Study: Most Companies Lack Proper Business Continuity Plans

According to a recent study, organizations are not doing enough to insulate themselves from disaster and ensure business continuity at all times.

According to a recent study completed by the Disaster Recovery Preparedness Council, 73 percent of organizations are not doing enough to insulate themselves from disaster and ensure business continuity at all times. Because of this general lack of proactive monitoring and remote site management, companies have lost approximately $5 million from various outages.

Of the 1,000 organizations polled by the DRPC, 78 percent of them said that they have seen mission-critical applications go down at some point, and 28 percent of that group has lost data center functionality for more than a week.

Still, despite this looming threat, many businesses may not be doing enough to mitigate their IT-related risks and ensure consistent uptime. Forty percent of organizations polled have a disaster recovery plan, although 23 percent of them have never tested it out. Furthermore, even though around 33 percent said they did test out their disaster recovery plans at least once or twice a year, more than 65 percent of this group said their tests fail to pass muster.

This lack of business continuity planning and disaster recovery oversight is especially notable in the healthcare industry. A February report from MeriTalk found that 82 percent of healthcare IT staff said they did not think their employers were adequately prepared to deal with the unexpected. Not only did 61 percent of the 283 IT executives polled say they experienced a major IT issue in the past year, but these incidents totaled more than $1.6 billion in losses.

In particular, according to the MeriTalk study, 40 percent of healthcare organizations had dealt with unplanned outages in the past 12 months, with each incident costing providers around $432,000 on average. Remote power management would have been very key to these organizations, as power loss, hardware failure and software-related issues were the three main reasons healthcare organizations lost 57 hours to unplanned downtime in the last year.

“Trust has become a board-level business priority,” said Scott Filion, General Manager of Global Healthcare at EMC Corporation. “Healthcare organizations have always focused on information security, but today they must do more to protect data and ensure accessibility to meet ARRA, HITECH [and] HIPAA requirements.”

What can be done to better ensure business continuity?
While organizations in all industries and not just healthcare struggle to guarantee more consistent IT uptime, decision-makers can take a few key steps to make sure they are better prepared for any situation. One of the first actions to complete is a thorough audit of all endpoints current disaster recovery processes to determine precisely what the entire IT landscape looks like and what can be improved.

For example, Opengear Senior Sales Engineer Dan Baxter noted in a recent blog post that a company’s key terminal server could be out of date. If a business is still using a Cisco terminal server even though it is decades old, then it may be lacking the security and reliability mechanisms necessary to prevent disaster from striking.

To prevent machine-related issues, human error or natural disasters from leading to unplanned downtime, companies should adopt a remote site management solutions equipped with out-of-band access. When IT teams use this kind of remote monitoring software, they have the ability to quickly identify and troubleshoot problems occurring on a wide variety of endpoints – even if oversight teams are hundreds of miles away from the hardware in question and core connectivity is down. With such a remote monitoring system, business leaders can rest easy knowing that unplanned downtime is minimized and business continuity is guaranteed.

“Key to handling utility outages are diligent and high quality monitoring and having in place contingency plans for business continuity,” Opengear’s Derek Watkins wrote in a December 2013 blog post.