Business Continuity: New risks, new imperatives and a new approach

Your data center is performing flawlessly, your network is up and your call center is operating normally. But over the last 24 hours, your company lost millions of dollars of market capitalization. A degradation in performance of a Web server, coupled with staff shortages, led to a complete outage of

your online business. Could this disaster have been prevented?

Until recently, classic recovery planning focused on how to restore centralized data centers in the event of a natural or man-made catastrophe. It did not address the need for continuous operation of key business processes. While traditional measures remain important, they are far from adequate for distributed computing environments. The requirements for continuous operations in an e-business, Web-speed world are even more complex and challenging.

The goal for companies with no business tolerance for downtime is to achieve a state of business continuity, where critical systems and networks are continuously available, no matter what happens. This means thinking proactively: engineering availability, security and reliability into business processes from the outset–not retrofitting a disaster recovery plan to accommodate ongoing business continuity requirements.

Many senior executives and business managers consider business continuity the responsibility of the IT department. However, it is no longer sufficient or practical to vest the responsibility exclusively in one group. Web-based and distributed computing have made business processes too complex and decentralized. What’s more, a company’s reputation, customer base and, of course, revenue and profits are at stake. All executives, managers and employees must therefore participate in the development, implementation and ongoing support of continuity assessment and planning.

Few organizations have the need or the resources to assure business continuity equally for every functional area. Therefore, any company that has implemented a single business continuity strategy for the entire organization is likely under-prepared, or spending money unnecessarily. The key to business continuity lies in understanding your business, determining which processes are critical to staying in that business, and identifying all the elements crucial to those processes. Specialized skills and knowledge, physical facilities, training and employee satisfaction–as well as information technology–should all be considered.

Making an executive commitment to regularly testing, validating and refreshing your business continuity program can protect your company against perhaps the greatest risk of all–complacency. In the current environment of rapid business and technology change, even the smallest alteration to a critical application or system within your enterprise or supply chain can cause an unanticipated failure to your business continuity. Effective business protection planning addresses not only what you need today, but what you will need tomorrow and into the future.

Using a technology solution provider for part or all of your business continuity requirements can be attractive for companies that prefer to focus already scarce resources on driving revenue growth and increasing shareholder value. By establishing a long-term strategic relationship with a world-class services provider such as IBM Global Services, companies can gain a competitive advantage through a customized continuity plan, while avoiding the cost of keeping up with technology and training.

IBM Global Services offers a continuum of solutions that range from consulting, planning and testing for business continuity implementation to full management of business continuity for your critical ERP, e-business and strategic processes. We also provide recovery services and facilities for large, midrange, distributed and multiplatform computing environments, as well as network and call center recovery.

Engaging a business continuity provider such as IBM Global Services enables organizations to:

• Leverage the provider’s extensive investments in the latest technology, continuous improvements to methodologies, and skilled people
• Benefit from the expertise gained in solving problems for a variety of clients with similar requirements
• Remove expensive, redundant technology assets from the balance sheet
• Use the provider’s backup facilities and resources
• Take advantage of the provider’s economies of scale on assets, resources and procurement to help enable a lower cost of operation and significantly less risk
• Concentrate on achieving core business growth objectives

Today, many vendors offer business continuity and disaster recovery services and solutions. Services can include consulting, planning, hardware, software and alternative facilities equipped for IT or call center operations. The service provider you choose must deliver support that addresses your company’s critical business processes. Listed are some of the key success factors to remember when evaluating a service provider’s ability to deliver true business continuity solutions:

• The ability to understand the integration of IT with business strategy, and define the risks and impacts of a disruption to critical IT infrastructures
• An understanding of e-business dependencies and business-critical requirements
• A focus on business continuity, separate from traditional disaster recovery service
• An understanding of supply chain dynamics
• Skills and resources to manage complex continuity programs in a rapidly changing, networked IT environment
• The ability to draw upon resources outside of core continuity and recovery skills
• A formal intellectual capital management system that allows best practices and up-to-the-minute procedures to be shared worldwide
• Extensive experience across a wide range of industries, geographic regions and disaster scenarios
• Sufficient resources to accommodate multiple recovery clients in the event of a widespread disaster
• Support for multivendor, multiplatform IT environments
• Access to world-class researchers, facilities and technology developers
• A significant investment in state-of-the-art facilities and tools, and the financial wherewithal to continue investing
• Integrated solutions to assure availability of non-data center resources, including networks, end-user workspace and call centers
• A proven track record in recovery and technical support
• A seamless interface to additional services and support
• Access to the latest technology, constantly refreshed to reflect the needs of the market.

Business continuity is so vital to business success now that it can no longer remain a concern of the IT department alone. The time, money and customer confidence that can be lost due to downtime or business interruption can seriously damage a company of any size–and the reputation of its key executives–both short and long term.

The risks are even greater for e-businesses and companies that operate in the 24-hour, 7-day-a-week global environment. To assure survival, companies must adopt proven strategies to protect both business processes and vital information and implement corporate-wide programs for continuity and recovery management.