Despite all the publicity disasters receive, plenty of companies still don’t have sufficient — or sufficiently tested — business continuity plans.
According to AT&T’s 2006 business continuity study, 28 percent of U.S. firms do not have adequate plans in place to cope with potential disasters, and 40 percent of those who do haven’t bothered to test their plans in the last 12 months.
How dangerous is this? The AT&T study shows that for the 9 percent of companies hit with recent disasters, the inability to restore normal business operations cost $500,000 a day or more. That adds up to a loss of $2.5 million per week per company.
A shrinking tolerance for downtime as data volumes explode
A big part of the business continuity planning challenge concerns anticipation: Your bank probably already has a disaster recovery plan — one that seems to address even the most extreme circumstances — but are you really ready?
If the people in charge of your systems get stranded, left without an ability to initiate your plan or verify that systems are up and running, your bank could suffer the effects of downtime intolerance.
And possibly much sooner than you may realize. Fully 95 percent of executives polled in a 2006 Harris Interactive survey indicate that tolerance for business systems downtime has narrowed. Fifty-one percent say their customers and partners will tolerate no more than two hours of unplanned downtime and 28 percent say they can tolerate less than one hour of unplanned downtime.
Meanwhile, in another recent study conducted by PMP Research, 79 percent of participants noted that data volumes have grown “substantially.” For 10 percent, data volumes have increased between 150 and 200 percent over the last two years.
Nevertheless, in 2006 39 percent of these executives doubted their organizations’ ability to access business-critical data after a disaster, giving their own firms a grade of C or lower, compared to just 24 percent who did so in 2005.
Perhaps U.S. businesses are actually getting worse at disaster recovery. Or perhaps senior executives are becoming more aware of business continuity plan shortcomings as downtime tolerance shrinks and the use of email, desktop PCs and department-level systems increases.
The basic questions
Individuals who recognize their operations rely more and more on information technologies and are increasingly vulnerable to even minor system and network failures are in the best position to prevent the worst from happening.
When it comes to thinking about — or rethinking — your bank’s business continuity plan, try beginning with a couple of deceptively simple questions: How much productivity can you afford to sacrifice? How many customers can you afford to lose because your operations are offline or nonfunctional?
Replication is key
To answer these questions cost-effectively, you’ll need the aid of experts who can help you determine the level and type of continuity support your bank requires. From them you’ll learn that business continuity is about a great deal more than just making sure your network is running.
It’s also about 24x7x365 replication services that ensure your bank’s communications and day-to-day business activities aren’t interrupted. It’s about keeping systems and applications fail-safe and secure. It’s about always, always protecting and remotely backing up data and information.
Depending on your requirements, replication services can have your systems back online within minutes. Your bank’s historical email and data can quickly be synchronized. Your bank’s applications — spreadsheets, databases, CRM and more — can run as if nothing ever happened. All your branches and locations can communicate and conduct business effortlessly.
The importance of expertise
Replication services aren’t simply another storage facility for tape backup. To sustain operations despite downtime — regardless of the cause — your bank needs expert maintenance of backup and storage procedures, continuous monitoring of systems for performance and intrusions and the means to stay informed through reports and/or alarms while you make the changes necessary to get your business back online.
To maintain operations when your facilities are unusable, you need to be able to replicate your systems in their entirety — including all the safeguards and procedures necessary to comply with regulations like HIPAA, GLBA and Sarbanes-Oxley.
The right replication services, flexible enough to be precisely configured for your bank, deliver all of this. And the right replication services are implemented, operated and maintained by experts who have listened to what you have to say about your requirements, have customized appropriate services accordingly and have integrated these new capabilities with your systems and your entire team. WB
Mike Dillon is chief technology officer for Quest in Sacramento, Calif. He can be reached at 916-338-7070 or mike_dillon(at)questsys.com.
Copyright April-May 2007 Western Banking (BankNews Publications)