Why You Should Create A Threat Matrix For Your Business Now!

iStock_000061463260_SmallIntroduction

Many small businesses just don’t believe that Business Continuity planning is something they should waste time on. Many Business Owners feel that they can ride out any situation and that they’ll be up and running in no time.

What many don’t realize is how much data they have accumulated over the years and how important that information really is to their business. It is not unusual for even small companies of 5 or less employees to have over a terabyte of stored information. In fact, many companies don’t realize how much confidential information IS ONLY stored on individual employee PCs and not even saved to their server where it can be much better protected.

A well-known joint study by HP and SCORE found that 70% of companies that experienced a catastrophic data loss closed their doors within one year. Some only had data-level backup and found out the hard way that this type of backup system doesn’t guarantee a quick recovery.

So, the first thing you should do is to create a Threat Matrix and identify the disasters that can befall your company, decide which are the most likely to occur and document a detailed response to minimize loss.

A Threat Matrix is simple but powerful

This simple exercise of thinking about and listing the events that can threaten your company’s existence will at least make you aware that, through no fault of your own, you can suddenly find yourself out of business if you don’t have a plan—literally overnight.

You see, the danger is not only the disastrous event itself, but the time it will take for you to recover from it. After disaster strikes, your chief enemy is time because no matter how close you are to your clients, if you cannot help them in their time of need, a better-prepared competitor will be more than happy to do it for you.

A basic list identifying each threat, scoring them and referencing the appropriate procedure is all you need to get started and is the first step to recovery.

Threat Matrix 2

A sample list of common threats

  1. Fire
  2. Flood and water damage
  3. Natural Disaster (Hurricane, etc.)
  4. Extended Loss of Electrical Power or Internet Connectivity
  5. Complete and Sudden Server Failure
  6. Software Corruption
  7. Social Engineering Attack
  8. Denial of Service
  9. Pervasive Malware Infection
  10. Malicious Intruder (i.e. Stealing or Damaging Equipment)
  11. Disgruntled Employee (Data Deletion, Corporate Espionage Activities, etc.)
  12. Human Error
  13. Hacking – Stolen Confidential Information
  14. Loss of Key Digital Files and/or Databases
  15. Stolen unencrypted Laptops
  16. Bomb Threat
  17. Terrorist Attack

The above list is only a sample. I’m sure you can come up with many more for your company and industry. You should know that the word “Disaster” doesn’t only mean hurricanes, tornadoes, floods, etc. In fact, recent studies show that 58% of data loss result from hardware failure and software corruption and 32% from human error while natural disasters account for only 3%.

Identifying threats is important but your response is critical

After identifying the threats, rate each of them (high, medium, and low) and create detailed procedures on how you would respond to each. A written plan is important because your response to a threat must be executed quickly to minimize damage and begin recovery. Formulating your recovery plan on the fly in the midst of a disaster is not a good idea!

At the end of this article is an easy-to-use template that will help you create an IT Business Continuity Plan.

Conclusion

Disaster planning is crucial to your company’s survival. Threats are everywhere and the digital landscape is getting more dangerous.

But, make no mistake about it, your goal should be Business Continuity not merely surviving a disaster.

We created an MS Excel-based template that will help you quickly put together a basic plan. Our easy-to-use template guides you through the process, providing ready-made sheets—including a Threat Matrix—to hold vital information. Simply fill in the forms. Each sheet has sample data to guide you. It’s FREE and easy.

To help you create an IT Disaster Recovery Plan for your business, click here to download our free MS Excel-based template.

 

XSolutions is a Managed Services Provider (MSP) and provides 24/7/365 remote monitoring, scheduled workstation and server maintenance, Help Desk Services, Business Continuity Solutions, Cloud & Hosted Services and IT Consulting. Call us at (845) 362-9675 and see how we can help your company.