|ATM S.A. survey: business continuity management strategy becoming increasingly important for most Polish firms|
Awareness among Polish firms of the need to protect the continuity of business processes, including access to generated and stored data, is on the rise. According to a survey conducted for ATM S.A., as many of 99% of firms in Poland consider the protection and continuity of access to data to be key issues for the operation of their business. A possible solution, already well-known in Western markets, is the implementation of a business continuity management strategy.
With the increasing use of information technologies, which enable the automation of business processes, firms operations are becoming ever more dependent on electronic data. All it takes is a cyber-attack, damage to power lines caused by extreme weather conditions, or a broken telecommunications link to cause a firm to lose access to important data, meaning that the continuity of its operations is interrupted. Because such dangers are widespread, it seems to be a matter of key importance to plan ways of protecting against them or minimizing their impact.
In the survey, 41% of respondents referred to restricted or suspended business operations as the main consequences of the aforementioned events. More than half (54%) stated that their firms had in the past experienced problems with lack of Internet access, while one-third (31%) referred to problems with power outages.
Worryingly, more than half of respondents (52%) said that their firms had experienced problems with Internet access or power outages in the past six months, and one-third of these (17%) reported such problems in the last month. One-quarter of respondents (26%) had had similar problems more than one year previously.
These figures imply that most large and medium-sized firms in Poland are not well prepared for unforeseen events that cause network faults and the inability to access stored data. In spite of the very high rate of awareness (99%) of the critical significance of the protection of and access to data, these businesses are not facing up to the extent of the losses they may incur if they fail to take steps to ensure the security of their IT resources. A lock-down of business processes and inability to operate for a minimum of a few days is the most optimistic scenario. Further possible consequences include data loss, a fall in revenue, and loss of some customers.
A solution to these problems might be the implementation of a Business Continuity Management strategy, including use of the increasingly popular Backup Office service. Here, the customers full working environment is recreated in office rooms specially prepared for that purpose. Working positions in those rooms are connected to the customers computer systems at its data processing center. In case of unexpected loss of access to working positions at the companys main offices, the Backup Office provides the possibility of continuing its interrupted operations. In the innovative model under which Backup Office services are provided by ATM, the customers business data is accessed through virtual Microsoft Windows desktops. These make it possible to start up preconfigured workstations in any office, which means that customers can continue their operations without interruption.
Lack of access to key data, or complete loss of such data, may have catastrophic consequences for any firm, regardless of its size or the sector in which it operates. When a malfunction occurs, the financial losses may exceed the value of the investment which would have been needed to implement a business continuity management strategy. It is therefore important for firms to protect themselves against such developments in advance. This is the purpose of a Business Continuity Management strategy, of which one of the elements is the Backup Office service. Such a service is now used by most large corporations and international firms. It is only a matter of time before as has happened in Western markets similar solutions become popular among smaller firms as well, said Jacek Krupa, Vice-President of ATM S.A.
How to protect against data loss
Contrary to popular belief, management of the continuity of business processes is not just a matter for those employees responsible for the IT environment. It is a task for the organization as a whole, and requires definition of not only the number, but also the qualifications and predispositions, of employees needed for the conduct of critical processes. In practice such a team ought to include specialists with responsibility for ICT infrastructure, administration, human resources and PR.
It would be a mistake to restrict the team responsible for maintaining continuity of operations to IT specialists only, because its tasks will include such matters as identifying business-critical processes and resources, listing possible threats, designing procedures in case of interruption to the organizations activities, and choosing alternative sites for the continuation of those processes and the storage of resources, such as backup offices and data centers, leading to the conclusion of an SLA (Service Level Agreement) with their operators.
One of the most important elements of business continuity management is the implementation of IT solutions that enable real-time replication of key data and information to additional servers located in a backup data center at a safe distance from the companys main data processing site. In choosing a backup data center, it is advantageous to choose a trusted and experienced service provider. A professional data center, such as ATM S.A.s ATMAN Data Center, applies redundancy of key resources, including power supply systems, air-conditioning and telecommunications links, as well as providing physical and electronic protection of infrastructure. In such an environment, apart from the Backup Office service described earlier, ATM also provides colocation, dedicated server leasing and cloud computing services, thus guaranteeing to customers the security of the data they process as well as assured uninterrupted access to that data.
The survey was conducted for ATM S.A. in September 2015 among a group of more than 300 persons responsible or co-responsible for IT security in their organizations (businesses with 50250 or over 250 employees). They included holders of the following positions: Head of IT, Chief Security Officer for software/ICT, network administrator, systems analyst, IT manager, IT analyst, CEO (in smaller firms), and business continuity management specialist (in financial institutions and large corporations).