[Webinar Recap] Getting the Most Value From Your Business Continuity and Disaster Recovery Plan

A water main break wreaks havoc on a business’s facility. Civil rioting forces employees to steer clear of their main facility. A fire reduces a building to a gutted, ashy shell. A mass software update requires all hands on deck. Heavy rains and flash flooding make a downtown commute out of the question. A booming business requires a new facility faster than it can expand.

You might place some of these events on opposite ends of the disaster spectrum, but they all have one thing in common: They’re all real-life examples of situations that had the potential to cause significant business interruptions.

Mobile bank branch open for business
Photo courtesy of Service Credit Union
During a recent Association of Contingency Planners webinar, Rentsys National Sales Manager David Tedford and one of our clients, Service Credit Union CIO Bill Arnold, spoke about how businesses can gain the most value from their contracted business continuity and disaster recovery (BC/DR) solutions by implementing them for both disaster- and non-disaster-related scenarios.

 Service Credit Union, for example, has used a mobile bank branch to recover from a fire and to accommodate customers during a branch expansion project.

The webinar is over, but to hear more about Service Credit Union’s experiences, you can access the recorded presentation here.

Business Continuity Planning Best Practices From ‘Jurassic World’

In the movie "Jurassic World," genetic scientists produce a genetically modified hybrid dinosaur named Indominus Rex — a move intended to wow the park's customers and create new revenue streams.

Jurassic World
Image courtesy of Universal Studios
While your company likely won't ever face the unique challenges of wrangling carnivorous dinosaurs, "Jurassic World" does illustrate three best practices of business continuity planning. By following the steps below, you can be more equipped when an event such as a hurricane, power outage or data breach tries to wreak havoc on your business like Indominous Rex wreaks havoc on Jurassic World.

Be Aware of the Risks You Might Face

Being familiar with the unique risks your company faces is important, whether that be knowing the types of natural disasters that are common in your area or being aware that your company is developing genetically modified hybrid dinosaurs.

A risk assessment can help you evaluate the potential hazards to your company. In some cases, it's beneficial to get a neutral third-party perspective from a business continuity consultant. For example, having a technical risk assessment performed can help you identify risks to your technical environment that you might not have considered before.

Make Sure Employees Are Trained

Keeping your employees trained and aware of what to do in disaster situations and other business interruptions is necessary to minimize panic. In "Jurassic World," for example, an untrained employee might see an escaped velociraptor and sit there screaming in fear, while a trained employee would know to stay calm and sound an alarm. Knowing the right thing to do is crucial to the safety and well-being of all employees.

Training and awareness workshops can help educate your employees on what steps to take during a crisis. Whether it's a hurricane or an escaped dinosaur, your team needs to be equipped for every situation.

Determine Weak Areas in Your Plan

Tabletop exercises help target weak links in your business processes so you can take steps for continual improvement. For example, if you're in "Jurassic Park," these exercises could help determine that the Indominus Rex is uncontrollable and unsafe for public display. If you’re in the business world, tabletop exercises could help you determine you need to update your company’s procedures for responding to a specific scenario, such as a flu pandemic.

After identifying weak areas in your disaster recovery and business continuity plan, your business continuity planner can help you create action steps for improving your ability to avoid or minimize downtime.

For more Jurassic-style planning tips, check out this post.

Avoid Panicking This International Panic Day

Panic (also known as anxiety) affects 40 million adults above the age of 18 in the U.S. daily. June 18 is International Panic Day, but this is one holiday we won't be celebrating — and hope you won't be either.
In the face of a disaster, panic can lead to impulse decisions that may result in major business losses. Fortunately, there are a variety of precautions you can take to provide peace of mind in times of panic.

Vault Door

Back up Data

Technology is taking over the business world, so it's critical that backup plans be implemented to keep your data safe and secure. When companies cannot recover data, 60 percent will shut down within six months of the disaster.

Cloud-based services provide rapid data backup and recovery in a secure and private cloud environment. By eliminating excess on-premise infrastructure, businesses have more functional space and data remains easily accessible. Key features like a self-service portal allow businesses to monitor their environment and execute smaller scale recoveries if needed.

Simplify Workspace Recovery

With $1.7 trillion lost due to downtime and data losses, companies need to have an alternate work environment available at the time of an emergency. A business continuity plan lacking this feature can put disaster recovery efforts to a halt.

One option is a virtual office, in which your desktop environment is hosted within the cloud. In case of a server crash, you will be able to get your desktops back up and running within minutes instead of days.

Test Your Enterprise

No matter what backup system you choose, always test your recovery plan before you have to use it. This will help you work out any kinks before a crisis arises. With recovery engineers assisting you throughout the process, testing your recovery services will be efficient and painless. To learn more about the importance of testing your plan, check out our video.

If you're interested in more information on disaster recovery, check out some business continuity myths revealed.

Three Security Breaches That Shined the Spotlight on Cybersecurity

Computer hacker
As companies have increased the amount of sensitive data they store electronically, hackers have relentlessly attacked various institutions and people — movie producers, retailers, banks, celebrities, governments — in an attempt to open the floodgates. In recent years several major security breaches have sent the IT industry scurrying to plug the gaps and curtail the stream of customer and internal data reaching malicious hands.

We've told you about some disasters that were caused by human error, but what happens when disasters happen because somebody wanted them to happen? Here are three big security breaches that shined the spotlight on the importance of cybersecurity.

Sony Pictures Entertainment

It's believed that a hack of Sony Pictures Entertainment had been going on for more than a year before the leak was discovered in November 2014. Internal emails, movie scripts, early cuts of unreleased films and about 47,000 unique Social Security numbers were included in the claimed 100 terabytes of data stolen from Sony servers and leaked by the cybercriminals.

The U.S. government linked North Korea to the cyber attack in part because of the controversy and threats surrounding the Sony film "The Interview," a comedy about an assassination attempt on North Korean leader Kim Jong-un, but experts have cast doubt that the attack was backed by the country's government. Sony said it spent $15 million investigating and recovering from the hack, though it will recoup much of the cost from insurance.

Anthem Inc.

The breach of Anthem Inc., a healthcare company that manages plans under several insurance brands, might have started as early as April 2014 but wasn't discovered until January 2015. By then it had become of the biggest security breaches of all time, with hackers compromising almost 80 million records, 60-70 million of which affected either current or former Anthem members.

The breached records included names, birthdays, email addresses, Social Security numbers, medical identification numbers and addresses. Some of the records included employment data and income levels, but financial and medical information was not accessed. The malware used in the attack was believed to have originated in China, and the cost of Anthem's ongoing recovery could exceed its own cyberinsurance policy cap of $100 million.

Home Depot

Home Depot accounts for approximately 60 percent of revenues in the home improvement industry. That made the company an attractive target to hackers who installed malware on the company's servers to attack credit and debit card readers in the company's stores.

The hackers used a vendor's stolen log-on credential to access the servers before installing the malware, possibly as far back as April 2014. The information from 56 million credit and debit cards was stolen and listed for sale on a black market website before cybersecurity experts and Home Depot discovered the breach in September. Home Depot estimated that the breach cost the company $62 million, almost half of which was covered by insurance.

For more information on the importance of keeping your company's and clients' data secure, check out our post "Consumer Identity: Asset & Liability."

How Familiar Are You With Hurricane Terms?

Hurricane season is rapidly approaching. To adequately prepare for whatever storms might head your way, it's vital to familiarize yourself with common hurricane-related terms, courtesy of NOAA.

Tropical Disturbance: A loosely organized area of thunderstorms that remains in an area for 24 hours or more.

Tropical Depression: An area of low pressure characterized by rotary circulation of thunderstorms with winds of less than 39 mph.

Tropical Storm: An unorganized area of low pressure and thunderstorms with distinct circulation and winds of 39-73 mph.
ominous-looking sky
Hurricane Watch: Hurricane conditions are possible in the designated area within 48 hours.

Hurricane Warning: Hurricane conditions are expected in the designated area within 36 hours.

Hurricane: A pronounced rotary circulation with wind speeds of 74 mph or greater.

Storm Surge: An abnormal rise in sea level usually caused by a hurricane. Storm surge height is the rise in sea level caused by the storm.

The progression of a tropical disturbance into a hurricane can occur quickly. Without the proper protection, hurricane damage could be devastating. If you see a tropical disturbance in your area, stay updated on local weather reports in case a hurricane forms. Begin to board up your windows, prepare for flooding and back up all important data.

If a hurricane develops and is projected to reach your area, follow evacuation plans and prepare for roads to be crowded. For a comprehensive pre-hurricane plan, review our hurricane preparedness checklist.

[Webinar Recap] Business Continuity Myths Revealed

Business Continuity Myths Revealed Presentation SlideWith all the business continuity and disaster recovery (BC/DR) services available on the market today, staying operational after a business interruption should be easy, right? That depends on your strategy.

If you’ve ever found yourself saying any of the below statements, you’re buying into some of the most common business continuity myths out there.

10 Most Common Business Continuity Myths

Myth #1
I have business impact insurance, so I don’t need BC/DR services.

Myth #2
I back up my data to the cloud, so it’s protected.

Myth #3
We don’t have the budget to buy an IT DR solution, so it’s more cost-effective to build our own.

Myth #4
My employees can always work from home if anything happens.

Myth #5
A reciprocal agreement with a neighboring business gives us access to backup workspace when we need it.

Myth #6
We have another facility where any impacted employees can work.

Myth #7
We’ll use our cell phones during an outage.

Myth #8
We can call an OEM to get any backup equipment we need.

Myth #9
We can’t afford to test our BC/DR plan often because testing disrupts our daily operations.

Myth #10
Our IT department already does DR testing, so we don’t need to do a full-scale exercise.

During our recent webinar with the Disaster Recovery Journal, our national sales manager, David Tedford, explained why these statements are myths and what you can do to protect your organization.

The webinar is over, but you can listen to the full recording here.

[INFOGRAPHIC] Consumer Identity: Asset & Liability

Did you know that on average, a data breach costs a company $5.4 million? Or that healthcare organizations experience 24 percent of breaches across all industries? Check out this infographic by UnboundID for more stats on data breaches and security.

Consumer Identity: Asset & Liability Infographic

To learn more about the serious implications data breaches can have on healthcare organizations, read this post.