If an emergency occurred tomorrow, would you be ready? Let’s face it; no one likes to think about bad things happening to them, much less plan for them. As you wrap up the year, now is a good time to update your continuity plan. Here are some simple things you can (and should!) be doing to protect your firm.
1. Secure Your Data.
Making sure that your data is protected from theft is a never-ending battle you don’t want to lose. Companies that get hacked and expose sensitive client and employee data can face severe penalties, lawsuits and massive loss of credibility in the marketplace. Further, if you keep any sensitive information (even passwords to portals containing sensitive information) on portable laptops, phones and other devices, additional controls and safeguards are important. Ensure that your system requires complex passwords and verify that mobile devices are password protected and encrypted. Consider two-factor authentication for additional security.
2. Review Your Business Insurance Carefully.
In addition to ensuring that your professional liability coverage is sufficient, review your general business insurance. Validate if you have enough coverage to replace all the computer equipment and devices, desks, art, supplies and other things you have accumulated over the years that are housed in your office. Additionally, consider carrying a cyber-liability policy that will protect against privacy and security liability. If a security breach happens, a correct response is essential. Serious fines and other consequences are more often a result of an inappropriate response than the breach itself. Remember, it’s not the breach that kills you, it’s the cover-up. The value of a timely, objective, professional response that comes with cyber liability insurance becomes clear.
3. Consider Cloud (Secure, Hosted) Options.
One of the biggest advantages of good cloud computing providers is that your data and assets should be stored offsite in a highly secure, high-availability data center, with failover and redundancy built in. That means that if your building were destroyed and you had to evacuate, or if your server melted down due to an unexpected hardware failure, everything you’ve worked so hard to create over the years is safe and not a sitting duck in your unsecured closet or server room. Consider options for complete cloud computing or to ensure secure cloud failover.
4. Write A Simple Disaster Recovery Plan.
The key word here is simple. At a minimum, think of the disaster scenarios that are most likely to happen and that would have a severe and negative impact on your company’s survival. For example, if your Exchange server was down (or Hosted Exchange – even Microsoft has had extended outages), do you have an email continuity service to keep your team productive while it is repaired? Do you have emergency contact numbers handy? If power were out for two days, what steps would need to be implemented?
5. Review Your Employee Internet Policy.
With so many people addicted to Facebook and Twitter, it’s important that your employees know where the line is in what they can and can’t post online. We also recommend content-filtering software to block content and websites you don’t want employees visiting during work hours. A well thought out business continuity plan will prepare you in the event of an extended service outage beyond your control, and enable services to be restored to the widest extent possible in a minimum time-frame. Planning will help avoid confusion experienced during a crisis and will provide clear procedures. If you have questions or would like a second opinion on your plan, email me.