STAYING SAFE
When you're coping with an emergency, you can't afford to let your guard drop when it comes to information security, argues Neil Barratt of Survive.

Business Continuity Planning is about ensuring that your organisation can continue running in the face of adversity.

Planning is often focused on business-critical systems, but it's crucial that you don't lose sight of the needs of information security. As part of your normal daily business, you almost certainly have systems in place to protect sensitive data against hackers, snoops, viruses and accidental corruption. But what happens when disaster strikes? Are you sure your safeguards are still adequate? At the same time that you are ensuring continuity of the business, can you also guarantee continuity of security? Security concerns fall into three areas – confidentiality, integrity and availability.

Confidentiality may be compromised because your backup systems don't contain the same level of protection. Integrity is at risk because backup systems or the process of moving your data and processing systems could lead to corruption or out-of-date information being used. And the change of infrastructure might mean that, for some or all of your users, the data is simply no longer available. How real these risks are is largely dependent on your planning and your systems, but it's essential that risk calculations, taking these matters into account, form part of your BCP strategy.