Everywhere you look things are not the same. We're protecting ourselves through masks, social distancing, hand sanitizer, and disinfecting wipes. A global pandemic impacts everything about who we are, how we interact, how we work, and where we're working from. We're told this is the "new normal", but nothing seems normal about it at all.Stepping back, I'd like to say the term "Business Continuity" has taken on a completely different view from before. But for those who don't live, eat, breath, and yes even sleep IT, I'm not sure this concept has really sunk in yet.
Similar to how the pandemic has become a wake up call for each of us individually around how we're approaching the security of our own personal health, businesses to should be changing their approach in regards to how they're preparing for business continuity.
Most of the lessons learned here revolve around business continuity - in different ways. Here are 5 key lessons learned from the global pandemic when it comes to technology for the small business community:
1. work from home increases cybersecurity THREATS
As far as cybersecurity goes, we used to say it's not if you're going to be hit, but when.
With more and more knowledge workers working remotely (let alone on their own personal computers), the cybersecurity landscape has changed dramatically over the last few weeks - and not in a good way. The network that was once easily controlled and protected within the four walls of your office has now been spread out across an almost uncontrollable landscape.
Failure points abound - again, especially with how many businesses are leveraging their staffs' own personal home computers. In this case, here are some simple questions to ponder:
- How are these machines being patched?
- Are they being patched?
- Do they have adequate anti-virus protection on them? Are they kept current?
- Are they connecting to your office via a VPN (a Virtual Private Network)?
- Are all of your network resources protected with Dual-Factor Authentication
- What other devices are on their home network?
- Is their home network secure?
- Is their home wireless access point secure?
These are just some of the questions that run through the mind of a network security professional managing this pandemic cybersecurity landscape!
When considering how to secure all of your remote end points, it's critical to note that the mere fact that computing resources that you don't control are being utilized to access your systems and data that you do - and are responsible for. This alone creates a myriad of issues. And one of the main issues relates to one of the main failure points when it comes to cybersecurity - the human factor.
Don't be lulled into a false sense of security because your users are connecting to your network via a VPN. This is but one component of securing a remote workforce.
People fall for things. And scams abound. And it's difficult to protect your data and your network when it's someone else's machine located outside the four walls of your office. But this doesn't mean you can't nor shouldn't. It's your network. It's your data. It's your responsibility to protect it all.
This (securing remote workers and their local computing resources) should be a key lesson learned from this pandemic. And an action item that should be addressed long before everyone returns back to the office!
2. ON-PREMISE reliance is a gaping hole
Many businesses still have servers running key line of business applications and file storage served up locally from within their offices. This has created a false sense of security among these businesses that because they were able to (easily) move to a remote work from home paradigm, their approach to business continuity came through. Unfortunately, this is NOT the lesson to be learned here.
Imagine for a moment that on top of the pandemic, we where hit with a large scale local disaster - ie: a fire, flood, or earthquake - which took out your office location. Now imagine all of your remote users (working from home) now suddenly are unable to connect to anything because your core network isn't accessible. This is very much a possibility and should be something that's planned for.
I would hope that the concept of "Business Continuity" gets moved up the priority list and becomes a real and meaningful action item over next 6 - 12 - 18 months. Even though we're not yet out of the woods as far as this situation goes, as business leaders, we need to be thinking about what we need to do to prepare for the next business interruption.
To me, the consideration around moving core infrastructure to the cloud AND making this a real action item is a critical lesson learned from the current pandemic.
3. THE DISruption of the supply chain AFFECTS everything
We've seen what a disrupted supply chain does to our food supply and paper goods (remember hoarding of toilet paper?). At the same time, the disruption of the supply chain has also impacted computer systems and peripherals. We're only now seeing the availability of laptops and webcams come back to being available.
This (disruption) needs to be considered and planned for ahead of time. This needs to be a key component of any Business Continuity Plan (BCP).
- What do we think we're going to need that we don't have now?
- Should we have spare computers on hand - just in case?
- What peripherals will we need?
- What will we be doing differently and what will we need to support these efforts?
We've come to learn that part of effectively planning for business continuity means taking certain actions above and beyond just planning before the interruption for the things we won't be able to get during it.
4. MANUAL processES need to be minimized
Losing access to your office and losing the ability to work side by side with your coworkers changes how you do what you do. For many businesses and in a lot of ways, we've seen that we can still function for the most part remotely. However, there are still certain manual processes that, if not planned for, can really inhibit the ongoing business operations. Things like:
- Bank deposits
- Signing checks
- Sending and receiving mail
- Sending and receiving packages
These are all things that need to be considered when building out a BCP. The more you can plan around automating or virtualizing as many of these processes as possible, the better your business will operate during a disaster.
5. microsoft teams is game changer
While Zoom gets all the press, Microsoft Teams is the real game changer for business.
Teams combines collaboration tools with video conferencing software. The communications platform allows MS Office users to share files, conduct conference calls (both audio as well as video), and initiate or join a group chats. And the integration with MS-Outlook makes the system that much more easily adoptable.
As we moved to a remote workforce, the need for communicating frequently has only increased and now more than ever it's critical to leverage tools to help us do things better than before. This means looking at how we do what we do differently. And Microsoft Teams is just that application.
The most successful way we've seen Teams positively impact our clients is when they approached this new way of working with an open mind. It not only means looking at how we did things , but also how we can do them differently - and better! Redesigning work flows, access to information, and changes to communication structures utilizing technology is new and different for most people. This means rethinking how you work to improve productivity in ways never thought of before. Think of it as a digital transformation of an office space.
Leveraging Teams is definitely one of the positive lessons learned.
Here’s an upside of the outbreak — having a remote workforce (even if ultimately, only partially) is going to be the new normal. The pandemic will significantly reshape how global enterprises work and accelerate long-term acceptance of remote work policies.
At the same time, cybersecurity threats are new, different, and there are more of them. Moving to the work from home paradigm has only increased the threat vectors. And not having a thorough Business Continuity Plan addressing each of the items above will only short change your business.
If there's one thing we've learned from this pandemic, it's that we need really, really need to take Business Continuity Planning to a whole 'nother level. A valuable lesson for executives is to now assess the high-priority risks and address them as soon as possible before the next business interruption hits.
Are you looking at your BCP differently now than before? Has this pandemic been a BCP wake up call for your organization? At a minimum, are you securing your work from home end points ensuring they're fully secured? Please share your thoughts in the Comment box below or shoot me an email if you'd like to chat about this in more detail.