3500 Lacey Road, Suite 100
Downers Grove, IL 60515
Over the past two weeks, scores of MSPs, cloud providers, and other tech services companies have been scrambling to protect and restore their clients' critical business systems. The one-two punches of Hurricanes Harvey and Irma put disaster preparation and restoration plans across the Southeast and Texas to the test. And the work is far from done.
In the aftermath, tech companies are assessing the damage, restoring systems and bringing terabytes of data back online so their customers can get back to business. Hats off to those who are busy doing what do so well.
Now take a minute to think about the SMB organizations that may not have had a trusted advisor to prepare them for potential disasters. Or someone to help bring their businesses back online after the danger passed. FEMA (the Federal Emergency Management Agency) claims that more than 40% of businesses that experience a disaster never reopen, and just 29% of those that survive are still around two years later. Those without proven DR/BC plans likely fared much worse.
The Elephant in the Room
The problem few seem to address is the preparedness level of technology firms. From cloud and hardware suppliers to the MSPs that manage hundreds of business systems in a region, will they really be able to help others when a disaster occurs if their own operations are dead in the water (literally and figuratively)? Few expect anyone to be working as a hurricane passes over the community or during the short-term recovery period, other than emergency services personnel and those helping them do their jobs. But after the danger passes, tech firms simply have to be ready to roll.
Even when they have no power, cell service or internet connections.
Those are realistic scenarios based on what happened during and after the most recent catastrophes. The day after Irma went through, Eric Silagy, president and chief executive of Florida Power & Light stated, "more than half of the population of Florida is out of power would be my guess." Many areas in the state are expected to go days, if not weeks without electricity and communications.
The same goes for residents and businesses in Texas. Scores are still offline, as anyone might expect with that much flooding and its effects on the power grid and cable lines.
MSPs may be particularly vulnerable. Few have secondary facilities and data centers of their own. Irma and Harvey each spread their devastation across wide areas, meaning those with backup locations 25, 50 or 100 miles away from their primary location may still have lost everything. They may spend hours, if not days, bringing their own systems back on line before tackling any of their clients' major issues.
In other words, how can an MSP that is not properly prepared for a disaster possibly expect to support its customers in their time of need? Of course, they can't. Which is why every technology company, including suppliers, distributors, and other services firms, needs to assess their true readiness. Those preparation responsibilities include:
The one-size-fits-all DR/ BC strategy doesn't work. Each tech company needs to assess its own vulnerabilities, infrastructure deficiencies, and local concerns. Whether in a flood or earthquake zone, or susceptible to hurricanes or tornadoes, they need an action plan with worst-case business continuity options. What happens when they lose electricity or internet service? Do they have personnel offsite to triage customer problems until the company is back online? The list of considerations is lengthy, but tech firms, at a bare minimum, must have their basic needs covered:
There's simply no reason for tech firms not to have comprehensive disaster recovery and business continuity services in place, especially those who sell and support them. The first step for MSPs when adding a new offering to their portfolios should be implementing and fully testing them in their own business. Not just an occasional backup review, but a complete off-site restoration to ensure the team and the company would be ready if a tragedy were to occur.
How many providers truly check the disaster preparedness of their vendors and other key partners? Some pay extremely close attention and meticulously review all aspects of their suppliers' DR/ BC plans and SLAs. The good rule of thumb for providers is to request documentation, including a step-by-step process and list of priorities for service restoration when outages occur.
No matter how good the preparation, people are always the wild card in the equation. Even when a tech firm's DR/ BC plan works flawlessly, what would happen if a key employee were unable to fulfill his or her responsibilities? Family and personal safety should always come first. Work might not be a priority.
But a backup should be assigned and prepared to handle every role, and for worse-case scenarios ‒ where the main facilities are lost or inaccessible ‒ consider outsourcing or sharing responsibilities with other firms. The buddy system is a realistic option, but some forethought and a legal review may be necessary before putting it into action.
Testing it out! A plan without validation is worthless. Firms may test their DR systems weekly or monthly, with an annual or quarterly run through of their business continuity strategies. The frequency and depth of testing may vary based on their vulnerability and the amount of disruption they cause. Though no one truly knows what will happen until disaster strikes, preparation could make all the difference in the world.
Brian Sherman is president of Tech Success Communications, a channel-related content and social media development firm. He served previously as the chief editor at Business Solutions magazine and senior director of industry alliances with Autotask. Contact Brian at Bsherman@techsuccesscommunications.com.