“Planning for emergencies only seems expensive until you need it, and then it’s priceless,”
Duncan Stirling, a Shefford man who helped his company recover from the Buncefield oil storage disaster.
- Do you know the risks for Bedfordshire? If not have a look here.
- Remember the risks can impact your business as well.
- Regardless of the size of your business, you need to be prepared for a variety of incidents.
- Are you prepared for utility failure?
- Are you prepared for staff not being able to access the building for days, weeks or months?
- Are you prepared for a flu pandemic?
- Give your business a quick health check with our checklist.
- Well done you have a Business Continuity Plan! But does it work? Don’t leave it too late to find out.
- Test your Business Continuity Plan using our testing scenarios here.
This means many businesses now only exist online and do not even have a physical premises.
This growth of technology, while beneficial for the smooth and cost-effective running of a business, comes with the threat of cyber criminality. All businesses are at risk and many may have already fallen victim, but does anyone know what cyber crime actually means?
Cyber security is about protecting your computer equipment, digital infrastructure and information from unintended or unauthorised access, change or destruction.
However, there are also some very simple steps that everyone can take to help reduce the chances of your business becoming a victim of cyber crime.
Protect your business online by following a few simple hints and tips:
- Install updates and anti-virus software
- Use strong passwords
- Only download from trusted sites or organisations
- Beware of Phishing emails
- Review and protect your business’s information
The Cyber Streetwise website offers a range of interactive resources and provides you with clear advice on the essentials for enjoying a safe experience online. Take a trip down CyberStreet to find out all you need to know about protecting your business.
Online fraud offences can also be reported to Action Fraud at 0300 123 2040 or by visiting the Action Fraud website.
- Action Fraud provides a clear signpost for reporting all types of fraud, including identity theft, investment, credit card and consumer fraud.
- Whether an individual or a business you can contact Action Fraud by calling 0300 123 2040 or going online.
“When my 10 year old daughter told me the doors had moved on their own on the morning of 11 December 2005,” he recalls, “we didn’t know what she meant, but then I got a call from my boss and you could hear his voice shaking. He told me about the Buncefield explosion and to start doing whatever we needed to do to get our business up and running again. What was uncanny was that we’d rehearsed our disaster recovery plan only the week before and even though I’d moaned about it, I was very grateful we had!”
At the time Duncan worked for Steria, an IT services company who sold disaster recovery solutions, and were located only three buildings away from the Buncefield plant that exploded in the early hours of Sunday, 11 December 2005. As part of a team rebuilding the company from the ground up he spent Sunday calling suppliers to get 180 laptops delivered to their makeshift offices; it was the beginning of three weeks of intensive effort as he and his team worked 14 hour days, living off takeaways, to save the business. “One of the worst things,” says Duncan, “was imagining what would have happened if the explosion had happened during normal working hours. It had blown random holes in walls, embedded glass and debris in the chairs where people sat, blown steel shutters through two walls and wrecked new offices we’d just relocated people into. It would have been horrific.”
“We needed to find new premises for our 400 staff, new IT equipment for them to use, have those rebuilt for our needs and network them. We needed tables and chairs for them to work at and cabling so they could all have the power they needed. “When the explosion destroyed our building it took all our PCs with it, our data was backed up offsite but one of our neighbours had their data systems wiped out. Fortunately I had a strong personal relationship with our supplier so when I called them on Sunday afternoon to order 180 laptops they got on the job and they arrived on the Tuesday. We then had to build them to our spec and our team worked 14 hours a day to do it. I was out buying KFC bargain buckets to keep everyone going. “While we were up and running on the Monday, taking orders and dealing with enquiries, it took three weeks for the situation to be stabilised and over a year before we could finally move back into some parts of our buildings.
“While you can’t plan for everything having some kind of plan helps you hit the ground running when any kind of emergency affects your company. You might have to start from scratch but having a plan and good relations with your suppliers and customers means that you have an advantage over those who don’t. You need to think about the basics, what’s important to your business, what do you need to survive and to get back on your feet. “For example every business needs access to the internet, to their data, and you might need to get your phones diverted to new numbers so you don’t lose your customers. You might need to arrange alternative childcare if people are relocated, your staff might need to travel further too. We had counselling for staff and support networks were set up in Hemel Hampstead for those affected.
“There’s also the physical and emotional effect which you don’t notice at the time. To get back up and running our staff worked long days for weeks and ate takeaways at their desks. People hit an emotional brick wall and need to take a break, fortunately they do this at different times, but you have to plan for your staff having time out from this rollercoaster so they don’t burn out. “But what I did see was people pulling together, I never understood what people meant about the “Blitz spirit” until then, but you can see it when disaster strikes.
“I’d advise any business, whatever its size, wherever it is, to think about getting a business continuity plan. That’s why I’m attending the Bedfordshire Local Resilience Forum events in March to talk to business people about how they should prepare for the unthinkable, because if it happens, it won’t be a drill.”
- VSAT (Vulnerability Self Assessment Tool) – a free self assessment tool that takes no longer than 30 minutes to complete, provides you with an assessment report and sign-posts you to best practice
- Risk Authority Robust V4 is a business continuity package you can use
- Business Continuity Institute (BCI) – for free good practice guides, training, workshops, a bookstore and accreditation
- ISO 22301 (previously known as BS25999) – The international standard for business continuity planning
- Centre for Protection of National Infrastructure – for the top 10 security tips, guidance to create a security plan, to learn about pre-employment screening / how to handle bomb threats / how to make your building secure / about cyber-security
- Business Continuity for Dummies – The Cabinet Office have helped develop this guide on business continuity