In a nutshell, business continuity is the ability of an organization to maintain essential functions during and/or after a service disruption, such as hardware failure, loss of power, and natural disasters.
In this time of uncertainty and rapidly changing work environments, businesses and employees alike are having to reevaluate their IT infrastructures, policies and make decisions in a matter of hours or days rather than over weeks or months. (Also read: What key business continuity solutions can my business take now?)
Regardless of business size, you should already have a business continuity/disaster recovery plan in place; however, if that is not the case, it is imperative that you begin to create one and/or review existing systems and processes to make sure that all of your t’s are crossed and i’s are dotted to ensure your business can continue to operate safely and efficiently in times of crises.
Experts widely agree that there are a handful of things business can do right now to help mitigate risk and keep your remote employees working:
-
Home networks present another attack vector and a risk to corporate network. Ensure all assets are up to date on patches and encourage your employees at a minimum install advanced endpoint protection on all non-corporate assets at home.
-
Require employees’ regular participation in security awareness training. Over 90% of security attacks start with a phishing campaign.
-
Quickly assess infrastructure capacity. With many employees working from home are there potential ingress choke points on the corporate network? Do you have enough VPN licenses for all employees?
-
Evaluate risk and plan to address issues if IT is unable to physically access on-premise server infrastructure hosting critical applications that are inaccessible remotely.
Once you’ve completed these tasks, the next step would be to work toward putting a business continuity plan into place; you should consider the following when building out your plan:
-
Analyze data protection strategies to identify gaps when employees choose the location of where they save data.
-
Confirm disaster recovery capabilities for key systems that may become unavailable (due to loss of utilizes, etc.). Business continuity framework (in support of SOC2 and ISO requirements) should be in place.
-
Now is the perfect time to optimize existing architecture or assess new (cloud-based) technologies
Test your BCDR plan at least twice a year otherwise you never know if it really works amid constant changes by IT.
COVID-19 isn't an isolated event but rather the largest outbreak to date that could forever change how we work in the future and propelling us toward an increasingly remote workforce.
And while the modern workforce has largely embraced the concept of remote work, there is no shortage of organizations who are firmly entrenched in the more traditional models of face-to-face, everyone should be in the office.
If the past few weeks have taught us anything, it would be the importance of establishing a solid business continuity plan as well as general "ground rules" aimed to establish a remote work program.
Even if an organization does not plan to allow remote working on a regular basis after the current crises has passed, it has become abundantly clear that it is wise to be prepared for unexpected situations rather than having to scramble for solutions, lose productivity, and have general chaos among your staff in the event of an emergency.
Preparedness isn’t only about business continuity plans, though.
Organizations should have a thorough understanding of everything that goes into making their businesses safe from unforeseen interruptions—having a network that can support increased traffic from remote sources as well as the security to keep it safe to having cloud-based communications and data storage options in place.