Five Step Vulnerability Analysis for Business Continuity Planning

Business Continuity PlanningOne of the keys to long-term success is to focus on business continuity planning and crisis management processes today.  No one knows what tomorrow will bring, but there are steps you can take to ensure that you’re ready for anything. First, ask yourself:

     - Are your systems up to the task?

      - Is your data stored securely?

      - Are your managed services in reliable hands?

Taking the time to do a vulnerability analysis could save you from disaster later on down the line. How do you do that?  We’ve included a checklist as a guideline for you.

A Five Step Vulnerability Analysis

  1. Begin by doing an applications and data storage inventory.  Are you using traditional hardware or cloud computing? Is your data backup system internal or online?  If it's onsite, is there a secondary backup in case of power failure or physical damage to the building?  Make a list of each of these and evaluate which applications are being used most and how they are being accessed.

  2. Run a speed and reliability test.  Don’t rely strictly on automated tools for this. The human experience cannot be ignored when you’re in the analytical phase of your vulnerability analysis.  Use the system yourself and ask employees and operators what they perceive to be the weaknesses and flaws in the system.  The insight you gain from this is essential to performing the next step in your business continuity planning process.

  3. Upgrade or eliminate data storage and applications that are not up to par. At this stage you should have detected at least a few redundancies that can be eliminated and you can easily see which software needs to be upgraded.  The most commonly overlooked piece for organizations that have a breakdown in their business continuity planning is outdated software and applications.  Address it now and continue to address it regularly.

  4. Evaluate your managed services providers.  Now that you’ve done a thorough vulnerability analysis of your internal systems, it’s time to evaluate your managed services providers.  Are you outsourcing database management or data backup?  Are shared applications being used for tasks such as content creation or social media management?  Are those shared systems secure?  Corrupted data can have a devastating effect on your crisis management response time.  Make sure you check on this.

  5. Incorporate virtual solutions where possible. Cloud computing and cloud archiving are actually safer and more reliable than operating from a traditional hard drive or onsite server.  Back up your systems internally on a regular basis if you feel the need, but seek a faster and more efficient solution for day-to-day operations.  Cloud computing opens up better options for remote access and more extensive collaboration to solve problems and develop long term business continuity planning. 

Knowing what you have and how it works is critical to long-term success.  Upgrades should be done when they’re due, not when you get around to them.  Managed services need to be handled by those who stay on top of new technology and understand the ebbs and flows of business in your niche market.  Effective crisis management and business continuity planning success are dependent upon the decisions you make in these areas.

Whitepaper: 6 Do’s & Dont’s for Choosing the Right IT Service Provider