Business Continuity And Natural Disasters: How to Be Prepared

Proper planning allows companies to protect data, systems, and people while keeping the business operational during a disaster. The recent devastating hurricanes to hit the mainland United States and Caribbean countries and territories destroyed entire communities. Families, businesses, and governments were left reeling, forced to pick up the pieces, where possible. The catastrophic impact of

Proper planning allows companies to protect data, systems, and people while keeping the business operational during a disaster.

Disaster Planning

The recent devastating hurricanes to hit the mainland United States and Caribbean countries and territories destroyed entire communities. Families, businesses, and governments were left reeling, forced to pick up the pieces, where possible.

The catastrophic impact of the recent storms reinforces the importance of having a sound business continuity and disaster recovery plan. Creating such a plan allows companies facing a natural disaster to follow a deliberate set of actions. In a time of chaos, having clearly defined contingencies can help leaders and employees weather a storm.

Business Continuity Defined

Business continuity plans allow a company to continue providing essential products, services, and customer support. In some industries, these tasks are critical for the company’s short-term viability, customer safety or meeting legal requirements. Disaster recovery plans, a subset of business continuity, often focus on recovering IT assets.

Business continuity includes the plans and arrangements that ensure that the essential products, services, and support can be provided, which allows the company to recover its property, data, and assets. It’s also a means to identify the employees, equipment, data, infrastructure, counsel, and accommodations that support business continuity.

While the recent hurricanes are the most recent, visible example of why business continuity is important, they are not the only incident where such plans are needed. Other actions that can prompt the launch of a business continuity plan include:

  • Other natural disasters such as blizzards, fires, earthquakes or tornadoes
  • Sabotage
  • Accidents
  • Power or energy disruptions
  • Environmental disasters such as spills, contamination or pollution
  • Communications, transportation or safety infrastructure failures
  • Cyber attacks and hacks

Threats and Trends in Disaster Recovery Preparedness

There are many threats, perceived or actual, that can shape a company’s disaster recovery planning. Here are some of the leading issues companies are considering:

  • The increasing number of natural disasters worldwide. A New England Journal of Medicine study indicated that the number of climate-related natural disasters increased by 300 percent from 2000-2009 compared to 1980-1989.  The scale of these disasters has also grown and now affect more than 200 million people each year.
  • Disruptions may be more predictable. With massive amounts of data, often generated by connected devices in the growing Internet of Things, there’s an opportunity to predict some threats.  With more advanced information, companies have more time to prepare for the disruptions, test plans and deploy resources accordingly.
  • Malicious cyber attacks continue to persist. The massive Equifax hack is just the latest in a litany of attacks where data is being stolen or held hostage.
  • Cloud computing offers an excellent defense. The growing use of cloud-based tools, data storage, and applications, gives companies more options when it comes to data recovery.  Cloud providers usually have built-in safeguards for their services, including multiple data backups, universal access via devices and locations, and physical and digital protection systems.
  • Disruptions are the norm. The preponderance of natural disasters and rogue agents means businesses have no excuse for not having disaster recovery plans in place.  Organizations need to embrace business continuity and disaster recovery as a cost of doing business.
  • Communications are expansive and expected. In the digital age, customers, employees, and the general public expect to have access to updated information about companies and services, even in the direst situations.  Fast communications and frequent updates are the norms today and companies need to incorporate communications into their planning.  Fortunately, the ubiquity of mobile devices and social media platforms means it’s relatively easy to disseminate key messages.

A Closer Look at Disaster Recovery

Disaster recovery may vary depending on the industry and company but generally, focuses on a few core areas. Broadly, it’s the work a company does to maintain or recover access to data, software, and hardware needed to resume or continue critical business areas.

In addition, a disaster recovery plan needs to consider the human assets necessary to ensure continuity and ensure that the right people have the tools to ensure disaster recovery plans are acted upon. In some cases, those people may be dealing with their own personal issues in the throes of a disaster, so redundancies in personnel are important.

One key element of a successful disaster recovery or business continuity plan is the need to practice. Drills and scenarios should be developed to test systems, responsiveness, and efficacy.

How to Plan the Plan

How should a company begin the process of business continuity and disaster recovery? Here are a few key tasks:

  • Develop a risk assessment. Having a clear idea of the likely and unlikely risks and having specific plans for each possibility is an important first step.  What natural disasters are likely in your area? What cyber attacks or events would have a significant effect on your business?
  • Detail the impacts. Once a threat is identified, play out the potential impacts of that scenario.  Which customers would be affected?  Which employees?  Would inventories, documents, systems, services be impacted?  What are the long-term risks to your customer base and your business?
  • Create the continuity plan. For each identified threat, a plan needs to be established, including the systems, data, people, and communications necessary.  While some of these contingencies may be the same for multiple threats, each one should have a clearly defined plan.
  • Prep the people and technology. If key personnel is expected even in disasters, they need to be notified and trained about how they will be notified, where they need to report and what tools they will have.  Employees should also be aware of how to exit buildings safely in an emergency and have access to emergency stores of water, food, radios, chargers, and flashlights.  Services and data should be migrated to cloud solutions, backup facilities and alternate media well in advance of a disaster.
  • Protect the business. You should check with your insurance provider to make sure you have the right coverage and protection to keep your company whole when disaster strikes.

Time dedicated to planning can ensure that your business not only survives but thrives when facing daunting challenges.