Can the politicians learn from Business Continuity?

May 10, 2010

Business Continuity in Government

Government (certainly from my experience in local government) has thought about business continuity from a ‘disaster’ perspective. There are periodic exercises to cover what would happen in the event of a train crash, terrorist attack, floods etc. But do they know how to keep their own business of governing running?

As with all things, there’s good news and there’s bad. Having a disaster recovery plan for IT is commonplace, and most plans are tested periodically. But few have grasped the nettle of finding alternative connected premises for the staff.

Because the UK parliament still uses the ‘first-past-the-post’ system (the devolved parliaments don’t, incidentally), politicians have a ‘win or lose’ mentality. They are likely to forget the country carries on, whatever their fortunes in the polls. The voters could be forgiven for thinking politicians only have their own interests in mind, but it’s very easy just to think about the next big deal and forget the everyday tasks.

Business Continuity in Business

Business leaders, as well as the politicians, need to have plans in place to keep everything going when the big contract they’ve been working towards, isn’t landed. All too often the worse happens, and then (and only then), leaders start to think, “Now what will we do?”

Planning suggests it’s an activity which precedes the necessity for action, and business continuity planning is no exception. It’s common sense. Or more accurately, it’s uncommon sense.


We’ve got it covered – automatic processes, right?

May 3, 2010

We all have them in our business and private life – processes which happen automatically without our intervention.

Some are not under our control, such as the monthly or quarterly bills and statements we get. Because of the infrequent arrival of these, we don’t usually notice if one’s missing (lost in the post), and it isn’t usually a critical ‘failure’.

Other automated processes can be more of a problem if they don’t happen – automatic payments to the utilities or our credit card. We have some control over these … ensuring there are funds in the account to cover the payment. If the fault isn’t ours, we’re often protected by the Direct Debit guarantees.

But what about those automatic processes which are our responsibility?

There is a temptation, entirely human and understandable, to set up an automatic process and then forget it.

Unfortunately, the natural state of atrophy is likely to affect your automatic process eventually. If you don’t check periodically, how will you know they are still running? Perhaps most important of all, what are the consequences when an automatic process fails?

In this technological world, some of the most important but least checked and used automatic processes are our data backups.

We have a multi-layered backup strategy involving synchronised copying (as soon as files are created or changed), a traditional timed backup schedule creating periodic snap-shots, and an online backup service to ensure our data is not only stored off-site but on another continent!

The synchronisation is easy to monitor as a little icon in the system tray changes whenever the sync process kicks in.

The timed backup process can be checked by looking for the latest file in the backup folder. Or we can set up an email notification, and that’s a bit like receiving (or not) a bank statement. But note: this isn’t checking we can actually restore from it!

The Carbonite online backup runs from a PC we use as a file store, and it runs in the background when network and Internet usage is low. We don’t often look at this PC, as long as it is on and the fan is humming. So how do we know if this process is running? If we don’t check, we don’t know. Fortunately, Carbonite emails if there’s been no activity for a week. This is one of the reasons we recommend Carbonite … and their cost per gigabyte can be very low – we’re currently paying $1.20 per GB per annum, 1/20th of a quote from a local company!

So what’s the answer?

We have whiteboard with a list of our tasks and projects – there’s a space on it for those we have to repeat every day, week or month. Trouble is, we don’t always look at it when we’re really busy.

We also use calendars on our PCs … Outlook and SugarCRM … to prompt for meetings, one-off and repetitive tasks.

Another ‘automatic’ process, I’m afraid! Let me know if you can think of something more foolproof.


Now the volcanic ash and dust is clearing …

April 21, 2010

… it’s time to get things back on a stable footing. Within a few weeks (assuming there’s no more Icelandic ash), all the airliners and stranded people will be back in the right places. We can all stop worrying, and get on with life.

Sorry, but this is wrong on two counts.

To start with, there will be insurance wrangling for many months … perhaps even years. This will affect individuals and corporations. There is a prevailing mental attitude which we all suffer from (to some extent): if we’re insured, we’re OK. The insurance companies will have been scrutinising their own small print while people have been stranded, to see if they do actually have to pay up. People may or may not get back the extra money spent, but will it compensate for missed holidays, weddings, and other events?

Some businesses too will have been insured … key person insurance, loss of perishables, and so on. Will any money they get compensate them for the damage to their business? Businesses (because they are run by people) assume they are OK if insured. But if a key person is out of action (for whatever reason), is a sum of money some time later going to solve the problems there and then … when they happen? I’m sure I don’t have to answer that question!

First and foremost,  a business – any business, every business – must have plans in place so everyone knows what to do when there’s a problem. If a key person isn’t there, you must know how to keep your business running. Having an insurance policy does not deliver this business necessity.

The second reason you can’t just carry on as usual, is that the volcano (or any other of many on Iceland) could easily erupt again.

If you are serious about running your business (and it doesn’t matter how big or small it is), you must be serious about business continuity planning. Maybe you don’t like the term or the jargon, but don’t let it stop you planning. Worried about the costs? There’s a huge amount you can do by researching on the Internet or just buying a single book. Insurance may well be part of the mix for you, but it isn’t anywhere near the starting point.

If you want some experienced help, you could always ask me!


Tesco shows business continuity planning works

April 20, 2010

There have been a few stories recently about fresh fruit and other produce rotting in their country of origin because of the Icelandic volcanic ash. This seems unbelievable, because fresh produce in the supermarkets is seldom even ripe!

The companies involved seem to be concentrating on how much money they will be losing.

A report on the BBC website this morning Volcanic ash: Tesco delivers Kenyan produce via Spain shows one company has taken action to get round the problem. Without a culture of business continuity, Tesco would have been in the same boat as the other importers.

I just goes to show business continuity planning pays, even when the problem couldn’t have been foreseen.


Were you prepared for Iceland’s Ash?

April 17, 2010

Business Continuity is the art of being prepared.

We are beginning to hear lots of stories about people and businesses which were not prepared for the cancellation of all UK flights.

I know people will say, “Yes, but how could we know that the Icelandic volcano would erupt and cause air traffic in northern Europe to come to a standstill?”

But there are many reasons why people can and do get delayed returning from abroad. People can easily be prevented from getting to work with far less dramatic causes … illness (personal or family), failed cars, train problems, traffic jams, strikes.

If you have thought about these minor problems, and have contingency plans in place, you’ll be much better equipped to deal with the delays caused by volcanic dust.

Most of Britain’s 4.2 million business are 10 people or less … of these, 99% have no business continuity plans at all.

Are you in the 99% or the 1%?


Business Continuity and GIP retro-proteins

April 1, 2010

The following information from the WHO adds further weight to the importance of considering absence management and effective medical screening as part of your business continuity planning:

Swine Flu Victims Display Enhanced Gullibility

Research released today by the WHO suggests people who suffered from the 2009 swine flu outbreak have an unusually high level of a complex retro-protein researchers have dubbed GIP (Globular Insanity Protein).
Tests carried out in countries which suffered high levels of swine flu infections, have confirmed that for periods of up to 12 months after contracting the virus, people have shown enhanced levels of gullibility.
Moru Chripka, spokesperson for the WHO said, “There is no cause for alarm, as these proteins are quite harmless, and dissipate over time.” She added, “We believe this is the first strain of swine flu to produce these particular retro-proteins.”
The first clue to the existence of this residual protein was an increase in reports of people in the USA being taken in by Internet scams. Victims reported being surprised they were taken in so easily. They had attributed this to not being fully recovered after their swine flu infection. Many are relieved that a medical explanation for this phenomenon has now been found in GIP.
For full details, visit the WHO website: http://www.who.int/csr/disease/swineflu/frequently_asked_questions/en/index.html

PS. This April Fool made it into the listings of April Fools Day on the Web


Business Continuity – integrated, not bolted on

May 21, 2009

There are those who consider Business Continuity is something you can buy and put on the shelf, ready for the proverbial rainy day.

I worked on contract with a south coast local authority some years ago. I discovered they thought  paying £25k a year to a Disaster Recovery provider meant they were safe. But:

  • They had never tested the recovery of their applications and data.
  • There was no provision to plug a temporary data centre back into the corporate network.
  • They had no idea who the key operational staff were.
  • They hadn’t considered the failure of the computer suite might also affect the organisation’s main office building where it was located. In which case, where would the staff go to do their work?

This is not uncommon.

Too often, business continuity is like the car a boy-racer car. The car’s something quite ordinary, but he’s added fibreglass skirts and spoilers … and a wing stuck on the boot. It has lowered suspension and fat tyres, a loud exhaust and a loud music system. It probably has fluffy dice in the window and go-faster stripes.

All these mods affect the way it looks, but generally not the way it performs.

It doesn’t go any faster than the standard model, and is probably slower with the weight and drag of all the extras. If he drives too fast, bits get chipped off the bottom of the car as it goes over bumps and uneven surfaces.

He isn’t fooling anyone but himself.  And organisations fool themselves into thinking they’re prepared for every eventuality.

Real business continuity is not an accessory you can bolt on – it’s part of the fabric of an organisation and its operations. Only if it’s designed-in will it benefit the day-to-day operations of an organisation, without being a drain on resources. And it will still be the life-line when it’s needed.

Like all business continuity, it isn’t difficult … it just requires a little thought and planing.