Monthly newsletter Weekly news roundup Breaking news notification    

The myths of business continuity and disaster recovery

Get free weekly news by e-mailBelinda Wilson explodes the top five myths about business continuity and disaster recovery solutions.

Twenty years ago, ‘disaster recovery’ was the buzzword du jour and businesses only concerned themselves with lost revenue and other tangible losses. Businesses behaved in ‘reactive mode’ when disaster struck, a mode which is only one component of business continuity preparedness.

In the wake of major disasters, such as the Loma Prieta earthquake, 9/11, SARS, and the looming threat of additional potential terrorist attacks, the message has still not hit home because individuals and businesses alike believe that buying larger insurance policies, retrofitting their homes and businesses, and hording supplies, sufficiently prepares them for “the next big one.” Despite high awareness that something should be done, many IT leaders either don’t act on that awareness or they focus their efforts in the wrong direction.

Today’s businesses see that disaster recovery is no longer the magical ‘band-aid’ they once perceived it to be. They recognise the benefits of taking a holistic and proactive approach to solving these issues, and the shift in how people think about business continuity and disaster recovery solutions. However, several myths about the industry still prevent many businesses from adopting ‘best practices’ in this area.

Changing behaviour requires education. To that end, here are the five most common myths about business continuity and disaster recovery solutions:

Myth #1
Small-to-medium (SMB)-sized businesses don’t need business continuity and disaster recovery solutions
Small business development and entrepreneurship are on the upswing since many people started small businesses during the economic downturn, generating 60-80 percent of the net new jobs annually over the past decade, according to the US Bureau of the Census. Even as crucial players in the business and IT community, some entrepreneurs don’t feel they need business continuity or disaster recovery solutions because they are too small or believe solutions for their organisation are too expensive.

Exploding myth #1
Small businesses have the same need for protection and access to data and records as large organisations. Business continuity and disaster recovery solutions are scaleable - from the Fortune 1000 to the mom-and-pop shop around the corner, and can be tailored to meet any company’s needs. There are an abundance of relevant articles and resources available for small business owners on implementing a business continuity plan, identifying common hazards, evaluating key issues, and finding the right plan to meet SMB needs.
Without comprehensive investment or coverage a catastrophic event will most likely put the SMB out of business.

Myth #2
There is no ROI or compelling business reason for business continuity
There is no tangible return on investment for implementing business continuity solutions. Organisations that survived 9/11, the Loma Prieta earthquake and a myriad of other disasters can handle anything else that comes their way.

Exploding myth #2
Business continuity planning efforts make money for a firm as they serve to minimise disruptions and financial loss during even minor events. This means increased reliability and productivity, a competitive advantage and increased market share. When disaster strikes and employees can’t do their jobs, what’s the cost to the business and to competitive advantage? Can businesses tolerate eight to 24 hours of lost data?

Myth #3
‘It won’t happen here’ syndrome
Companies often turn a blind eye to business continuity regulations and compliances, because they feel they are adequately prepared for disaster recovery or for the next ‘big one,’ and frankly, take the ‘it won’t happen here’ attitude.

Exploding myth #3
A study conducted by KPMG/Continuity Insights, found that business executives are uninformed about the risks that can, and very possibly will, affect their company. When surveying the executives responsible for disaster recovery and business continuity efforts, they found that 80 percent believed their company was at risk and, at the same time, that they had not communicated this knowledge to upper management. There is a communication gap that needs to be closed because the ramifications could be disastrous. Companies that ignore business continuity regulations and compliances are worse off and could be in violation of business regulations. Business continuity regulations are put in place to guide organisations in making smart decisions about selecting the right portfolio for long-terms results.

Myth #4
Admitting we need to plan for business continuity and disaster recovery solutions creates the perception of vulnerability; plus it’s too late to think about business continuity plans

Since 9/11, general awareness is high for business continuity, but customers are not acting on this awareness. Seventeen years ago, businesses were concerned with lost product and audit requirements. Now the driver is company image and reputation. Implementing a business continuity plan gives an organisation the perception of vulnerability and weakness.

Exploding myth #4
It’s never too late to implement a business continuity or disaster recovery plan. Organisations that had business continuity plans in place during the Northeastern blackout maintained continuous service and were operating seamlessly because of effective business continuity plans. And most importantly, what is the cost to a business when its brand image is tarnished – or more importantly, what’s it worth to the business?

Myth #5
Only financial services or healthcare organizations need business continuity solutions. My business is non-traditional and doesn’t fall into financial services or healthcare silos, so therefore, I don’t need a business continuity solution.

Exploding Myth #5
Disaster recovery and business continuity solutions have fallen victim to industry stereotypes. And many organisations outside of the financial services or healthcare industries have business continuity solutions. In fact, the most successful practitioners of business continuity are within vertical industries, such as retail, broadcast, manufacturing, and the private and public sector.

One truth to explode them all

There is a simple solution to dispelling all of the myths above: developing a holistic approach to business continuity and disaster recovery.

Awareness of disaster recovery and business continuity as a holistic approach is changing the market and there’s a sea-change underway from business continuity planning being an option to being mandatory. The bottom line: no matter what size the business or the perception of invincibility to disaster, there needs to be an additional layer of protection to the business. The ROI of business continuity is that the business is still open.

Since the 1980’s, disaster recovery has morphed into being just one component of business continuity, with the mindset moving from reactive to proactive, and including much more than just the technology. In fact in late 2002, IDC said that IT security/business continuity is the number one priority of business professionals, and this concern will translate into $155 billion in worldwide spending on these products and services by 2006.

Today, the IT community must radically change its thinking about risks – recognising that they encompass more than just the ‘next big one.’ Intangible costs such as brand protection and corporate image have become significantly more important than tangible costs. More damaging than a natural disaster are the new risks that enter the market daily such as e-mail viruses, internal threats and employee theft, computer hacking and Anthrax.

The implementation of disaster recovery and business continuity solutions have changed the way CIOs and IT managers do business, and this shift is becoming more visible. It is incumbent on businesses to have a thorough understanding of what makes up a comprehensive business continuity plan to help mitigate risks with both internal and external issues that can affect the business. Based on work HP has done with its customers, the key advantages of taking a holistic approach is that companies enjoy a significantly higher success rate than that of the industry overall, translating into eight times less downtime.

Changing the perception
The reason that myths continue to flourish and spread today is the lack of understanding of business continuity, and that it’s not just protecting the business, but its intellectual property. CIOs and IT leaders must ‘get religion’; incorporate business continuity into everyday practices, and have a better understanding of what makes up a comprehensive business continuity plan. They need to develop several ways for learning to live and breathe business continuity, by building it into company culture, designing the infrastructure with continuity in mind (i.e., not after but while), and partnering with the right vendor. Services vendors need to educate and change the way CIOs and IT managers think about business continuity from end-to-end. It’s never too late to begin thinking about business continuity and the smallest investment can go a long way.

Author: Belinda Wilson, CBCP, executive director, Business Continuity Services, Americas, HP Services.

Date: 22nd October 2004 •Region: N.America •Type: Article •Topic: BC general
Rate this article or make a comment - click here

Copyright 2005 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help