White Papers | Business Continuity Should Be Bigger Priority For Law Firms and Other Professional Services Firms
A national study of America’s businesses shows what many of us suspected: a lot of us are talking the talk but not walking the walk. While many businesses invested the time and money in developing business continuity plans following Sept. 11, relatively few are testing and updating those plans as is recommended.
The report from AT&T and the International Association of Emergency Managers (IAEM), found that nearly one-third of U.S. businesses surveyed do not have business continuity plans in place. We at Rafte & Company suspect the same is true for law firms and other professional services firms. The questions asked in the survey should be a topic of conversation for every professional services firm:
- Does your firm have a business continuity plan?
- When was the plan last updated?
- When was the plan last fully tested?
- What public alerting systems for warnings about terrorist threats or other potential disasters do you monitor?
- When the Federal government raises the terrorist alert level, for instance, from yellow to orange, do you implement specific protective actions?
- On which of the following measures has your firm has taken action or plans to implement next six months?
- Implement Internet security measures such as firewalls, intrusion detection, hacker protection and/or password authentication
- Establish redundant servers and/or backup sites
- Use a service provider for outsourcing
- Is cyber security part of your overall business continuity plan?
- I am going to read a list of possible cyber security threats to companies like yours. Which one do you regard as the most significant threat?
- Viruses and worms
- SPAM
- Hackers
- Internal sabotage
- An internal accident
- Denial of service attacks
- Customer, partner, and or vendor access to internal systems
- Remote workers
- Terrorist attacks
- Competitor espionage
- Using a scale of 1-5 where 5 means it is a top concern and 1 means it is not a concern at all, where would you place cyber security as a concern for your organization?
You can see how your professional services firm stacks up to the respondents to the national survey here.
At Rafte & Company we are particularly tuned into our clients’ data issues – electronic and non-electronic records, especially. From our vantage point, the sad truth is that few if any professional services firms are really prepared.
Frankly, the electronic part is the easy part. Even if you have a remote server for all the documents that you created, what about all the paper records in file folders sitting back at the office that are not digitized and are at risk of being destroyed in the flood or fire?
Therein lies the bigger problem.
Most professional services firms haven’t come to grips with the fact that in order to really protect themselves and replicate critical information, they are going to have to change the way they work. The written word is going to have to be maintained in a digital format rather than strictly on paper. No longer should they be printing important information to the paper file. Doing so leaves that data extremely vulnerable.
As Elizabeth B. Armstrong, executive director of the IAEM said in response to the survey findings, “The results of this survey show that companies are taking an unnecessary gamble with their futures. The cost of developing a business continuity plan and implementing a technology infrastructure to support the plan is minimal when compared to the daily financial impact once disaster strikes.”
The same can be said for America’s law firms and professional services firms. The question is how much are you willing to bet that your firm won’t be a victim on the next natural or man made disaster?
