George Washington once said, “To be prepared for war is one of the most effectual means of preserving peace.” The same could be said about a business being prepared for disaster; it is certainly the most effective way to preserve peace of mind.
In the aftermath of Sept. 11, financial institutions located at or near Ground Zero discovered they had not designed their data security systems to withstand the degree of devastation caused by the terrorist attacks on the twin towers. Since then, a flurry of fierce hurricanes hitting the Gulf Coast states has tested the data security systems of businesses from Texas to Florida.
In the event of disaster or even a simple hardware failure, would your company’s critical information be secure? Answer these questions to find out.
- Does your business have processes in place to systematically replicate and secure data that is critical to its ongoing operations?
- Does your business house its backup data in a location that is geographically remote from its primary location?
- Do multiple employees know how to access the backup data to maintain business operations?
If you answered no to any one of the questions, your company may not be able to recover the data necessary to effectively maintain operations following a disaster. You’re not alone. Many small or midsize companies do not have a fail-safe disaster recovery plan in place, but failing to develop a plan can be costly for you and your business.
While it is relatively easy to measure the costs to replace lost equipment, it is far more difficult to assess the less tangible costs that result from business downtime. Businesses have to consider the costs of lost sales, lost customer goodwill, lost productivity, missed contractual obligations, as well as the increased costs incurred when attempting to make up these losses. Needless to say, having a recovery plan established that helps a company quickly recover data and restore normal business operations can minimize these potential costs.
In its “Summary of ‘Lessons Learned’ from Events of Sept. 11 and Implications for Business Continuity,” the SEC recommended that businesses operate with two or more widely separated active sites for critical operations so that one provides inherent backup for the other. The strategy addresses a number of key vulnerabilities by eliminating dependency on availability and relocation of staff, reducing the likelihood of telecommunications single points of failure, supporting maximum geographic separation, and assuring business continuity through actual use rather than infrequent and less-than-complete testing.
Obviously, creating and maintaining redundancies is costly and impractical for many small to midsize businesses. However, partnerships with professional service firms can help to serve the same purpose. For example, professional employer organizations manage integral administrative functions, such as human resources, benefits, and payroll processing for their clients. Subsequently, a PEO can protect certain critical data by housing and maintaining redundant systems and administrative files for clients at a separate geographical location.
While most professional service firms, like PEOs, legal firms or accounting agencies, would never consider themselves in the data storage or recovery industry, following Sept. 11 and subsequent disasters like Hurricanes Katrina, Rita, and Ike, such firms recognize this as an added benefit they provide their clients.
John Allen is president and COO of G&A Partners, a Texas-based HR and administrative services company that manages human resources, benefits, payroll, accounting and risk management for growing businesses. For more information about the company, visit www.gnapartners.com.
