Amidst the COVID-19 pandemic, all enterprises — whether large or small — are putting their IT Service Continuity Plan to the test. With many major cities throughout the U.S., and the world, imposing the closure of non-essential businesses and limited public contact, businesses are now faced with managing the steep surge in the number of employees working from home.
Adding to the severe boost in digital traffic is a sharp increase in the global demand for online streaming services, e.g., those who aren’t working from home, but are now on lock down and increasing their digital consumption via video games, streaming services, online food delivery services, etc. Therefore, it’s unsurprising that the global digital supply chain is experiencing a drastic stress test.
Were you prepared?
Some businesses had already prepared for an emergency by developing and testing their IT Service Continuity Plan. They planned and implemented preventative measures such as stress testing their networks and have multiple VPN servers set up, so it’s easier to handle the sudden digital traffic increase. But, for those just starting their business, some might not know how to handle this problem.
If you do not have an IT Service Continuity Plan in place or you need to update one that’s been collecting dust in your archives, we’re here to help. In this article, we’ll review the essential elements of a robust IT Service Continuity Plan that will help clarify the answers to the following question:
What are the fundamental steps required to ensure your IT services maintain continuity when faced with a disaster beyond your control?
What is an IT Service Continuity Plan?
An IT Service Continuity Plan is precisely what it sounds like: a plan to keep your IT services running smoothly and securely when a crisis occurs, both for your internal and external stakeholders (i.e., employees and customers). You may incorporate this plan into a larger and more comprehensive Business Continuity Plan, also frequently referred to as Disaster Recovery.
There is a difference between an IT Service Continuity Plan and Business Continuity Plan. The latter focuses on keeping the “lights on” (essential operations) for your entire business. The former directly relates to how you plan on ensuring the continuity of critical IT systems, tools, and processes within the context of the following potential disruptive scenarios:
- Technological loss: your tech stack is unavailable.
- Building loss or access denial: employees cannot access on-site equipment.
- Staff loss: essential employees are no longer available or aren’t immediately available.
- Losing critical suppliers: if your IT infrastructure depends on another digital/IT supplier who is also experiencing any of the aforementioned disruptions, then you must plan for emergency backup services to temporarily fill the gap in service.
Create or update an IT Service Continuity Plan
Whether you have an official IT Service Continuity Plan, it’s important to keep in mind that maintaining IT service continuity is an ongoing process. It’s not a one and done checklist item. You should periodically review the plan, test it, and update it.
It is, indeed, challenging to try and account for every single possible event. Instead of trying to map all of the unknown-unknowns to your service continuity action plan, correlate your if-then scenarios to the aforementioned potential disruptive scenarios (listed in the section immediately preceding this one).
While there is much more to a comprehensive IT Service Continuity Plan than will be included in the sections that follow, we’ve provided you with the must-have components.
The Basics: Essential Components for your IT Service Continuity Plan
When you’re in the midst of a disaster, creating or updating an IT Service Continuity Plan is likely the last thing on your mind. But, now is the time to review lessons learned from COVID-19’s global disruption and generate a new action plan or revise existing plans. At the very least, you need to:
- Establish an IT Continuity Manager and Crisis Management Team.
- Define what’s critical in terms of IT infrastructure and business operations.
- Identify severity levels in relation to criticality.
- Determine how you will respond to each of the “loss” scenarios: technology, building, staff, suppliers.
Next, your IT Continuity Plan, at the very least, should have the following sections:
- Critical contacts and RACI cascade: Who is responsible, accountable, needs to be informed and/or must be consulted as soon as the incident occurs?
- Essential systems: Relatively self-explanatory, but this centers on the question, “What are the IT systems and processes that your business survival relies upon?”
- Escalation plan: What are the triggers and signals that tell you to enact your IT Continuity Plan? How are these escalated and communicated throughout the organization? Where can everyone find the action plan(s)?
- Action plan checklist: Step-by-step actions that must take place immediately, and who is responsible for completing those actions.
- Backup physical locations: In the event a building is inaccessible, is there a backup location along with directions, how to enter the building, etc.?
- Plan maintenance and testing schedule: If you’re still a bit blindsided by the COVID-19 pandemic, then completing this section can be delayed. But, it shouldn’t be delayed any more than a maximum of 12 months.
- Version control and approval information: Is this the most recent version? If not, then it’s likely you’ll find more unknown-unknowns or known-unknowns that haven’t been written down in any official form.
We understand that each business is unique. Your IT Continuity Plan will evolve right along with your business as long as you bake ongoing review of the plan into your core business processes. Agile has pressed the “working software over documentation” mindset, which makes sense in the rapid world of software development.
However, from a business perspective, documenting your business processes, including IT, increases transparency. The more transparency you have, the more likely you are to build cross-functional teams that will aid you during disaster recovery.
What you can do now during COVID-19
COVID-19 is a novel virus that swept the globe at a novel time in human history. Due to a compendium of technical advancements, there is the potential for millions of workers to ply their trades solely in the digital realm. Our digital world also helps speed needed products and services through their relative supply chains. That way, businesses and workers can continue to produce, transport, store, and deliver much-needed goods to stores, hospitals, etc.
So, what can you do right now during the COVID-19 pandemic to ensure IT continuity?
Monitor your Servers
Stay on top of your servers and monitor your server’s performance frequently. This will allow you to see where a malfunction may occur before it happens. Monitoring your servers frequently will also allow for a quick reaction when they do go down, minimizing the time your servers are down, and saving you precious time and money.
Scale your Data Processing
It’s important to properly scale your data processing to achieve maximum productivity. Load-balancing (adding alternative node that will handle requests while the primary node is not available) will reduce stress on your system, as well as decrease the likelihood of your servers being overloaded with data and going down.
Keep a Maintenance Checklist
Create and perpetually update a checklist for what needs to be monitored and maintained. This helps to make sure that everything that needs to be monitored is checked regularly. There are plenty of templates online you can use to make a checklist. Keeping a checklist ensures your servers run at maximum stability.
Eliminating single points of failure
Removing single points of failure is one of the quickest ways to reduce downtime. This means load balancing between servers, following good backup practices, and building technical fail-safes into your deployments.
Keeping your Customers Trust
Keeping the trust of your customers is also important. Communicating with stakeholders, and making them aware that you know there’s an issue builds trust. Preventing downtime also requires you to be aware and up to date on all your systems. Make a habit of replacing outdated systems and security.
VPN’s
The COVID-19 outbreak has caused more and more companies to revert to VPN to keep their information secure. VPN’s are Virtual Private Networks, which are networks that extend a private network across a public network. This enables users to send data across shared or public networks as if they were directly connected to the private network.
Virtual Private Networks are often used by corporations to protect data. Privacy is increased with a Virtual Private Network. This is because the user’s IP address is replaced with one from a Virtual Private Network provider, such as ServaxNet. This masks your IP address and makes it extremely difficult to triangulate where your information is coming from. In short, a VPN protects your businesses’ data on the web.
Setting up a VPN server is highly recommended, and helpful in situations like these. VPN’s allow your employees to work remotely in a secure fashion, ensuring their traffic is encrypted to your network. Also, VPN’s ensure that only legitimate network traffic is allowed to your secure resources, e.g., customer care dashboards for customer service associates working from home or privileged resources for a work-from-home software developer.
Stressed Networks
Some companies may already have a VPN server, and that’s great, keeping your information safe is key to keeping your business safe during serious situations. However, as we’ve seen in recent months, companies are moving large amounts of employees to external online entry points.
For a small company moving employees online may not cause too many issues, but for large companies, that many employees may stress the network. Depending on the number of devices connected, and the amount of data that is transported, a network could reach its limits and become overwhelmed. This could bring your network to a complete stop and cause additional problems, aside from the already complicated problem of having your employees work offsite.
The result, significant downtime for your business, which can cause many problems, from a gross loss in profit to possibly putting you out of business. So what can you do?
Multiple VPN Servers
Setting up multiple VPN servers is an excellent option for those who may need a high number of devices connected to a network. Multiple Servers allow more space for additional hardware to be added, reducing the amount of stress on the system as a whole.
However, it can be quite difficult to set up such a server, as it requires more experience to link multiple servers to the same network, and it can be hard to gauge how many servers you may need to support the data and hardware your company uses.
Even if multiple VPN servers are deployed, your office network may not be able to handle the node, thus requiring an external service provider to assist with server management. To save time, ensure IT continuity, contain costs, and alleviate the aforementioned network stress, you might consider moving your VPN off-site and into service a provider such as ServaxNet.
Offsite Backup Server
Another way to ensure your company’s safety is to set up an offsite backup for your data. Anything stored on your computer would only be on your computer. If something were to happen to your place of business, and you had not backed up your data on a separate server, your data would be gone forever.
Offsite backups provide a cloud server for copies of your data to be stored. This cloud server is kept in a separate location and allows you to restore your information.
Offsite Backups are not only good for disasters like pandemics, floods, and earthquakes, but they are also extremely useful in the case that your data is stolen. With an extra copy of your data, you can be sure that no matter if your building is destroyed, or your files become corrupted/stolen, you can always recover your data.
We Can Help
ServaxNet can help anywhere from providing new VPN Servers, to working on their existing networks to expand/optimize capacity.
Services provided by ServaxNet can set up a VPN server for your business, setting you up with not only security for your company, but also a safe place where your employees using public servers can log onto your private servers, during times, such as now, where working on site is not an option. All this while keeping your company’s information safe.
Provided is also the option to expand your networks to accommodate larger amounts of hardware and data, making the transition process to online work easier, reducing downtime, and expert setup of the network to avoid complications like clashes between routes.
Are you ready to bring your infrastructure to next level? Get in touch.