MegaPath has developed a shortlist of common items that those developing their first business continuity plan should consider:
Designate a team: An effective business continuity plan should involve input from management, the chief security officer, the IT department, Web developer and human resources. These key departments have the ability to ensure the company runs smoothly in times of crisis, while taking into account the needs of their employees.
Identify key personnel: Determine which executives and employees are critical to operating the business (and supporting customers) that need to have access to key systems and information at all time. A business continuity plan must ensure these employees receive the highest levels of support, even during the most disruptive events.
Plan for spikes: Before an emergency occurs, businesses need to plan ahead for increased network bandwidth and secured remote access requirements. Implementing scalable solutions will enable organizations to add increased user licenses to the VPN and Internet connections in real-time.
Choose a flexible secure communications solution: There are many to choose from, but a SSL VPN is one of the leading solutions to provide flexible, remote access, which is essential to any business continuity plan. This technology enables access - via a Web browser - to sensitive corporate and customer data that exists on an enterprise network from remote locations. The SSL solution should be redundant and scalable to account for the increased spike in traffic, as well as integrated into the overall business continuity plan.
Create a single entry point: Create a business continuity portal for employees and partners. If the company has an Intranet, this site becomes command central from which employees can access information - HR policies, emergency contacts and a "click here to access SSL VPN" feature should be included. As this Intranet would become the main source of information, it is vital to ensure that it is fast and reliable for employees no matter where they are located.
Coordinate a secondary back-up site: Should the primary site be unavailable, companies should have a real-time mirror of data housed at a secure facility. If configured correctly, organization's can provide an automatic failover between locations, so that any forwarding is seamless to employees as they conduct business with no impact to productivity.
Replicate non-real time data: In the event that the secondary site is unavailable, organizations should plan for multiple layers of failover. If users cannot access real-time data via the back-up location, a third- tier facility with updates, but not real-time data, can provide most of the necessary tools to keep the business operational until the secondary facilities come back online.
Ensure access from any device: With mobile devices and air cards now permeating the executive suite and key employees, IT departments can leverage these tools to ensure complete connectivity in times of emergencies. However, organizations must first conduct a thorough review of remote access policies in order to protect the data these devices are accessing.
Pre-arrange ‘on-the-fly’ meeting capabilities: In the event of an office closure, employees still need to communicate internally or with external parties (i.e. suppliers, customers). Providing Web and audio conferencing to remote locations and offsite workers keeps the communication lines open, especially with those unaffected by the office closure.
Review number of sites and VPN gateways: Businesses need to have multiple channels for employees to gain access in case of failover. Conducting a yearly audit will provide a complete picture of your network and the ability to address problem areas before a disaster strikes.
Test, test and retest: Typically, companies today test their business continuity facility (ies) and remote access policies about once a year. These ‘fire drills' enable companies to see how the current system is working, especially when employees are accessing information from remote locations (i.e. from home, a relative's house, and hotel). Once complete, those in management, IT and human resources can modify their business continuity plan accordingly.
•Date: 17th November 2009• Region: US/World •Type: Article •Topic: BC planning
Rate this article or make a comment - click here