sort Posts by Topic

see all