In the modern day, online businesses that serve users throughout the world via the internet, have become dependent on their digital capabilities. To put things better into perspective, issues such as natural disasters, death, security attacks, system crashes, power failures, can cause unexpected downtime of services, which in return, will affect all of its users.
Because of this, it is essential for businesses operating online, to have a contingency plan that ensures business continuity, while the company deals with whatever issue they are facing. This is especially relevant in the web hosting niche, given the fact that unexpected downtime, can affect client websites, hence their business capabilities as well. Granted, in case things go south, companies operating in this niche have to answer to clients as well. Even a few hours of downtime across all services can hurt customers, and then lead them on to moving hosting to a competitor.
In this article, we will focus on some of the most relevant aspects that have to be kept in mind, to ensure business continuity in web hosting. We will cover what business continuity plans are, the need of disaster recovery plans, the importance of ISO 27001 and ISO 22301 certifications, operating mediums, and why it is required to host a mission critical service at a certified facility, to ensure continuity of web hosting operations.
Dealing with IT disruption – choosing between business continuity and disaster recovery plans
To kick things off, business continuity plans include relevant data on how companies will continue their operations during problems, alongside with temporary measures that must be implemented, including the need of backup IT equipment. On the other side of the spectrum, disaster recovery plans contain information on how the company will deal with the aftermath of the issue, but also on what needs to be done to get the IT systems back online, and return to full capacity operations for all customers.
Based on these aspects, it is important for business continuity plans to include the following key elements:
Log in details
In case the problem affecting web hosting services requires a change of IT equipment, or operating from somewhere else, the plan must include log in details, such as usernames, and passwords for all business-related services.
Back-up operation venue
For instance, if a flood damages all IT equipment, web hosting providers need partnerships with centres that can accommodate providing the same services, at either half of full-strength.
Staff contact details
In the unfortunate case of an emergency shutting down all IT systems, businesses need to keep a clear log of employee contact information, including phone numbers, emails and other relevant details, to ensure teem cooperation even when the staff is at home. This is especially relevant if systems fail at a time when not everyone is at work.
Any other operational details
This chapter includes, but is not limited to: customer details, where back-up data is kept, and other relevant information required for setting up shop in another data centre, and resuming service to clients.
Apart from these details, business continuity plans require a plan on where the service will continue operating from, in both the short-term and long-term.
Understanding ISO 27001 and ISO 22301 certifications
There has been some confusion regarding ISO 27001 and ISO 22301 certifications, relating to the proper procedure to ensure security, resuming operations at both business and IT levels, and more.
The two certifications are slightly similar, given the fact that both protect availability of information. For those who do not know, ISO 22301 represents the world’s leading international business continuity standard, and is based on a plan-do-check-act principle. It includes all relevant elements, and standards in case of disaster, such as document control, corrective actions, staff training & awareness, internal audits, disaster control and more.
It is important to note the fact that the two certifications also contain several differences. For instance, ISO 27001 leaves out standards on continuity documentation. On the other hand, ISO 22301 does require a few more elements, such as: continuity policies, business impact analysis, business continuity plans, testing of services, continuity strategies and more.
Better said, ISO 27001 allows hosting providers to implement their business continuity procedure in case of disasters with one document alone! ISO 22301 however, offers standards that help prepare companies on a much deeper level, while also granting business owners the know-how required.
Hosting a mission critical service at a certified facility
As mentioned above, once disaster strikes, web hosting providers need to be prepared to move operations, alongside with a mission critical service. Here, business owners can choose whether they wish to base their contingency plan on home operations, data centres, or certified facilities.
As things rarely go wrong, many providers choose to simply move mission control at home, or in a temporal office/data centre, containing the relevant IT equipment. While this can surely work in the short-term, chances are that it will not allow business to resume 100% service to all their customers, and operations will be affected in numerous ways, studies show. Therefore, it is best for companies to choose hosting mission critical service, at a certified facility that has everything required to facilitate a move of operations, and the IT equipment required to allow the affected business to continue full operation. While certified facilities are bound to be more expensive, it is important to consider the impact that failing to resume operations can have on the future of the company.
It is true, chances for disaster to strike are fairly low, given statistics, but anything can happen, therefore a web hosting business that is serious in dealing with trouble, will surely consider asking help from a certified facility while things slowly return to normal.
Last but not least, in case things do end up going wrong, the most important tip would be to give customer support a big power-up. Communicate with clients, and let them know the status, and when service will be resumed. By doing so, panic will be avoided, and clients will be kept for the long-run, granted that they are kept well-informed while the business continuity plan for web hosting is underway.