In the wake of a global shutdown, you may now be exploring in more depth why business continuity planning is important for IT infrastructure. But first, what is business continuity (BC) planning? BC planning is the process of developing preparations, actions and infrastructure that will mitigate the negative effects of disruption. Its most fundamental objective is to ensure that a business can continue operating and servicing customers to an acceptable capacity and avoid losing money when disaster strikes.
Any good business continuity planning exercise will subscribe to the principle of “operational resilience”. It should also account for contingencies, capabilities and core business requirements and ascertain whether an organisation is able to update, manage and deploy effective plans at a moment’s notice. Most typically, business continuity planning aims to mitigate disruption from the following adverse events, although from 2020 onward, “pandemic” will likely take a more focal position.
- Natural disasters
- Fire and theft
- Technological failures
- Equipment failures
- Human error
- Infrastructure damage
The typical IT aspects of business continuity planning
The IT aspects of business continuity planning are generally considered to fall within the remit of disaster recovery (DR). This of course includes application, system and data backup and recovery, but also accounts for technology within a company’s IT ecosystem that enables seamless operational continuity and resilience, even during an event or before a complete recovery is possible. Virtualisation, remote desktops and cloud hosted and SaaS solutions (to name but a few) can ensure high availability and efficiency when it’s not exactly business as usual.
The best BC plans won’t view DR and BC tasks as a binary though. The relationship between IT and business continuity is very much one of enhancing how people, processes and technology can better interact and enable stronger resilience. And in a world where traditional DR technology has become a sustained solution, this rounded, partisan approach will serve every organisation to best effect.
Operational resilience as the golden objective
Already since the coronavirus pandemic took hold, experts have begun debating whether we’ve reached a true tipping point for what’s known as “operational resilience”. Leaders in the BC field are predicting that IT infrastructure, its relationship with BC and the budget assigned to it will be redefined through the lens of operational resilience.
What is operational resilience? In short, it’s the difference between surviving and thriving. Effectively the end goal of business continuity, operational resilience is a set of capabilities, processes, systems and staff behaviour that allow you to alter operations when the world around you or business conditions change.
However, operational resilience in the future is a step above just “carrying on”. Processing orders offline, pausing inbound customer service calls or adding a downtime message to your website homepage won’t cut it in a world which moves as fast as ours – at least if you wish to remain competitive and profitable through a BC crisis.
Technology allows us to reap amazing rewards – flexible, anywhere working, increased productivity, seamless communications, integrations that lead to transformed efficiency and insights. But, a digital world means that the impacts of downtime will be felt harder and faster now, so being resilient must be a priority over struggling on for days using a skeleton system.
The four factors a good BC plan will address
BC plans are commonly split into four distinct factors which are contingent to one another. These factors are people, processes, non-IT infrastructure and technology. Business activity can only be executed effectively if these four factors work together harmoniously, therefore alternate measures must be implemented to ensure that business-critical operational pillars continue to function should the worst happen.
Why is BC planning so critical for IT infrastructure?
Business continuity planning is important for IT infrastructure because today, technology is the chief facilitator of business-critical operations. We are dependent on connectivity and technology availability, so strong provisions for IT infrastructure in BC planning builds resilience against downtime in ways that people, processes and non-IT infrastructure simply cannot do.
However, if technology deployment is not effectively implemented, continually reviewed and tested as part of BC planning, the same IT that enables us to thrive in times of trouble can simultaneously become own downfall. Perhaps cloud infrastructure isn’t adequately secured against cyberattack, key applications aren’t configured for remote access or cloud hosting, or a servers or firewalls aren’t robust enough to handle a sudden upsurge in remote desktop use.
Business continuity planning is also important for IT infrastructure beyond business-critical operational concerns. When an adverse event occurs, risks and vulnerabilities beyond keeping the lights on inevitably develop – such as negative press or regulatory breaches – that have far-reaching impacts that must be swiftly addressed. IT is critical to corporate crisis management capabilities and maintaining regulatory compliance and data governance. Making sure that BC planning is conscious of these “non-DR” IT requirements is wise.
What does business continuity planning for IT infrastructure include?
Following a BC consultation, implementations may be made in the following areas.
- Hardware and break/fix
- Network and connectivity
- Databases and storage
- Cloud and virtualisation
- Communications, including hosted communications
- Helpdesk support
We need these technologies to continue operating during periods of disruption. But it’s not good enough that it exists – BC planning needs to take stock of how IT infrastructure truly interacts with other operational priorities and the people using it. For tailored advice and recommendations for making this happen, why not book a no-obligation BC and DR consultation with K3? Find out more here.
What IT decisions should be made in business continuity planning?
Any decisions made to IT infrastructure in response to a BC planning exercise should ultimately seek to improve business and operational resilience. Actions taken will be unique to every business based on business objectives, process and the honest story of your BC provision as it stands today. Following a BC planning session, we regularly find that companies make some or all of the following decisions:
- Test the BC plan and DR provision, potentially reviewing success metrics
- Protect or increase investment into BC and DR technologies, having being largely satisfied with testing outcomes
- Close loops, plug gaps and augment existing provision by improving systems and technology integration
- Upgrade infrastructure or introduce new technologies
The new significance of sustained disruption planning
Coronavirus has reminded us in no uncertain terms that technology beyond the four walls of our businesses is just as important as any IT deployed at corporate sites. Almost all BC plans account for remote working and fragmented teams, but it’s unlikely that provisions were scoped with hours and days in mind, not months and months.
Nobody could have predicted the situation that unfolded in 2020, which has thrown away any notion of a business continuity crisis being something that’s wrapped up sharpish. Although we’ve adapted, we’re using BC technology that was designed to see us through a few days of disruption, not a wholesale and probably permanent change in how we operate. After the initial scramble, many employees and IT departments are finding serious flaws in BC IT provision which need to be addressed.
What we’ve learned then is that business continuity planning for IT infrastructure need to be more sustainable – creating scenarios and deploying solutions that are fit for periods of sustained disruption. If you do one thing with your BC plan, thing bigger and smarter.