Can Your ISP Pass the Bus Test?

When one employee is literally indispensable to your operation, your organization is at risk.

by Jason Zigmont HowToSell.net [June 4, 1999]

An important test for a growing ISP is the 'bus test.' The bus test is simple: If employee XYZ were hit by a bus and died tomorrow, would your ISP be able to carry on with little or no effect? The point isn't really about traffic accidents, of course: Employees leave. Shit happens.

When ISPs were mostly just hobbies, if the sysadmin, or some other operator disappeared--and the ISP died as a result--there weren't as many people to get hurt, lose jobs, lose money, or any of the other negative effects of the ISP going out of business.

Too many ISPs who started off small, and who understandably relied on a single person, ended up relying on that one person even more when they grew larger, and had more at stake. Many large ISPs, without truly realizing it, fail the bus test miserably, and would be nearly wiped out if person XYZ left--or was hit by a bus.

How about you? Imagine what would happen if you had to replace person XYZ in your company. If you'd be hard put to cope without this 'key' employee, you need to make darned sure the person wants to stay with the company in the short term, and in the mean time, develop a contingency plan in case something happens to XYZ.

Backup, backup, backup
Obviously, the first place to look within your company is on the sysadmin/network admin side. While, in general, one person has to have ultimate control over what happens on the network, and on your servers, there has to be ^at least^ one other person who knows what's going on. I have seen many ISPs where only one person knows the enable password for the routers. There are ways to find out the enable passwords, but in an emergency, or during a network outage, do you want to have to break into your own systems?

Keep in mind that, quite often, the technical person doesn't want others to know passwords or system designs because of a fear of losing control-or their jobs (similar to the software designer who doesn't comment source code, thereby assuring they will have a job forever). There are good reasons to keep the number of people who know root and enable passwords to a minimum, but there ^has to be more than one.^

The key is in documenting everything: network design, passwords, etc. There are two benefits to this: You develop a plan to cope with XYZ no longer being with the company, and a chance for XYZ employee to look at what they are doing from a different view. Documentation is also crucial in business planning, gaining financing and other growth issues.

Write it down, file it away
Ideally, every employee should have a log of important information 'just in case.' For example. If one of your sales people left, what contacts would you lose? What issues was s/he working on that you would need to follow up on? Without a log of important information, when a salesperson leaves, you are likely to lose clients.

Realize that when you start asking questions, your employees' reactions are, in most cases, going to be negative. They are going to be worried. They'll think you're looking for this information so that they can be replaced--and in a sense, you are.

So, you'll need to explain what you are doing. It's very important to make it clear that it is not a personal attack. Why not use the bus accident analogy? If you analyze the entire company at one time, you can reinforce the idea that individuals are not being singled out. Remember. It's for the good of the company. If they refuse to give you the information under these circumstances, that is all the more reason to get it from them.

End