A global pandemic may not have been one of the scenarios in your current business continuity plans. Yet, as COVID-19 continues to rock businesses in every industry, CIOs have the opportunity to brush up on disaster recovery as they strategize their response.
“When traditional channels and operations are impacted by the outbreak, the value of digital channels, products and operations becomes immediately obvious,” according to Gartner analyst Sandy Shen. “This is a wake-up call to organizations that focus on daily operational needs at the expense of investing in digital business and long-term resilience.”
The uncertain time frame of disease outbreaks means security and risk management leaders should arrange short- and long-term plans for protecting employee health, assessing third-party exposure, and ensuring continuity of operations.
For most organizations, this means giving your current business continuity plan some TLC. From executing “fire drills” associated with cyberthreats to spinning up additional data centers and communicating about the challenges of remote work.
Even if this pandemic ends in the coming months, we may feel its lasting effects for years to come. Do not let the coronavirus crisis cripple your company. Find out short and long-term actions you can take through your business continuity plan to soften the blow of COVID-19.
Business Continuity Planning
Business continuity planning is the process of creating prevention and recovery controls to combat any risks or threats an organization could face. The plan ensures that personnel and assets are protected and are able to function quickly in the event of a disaster. A business continuity plan is generally created in advance and involves input from key stakeholders and personnel.
Whether you operate a small business or a large corporation, you strive to remain competitive. It is vital to retain current customers while increasing your customer base and there is no better test of your capability to do so than during or right after an event.
“There’s an increase in consumer and regulatory expectations for security today,” says Lorraine O’Donnell, global head of business continuity at Experian. “Organizations must understand the processes within the business and the impact of the loss of these processes over time. These losses can be financial, legal, reputational and regulatory. The risk of having an organization’s “license to operate” withdrawn by a regulator or having conditions applied (retrospectively or prospectively) can adversely affect market value and consumer confidence. Build your recovery strategy around the allowable downtime for these processes.”
So, where should you start? Create a list of short-term and long-term action steps to take during and after the COVID-19 global pandemic.
Short-Term Actions
CIOs leading innovation, disruptive trends and emerging practices should take the following actions:
- Vet digital collaboration tools to boost teamwork between employees that are working remotely, ensuring security measures and network support are in place.
- Work with business leaders to conduct workforce planning to assess risk and address staffing gaps. Reprioritize demand and balance teams by shifting personnel from areas of lower priority.
- Engage customers and partners via digital channels to maintain relations. Repackage product offerings and sell through digital channels.
- Establish a single spokesperson to communicate workplace updates and COVID-19 responses to staff.
Long-Term Actions:
- Develop a digital workplace strategy that includes collaboration applications, security controls, bring-your-own-device (BYOD) programs and network support.
- Identify alternative employment modes and digital technologies that can empower employees and automate tasks.
- Develop digital product extensions, expanding to new channels and enabling new business models to increase business resilience and prepare for growth.
- Contribute to programs that improve data literacy and increase adoption of a wider range of data and analytics tools.
Impacts and Top Recommendations for CIOs in Testing Business Continuity Plans
According to Gartner, customer demand has been unevenly impacted across industries. Some businesses have experienced a dramatic drop-off, with a 50 percent to 95 percent reduction in order volume compared to the same period last year, others have completely shut down operations to curtail costs.
On the other hand, industries such as pharmaceuticals, personal protective equipment, medical equipment/supplies, education, digital entertainment, grocery and logistics have seen demand spikes as people take preventive measures, continue schooling and get daily supplies from online channels.
The following information aims to help CIOs to not only respond to the emergency outbreak of COVID-19, but also demonstrate leadership to increase business resilience and prepare for rebound and future growth.
Impacts and Recommendations
One impact that some organizations are facing includes the challenge with the continuity of their operations as employees are quarantined in various locations with uncertain return dates. To make business as normal as possible, implement source digital collaboration tools for employees to connect with. Later, develop a digital workplace strategy and use technologies to automate tasks.
Another impact includes the confusing or lack of data from unverified sources which is leading to poor decision making, escalating employee anxiety and making organizations underprepared for rebound and growth. A way to drown out the noise is to elect a reputable spokesperson to be the mouthpiece for communicating pandemic news and company updates. The CEO or IT security leader would be a great choice.
Since the outbreak, demand fluctuations are impacting organizations in two contrasting ways: Many industries are seeing sharp declines in demand and face serious financial challenges as their cash flows are depleted. At the same time, certain industries such as personal protective equipment, medical equipment/supplies, education, online grocery and pharmaceuticals have experienced surging demand.
But many companies lack employees and or support facilities to cope with this surge, and therefore risk disappointing and disengaging customers. For businesses where demand has shrunk, service volumes can be unevenly distributed over time.
Some short-term solutions that your organization can implement over the following problem include engaging customers over digital platforms such as branded sites and apps, online marketplaces and social media. You can also start to sell through these digital channels if you have not started already.
Shift Spending to Support Remote Work Environments
In the short term, CIOs can shift spending to technologies that support remote work, such as laptops, desktop virtualization, VPNs and multi-factor authentication to ensure secure access.
As much as remote work can be fraught with challenges, there are also relatively quick and inexpensive things that managers can do to ease the transition. The Harvard Business Review recommends the following actions:
- Establish structured daily check-ins: Many successful remote managers establish a daily call with their remote employees. This could take the form of a series of one-on-one calls or a team call if your employees work more independently from each other and their work is highly collaborative.
- Provide several different communication technology options: E-mail alone is insufficient. Remote workers benefit from having a “richer” technology, such as video conferencing that gives participants many of the visual cues that they would have if they were face-to-face.
- Establish “rules of engagement”: Remote work becomes more efficient and satisfying when managers set expectations for the frequency, means, and ideal timing of communication for their teams.
Managers must understand factors that can make remote work especially demanding. Otherwise high-performing employees may experience declines in job performance and engagement when they begin working remotely, especially in the absence of preparation and training.
Be Proactive about Cybersecurity Scams
Scammers are initiating phishing attacks that lure users into clicking on malicious links and sharing confidential information.
Snow Software’s Alastair Pooley says that his company is repelling several coronavirus-themed phishing scams. The concern is that employees preoccupied with switching between chat and email may get tripped up and click on an email with a message payload. “It’s a sad indictment on the criminals … but I suppose that’s why they’re criminals,” Pooley says.
IT and security leaders should work with internal communications to provide tips to employees on recognizing and avoiding phishing emails.
While your IT Security team may be up to date on the latest security and compliance best practices, without specific training, your average employee will not know how to protect against determined hackers.
Security training for employees and for any subsequent third party who maintains access to any confidential data should be mandatory.
Initial security training is an important part of any new employee onboarding training. Having frequency is a major factor in ensuring that employees are aware of current rules and good security hygiene. If possible, quarterly training is recommended by security experts, as well as, training following any security incident.
These periodic training updates need to address not only basic security, but also new tactics and methods employed in other significant security breaches and identifying points of weakness unique to the employee’s role within your organization.
Put LightEdge’s Business Continuity and Disaster Recovery to the Test
What would happen to your mission critical infrastructure and data if a disaster were to hit this very second? Are you prepared? If not, or if you’re in need of a better disaster recovery solution, thankfully, LightEdge can help. Now that modern IT practices have started to blend physical with virtual, and cloud with on-premises, safeguarding your applications and data requires several tools and methods.
LightEdge is committed to keeping our customers’ IT operations, critical applications, and data protected. We provide the technology and resources our customers require to get back to a production state that meets their RTO and RPO requirements.
LightEdge offers a comprehensive set of disaster recovery solutions to ensure uninterrupted performance of IT operations and mission-critical systems in the event of a disaster.
The reliable availability of business IT is essential to the management and livelihood of every company, large or small. All elements hinge on the dependability of your technology to deliver vital information right when you need it.
Our LightEdge facilities are more advanced than traditional data centers. We have created true Hybrid Solution Centers designed to offer a complete portfolio of high speed, secure, redundant, local cloud services and managed gateways to public clouds through our hardened facilities.
Want to learn more about LightEdge’s disaster recovery and business continuity services? Contact one of our disaster recovery experts to get started or to schedule your private tour of any of our data center facilities. We have disaster recovery, colocation, and business continuity experts standing by to answer any of your questions.
