Imagine a scenario where your company’s digital infrastructure goes offline. Your servers are unreachable, the company website is offline, internal communication stops working and employees are locked out of offices because keycard security systems are down. Your entire company—literally everything it does—just stops. It’s a nightmare scenario, but if you’re prepared with a business continuity plan, it can be a short-term inconvenience instead of a company disaster. As we’ve seen just recently with the massive Facebook outage, these scenarios can happen to any organization.

Company-wide communication disruptions can be triggered from internal incidents, such as misconfigured servers or routers, cut cables and other hardware and software failures. They can also come from the outside in the form of natural disasters like wildfires, floods, hurricanes and earthquakes. And of course, there’s always the chance that disruptions are due to actual cyber attacks by hostile actors. Recognizing that both internal and external scenarios are possible is key in developing a backup communication and access plan before disaster strikes.

While a remote workforce means at least some of your staff will be out of harm’s way should an actual natural disaster strike the office, it doesn’t mean they won’t be impacted by your infrastructure downtime. Offline servers mean work-from-home employees can’t access hosted files, data and apps. If your communication infrastructure is down, too, they don’t have any way to stay on top of the incident status. Without a backup communication plan, on-site employees won’t have any idea how long they’ll be locked out of offices if the security system is also down, and off-site employees are simply in the dark.

Make a Business Continuity Plan for Disasters

A well-documented communication backup plan should be part of your company’s overall business continuity plan for disaster scenarios. If you use an in-house solution for intra-company communication, for example, employees need a fallback solution should the primary communication platform stop working. On-site employees also need a clear-cut plan should the security system fail, locking them out of rooms or even the entire building.

In both cases, your recovery plan needs to clearly list the processes for attempting to restore services, and the incident response tools to use. Be sure to define who is responsible for triggering the plan, too. For companies that need help creating a response plan, services are available to help out.

Documenting processes in detail is important because it’s unreasonable to expect employees to remember everything they need to do during what’s likely a high-stress situation. Providing team members with printed documentation is smart, too, because they won’t otherwise have access to the procedures if the files are stored on servers that are currently offline. In that way, physical or offline backups of your business continuity plans and procedures can be an essential part of cyber resilience.

Also, don’t make the mistake of assuming your response plan is etched in stone. Your plan needs to be reviewed and updated regularly to adapt to changing technology and to address evolving cybersecurity threats.

Develop a Backup Communication Plan

When your company’s communication system literally breaks down, it’s time to put your recovery plan into action. Establish a secondary internal communication system beforehand so everyone knows what to use when the primary system is down. Employees need to know when to switch to the fallback system, too. Relying on word of mouth from managers, however, shouldn’t be the primary way of relaying that information. It’s inefficient and slow, ensuring all on-site employees are notified is difficult, and employees working outside the office might be excluded from the communication chain.

For some companies, a simple time limit to move to the backup communication system is enough. A company that relies on an internal chat platform, for example, could set a 15-minute threshold for downtime. After hitting the time limit, everyone moves to the backup platform until they get an official order to return to the primary system. Documenting this time limit in your business continuity plan can help make needed transitions seamless.

If employees are issued company smartphones, pushing a message to everyone with an alert to switch to the backup communication platform is an option. That’s assuming, of course, cell service is working and the system to send messages en masse is operational. Regardless of the system used, the process for knowing when to move to the fallback communication system needs to be reliable since there’s a good chance many employees will be working remotely.

For companies where system downtime is newsworthy, a plan for handling media and other public-facing communication is necessary, too. Prepare general statements ahead of time, and make sure those are accessible outside of company servers so authorized employees can make public statements. If access to company servers isn’t possible, any prepared statements stored there won’t be available.

Plan for Physical Building Access

Employees locked out of their offices, or the entire building, when the security system goes offline is more than just an embarrassing news story. It’s also a big obstacle to getting the downed systems up and running again. If the team that needs hands-on access to servers and networking gear can’t get inside, they can’t work on fixing the issues that took communication and security offline.

Many companies use some sort of authentication system to manage building and room access. If that system is offline, designated key holders who can manually unlock doors need to be available and on-site as quickly as possible. They also need a process for verifying who gets in the building or offices to prevent potential security breaches.

Training and Practice Scenarios for Business Continuity Planning

Time is money, and that definitely applies to system downtime incidents. Each hour during an incident can cost a company thousands—or even millions—of dollars. Testing your incident response plan can show weak points and gaps in the procedures. It’s also much easier to address those problems outside of an actual incident situation.

Ongoing training is key, too. Team members responsible for managing an incident response should participate in practice events so they’re prepared when a crisis actually happens. Backup communication systems need to be tested regularly, too.

It’s also important for all employees to know what to do during a system failure. Company-wide training and detailed business continuity plan procedures make it much easier for everyone to know how to respond to the situation.

Preparing a recovery plan ahead of a communication or security system failure is critical for a fast and effective response. Training and practice scenarios are important for making sure everyone in the company knows what to do during an incident. That can save your company from hours or days of downtime and lost revenue.

More from Incident Response

3 recommendations for adopting generative AI for cyber defense

3 min read - In the past eighteen months, generative AI (gen AI) has gone from being the source of jaw-dropping demos to a top strategic priority in nearly every industry. A majority of CEOs report feeling under pressure to invest in gen AI. Product teams are now scrambling to build gen AI into their solutions and services. The EU and US are beginning to put new regulatory frameworks in place to manage AI risks.Amid all this commotion, hackers and other cybercriminals are hardly…

What we can learn from the best collegiate cyber defenders

3 min read - This year marked the 19th season of the National Collegiate Cyber Defense Competition (NCCDC). For those unfamiliar, CCDC is a competition that puts student teams in charge of managing IT for a fictitious company as the network is undergoing a fundamental transformation. This year the challenge involved a common scenario: a merger. Ten finalist teams were tasked with managing IT infrastructure during this migrational period and, as an added bonus, the networks were simultaneously attacked by a group of red…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today