A burst water main in Kennington put many companies’ business continuity plans to the test as buildings flooded, roads closed and bus routes were diverted.
Businesses in the direct path of the flood – particularly those on Kennington Park Road, where the water main break occurred – have been forced to deal with the aftermath of the disaster: waterlogged facilities, damaged equipment, disrupted staff work arrangements, communications challenges and potentially lost data. The flood even impacted businesses untouched by the water flow, as commuters struggled to make it to work.
The role of business continuity planning
Unfortunately, incidents such as the Kennington flood are no rare occurrence. Last winter and summer, for example, flash floods inundated the south. This past spring, a fire in Holborn brought business operations in the district to a halt. Local interruptions can cause downtime for utilities as well, with local power outages more than doubling in 2014, according to Eaton’s Blackout Tracker report.
If your company fails to continue to provide the service your customers expect, no matter the cause of the interruption, you risk damaging customer goodwill. Business continuity planning helps you address the need for highly available systems and processes while ensuring your employees are able to continue doing their jobs and meeting customers’ needs – even if your facility is sitting in a foot of water and a boat is a more appropriate transportation mode than a bus for your commuting employees.
Coping with the effects of the flood
It’s easy to forget just how quickly a flood can escalate into a full-blown disaster for local businesses. But as many companies learned this week, you can’t afford not to consider the effects of a major business interruption. When your server room is sitting in a half metre of water, then it’s too late to come up with a data backup and recovery plan. When staff can’t get into work because transport networks are out of commission, then it’s too late to come up with a remote working plan. Depending on the company size, these arrangements can vary in complexity, but creating a business continuity plan prior to a disaster is an important step in ensuring continuity of operations.
The first step of creating a plan is conducting a business impact analysis to help you map your organisation’s locations, identify key assets and operations, and determine the critical processes and minimum resources you need to operate. If you were considering the effects of a flood, for example, you might address the following businesses vulnerabilities.
Data backup
To ensure data redundancy, data must be backed up off-site as close as possible to your facility, but far enough away to ensure there’s not a common risk between geographies. Businesses on Kennington Park Road, for example, would not have benefited from off-site backups in the same district. While dedicated data centre or colocation solutions can be cost prohibitive, the cloud storage solutions available today provide access to reliable, cost-effective disaster recovery capabilities.
Network access
Employees need access to your network and applications to continue being productive, especially when transportation systems are bogged down or rerouted. Managed servers and cloud computing can help ensure employees have remote access to the resources they need.
Personal device use
Staff members are likely to use their personal mobile devices to conduct work remotely, particularly if their usual work environment is under water or if formidable conditions make commuting impractical. Having a comprehensive bring-your-own-device strategy gives you more flexibility when it comes to remote working, but be sure to address security requirements to avoid potential breaches.
Telephony
When your primary phone lines go down, consider how you’ll communicate with employees and customers. Cloud-based or voice over IP (VoIP) telephony solutions, for example, allow you to remotely manage your communication options by deploying pre-recorded greetings and redirecting phones to an alternate office location or staff cell phones.
Internet connectivity
Because so many business applications and processes are dependent on an Internet connection, you need to have a plan for coping with Internet outages. If your primary service is not available, dual Internet provision can give you access to an alternative cable, DSL or mobile Internet service.
Alternate working facility
If your current facility will be out of commission for an extended period of time due to water removal and disinfecting processes, for example, you’ll need to know where your employees will work in the meantime. In this scenario, you might have them work from home or out of a temporary rented facility.
When you have a written plan in place, it’s important to test it to identify problems you’ve overlooked. You never know when an incident such as the Kennington flood will affect your business. But when it does, it pays to be prepared.
[su_box title=”Matt Kingswood – Head of Managed Services, IT Specialists” style=”noise” box_color=”#336588″]
Matt Kingswood is the Head of Managed Services of Midlands and London-based ITS, a nationwide Managed IT services provider. ITS is part of the US Reynolds and Reynolds company which has a strong heritage in data backup and recovery services. In his position, Matt is responsible for developing Managed IT services within the UK and is currently focused on the next generation of cloud and recovery products, BlackCloud and BlackVault.
Matt has more than 20 years of experience in the information technology industry, and was formerly CEO of The IT Solution – a full service IT Supplier acquired by ITS. Since joining ITS, he has led efforts to introduce a range of managed services based on the new ITS cloud platform. Previously Matt had a career in technology for several top tier investment banks before founding and selling several companies in the IT services industry.
Matt has an MBA from The Wharton School of the University of Pennsylvania and a Master’s in computer science from Cambridge University.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.