Unpredictable events disrupt UK businesses every day, resulting in a loss of productivity, a loss of revenue, and potentially a loss of professional reputation.
Any number of unforeseen circumstances can have the potential to impact massively upon the ability of a bricks and mortar or online business to operate effectively.
As modern businesses become ever more dependent on network communications, so the threat to information security, as well as the many secondary repercussions of a serious breach, increases rapidly.
It is accepted by a broad range of IT security experts and independent industry observers that not only is the threat to critical business computer networks increasing, any damage caused by such security attacks is also likely to be more severe as malicious methods evolve.
Therefore any companies without sufficient security precautions in place are becoming increasingly likely to succumb to attack.
The UK's National Hi Tech Crime Unit (NHTCU) survey for 2005 estimates that the total cost of security breaches to businesses with over 1,000 employees is £2.45 billion. Hardly surprising then, that security has become one of the most rapidly growing areas of concern for modern business.
In 2005 IDC, the world's leading provider of market intelligence to the IT and telecoms industries observed: 'A well thought out business continuity strategy is measured by both its technical response as well as the competency and capability of its management to deliver a sound business response.'
Businesses without an adequate network security plan could fall foul to a variety of threats, all of which are likely to prove financially damaging.
Such companies must assess the risk of leaving their systems open, weighing up the predictable cost of installing IT security devices and services, versus the unknown quantity of financial costs incurred to systems, a decrease in revenue caused by inevitable downtime, the overall impact on business productivity, and the price of recovery.
Many companies are now discovering that a solid business continuity strategy will actually help differentiate themselves from the competition in tight marketplaces.
Customers and clients find it extremely comforting to do business with a supplier or partner that has a rock-solid plan in place to keep full operations, including the supply-chain, running in the face of adversity.
There are numerous methods that businesses can employ to maximise the chances of critical business processes operating at acceptable levels following disruption.
Business impact analysis, risk assessment, crisis management, disaster recovery, and regularly updated staff awareness programmes will all help businesses stay on the ball and well educated about the importance of business security.
Risk management involves assessing the level of genuine risk to a business, taking measures to reduce that risk, and maintaining that level of risk at a negligible level.
To reduce the risk of security breaches and ensure as far as possible that attacks are thwarted and business continuity is maintained, network managers and systems administrators must purchase, deploy and maintain security devices that protect networks from multiple points of attack.
Any genuine reductions in network security complexity will improve business security, reduce labour overheads, increase productivity, reduce management complexity, and slash overall costs.
It's a case of looking beyond the existing hardware and software limitations of traditional security or business continuity systems in order to understand exactly how such solutions should be developed for real-world implementation.
One of the most commonly overlooked factors in building business continuity is the importance of choosing technology providers that truly understand the importance of business continuity to the companies they form partnerships with.
A technology partner prepared from the outset to ensure a business maintains productivity in the face of adversity will prove invaluable to any organisation serious about their security.
Perhaps the most obvious area of the network to secure first is the perimeter. Perimeter security is an easy concept to convey to non-technical individuals within the business who are of course familiar with the idea in their normal daily lives.
Firewalls are usually the first security products installed to increase perimeter security, limiting access to network applications and critical data to authorised employees or partners.
It is becoming more common for modern businesses to comprise disparate sites, making use of branch offices, home offices and mobile workforces to extend business reach and make working more flexible.
This trend heightens the requirement for secure business connectivity, best achieved by creating virtual private networks (VPNs).
VPNs allow for secure communications across public networks including the internet. Secure VPN gateway devices encrypt communications to ensure data tunnelled across a VPN cannot be intercepted before reaching its intended destination.
Continuous, ongoing monitoring and re-evaluation of network security is also vital in order to regularly test that critical areas of business IT infrastructure remain fully protected against intrusion or attack.
A well implemented, enterprise-level intrusion prevention systems (IPS), will proactively defend organisations against any renewed security threats developed.
Multi-homing
If possible, business continuity can also be improved exponentially for a simple business network internet connection by making use of ISP multi-homing.
With this technology onboard, a business can employ, for example, three external provider lines, and choose the ISP that is proven to deliver information packets fastest for any particular connection.
This then becomes the default provider in that instance ensuring the best possible transit of data, and can also be cached for use in similar future exchanges.
Similarly, multi-link VPN technology can create very stable secure connections between dislocated corporate sites.
It uses multiple end-point IP addressing and multiple sub tunnels to form an impressive mesh of connectivity between two sites. If one sub tunnel then has a problem, traffic can fail over to another tunnel, and so on.
Last on the list of essential security precautions for any business for whom network uptime and data privacy is critical to business continuity, is a centralised management platform that provides end-to-end unified management for all firewall, VPN, IPS and multi-link products and services across a given network.
This is vital if managers and administrators are to manage their security infrastructure holistically, while benefiting from shared logging, reporting and auditing tools. This approach improves efficiency, while easing the deployment of new technology and the configuration of existing devices.
Above all, network managers demand products that are both highly-effective, and affordable - not just in terms of up-front investment costs but also the total cost of ownership long term.
Instead of developing expensive, one-trick standalone devices designed to plug security holes in the shortest term, it's preferable to take a more holistic approach to enterprise security and continuity by developing complete end-to-end systems.
Ultimately, what every forward-thinking businesses with a sound understanding of the importance of security technology and business continuity requires is a practical, understanding partner, equipped with a comprehensive spread of products and services developed for building predictable business processes in an unpredictable world.
