Pandemic Planning Critical for Technology Security
Was your organization ready for the COVID-19 pandemic? Did the rapid shift to working from home leave you and your employees flat-footed?
Companies have had to scramble to prepare for remote work, equipping scattered staff members with technology support while ensuring that files and apps are accessible, secure, and operational. Meanwhile, employees are grappling with new tools like Microsoft Teams and Zoom, which are used increasingly for videoconferencing and collaboration.
For companies that were well organized and had a crisis plan in place, there was a smoother transition with minimal disruptions. However, other businesses needed to scramble, grappling with massive disruptions that derailed employees and business operations.
It’s a stark reminder for the need for comprehensive pandemic IT planning.
What Are the Steps Necessary to Prepare a Pandemic Plan?
Pandemic planning is an important task, requiring careful and thoughtful discussions of various contingencies, roles, and responsibilities. A 2018 Forrester study (no longer available online) showed that organizations had adopted strategies as part of a business continuity plan. Eighty-eight percent, for example, had planned for providing employees with remote access to technologies that allow for remote work.
Here are the three steps Forrester suggests taking to begin your pandemic planning work:
- Appoint an executive sponsor and planning team. The team should include representatives from strategic areas within the organization, including IT, human resources, finance, legal, facilities, and lines of business. The group’s charge should be clearly defined, and the organization should ensure that during a pandemic, when concerns about safety and family are prevalent, there are arrangements to provide updated public health information, child care alternatives, and accommodations if needed.
- Complete a business impact study. Understanding how to respond during a pandemic requires an understanding of critical business operations. A business impact study identifies crucial business processes, operations, supply chain, and partner relationships and impacts of disruption on each area. For example, the assessment may reveal that, in a pandemic, your business needs backup suppliers for critical components. The exercise helps you prioritize the relationships and assign staff to those relationships during a crisis.
- Create and update your pandemic response. Consider the challenges your business faces in a pandemic. Communication is likely among the most critical, keeping employees, suppliers, customers, stakeholders, and partners apprised of updates throughout the incident. Your organization may need multiple communications channels — emails, social media, websites, mail — to communicate effectively and broadly. Another critical area is IT operability. Be sure your response plan includes ways for employees to access data, applications, phone, email, calendars, collaboration suites, videoconferencing, and teleconferencing. Your plan may need to be modified to respond to demands for remote access to infrastructure and systems, using tools like VPN and multi-factor authentication to protect systems
How Can I Keep My Business Secure During a Pandemic?
Security is critical. Here are some tips for how to prepare for the next pandemic so that your systems remain protected:
- Prepare early. Review your plans regularly from an information security perspective. Assess risks and vulnerabilities to physical and virtual assets with a reduced, remote workforce
- Create an ‘intelligence baseline.’ Information is at a premium during a pandemic. Identify valid sources of information and forge relationships with them to maintain a consistent source of information from which decisions can be made.
- Coordinate your response. Make sure your staff and stakeholders are clear on roles and responsibilities, many of which may be different during a crisis.
- Test the system. Stress test the possible scenarios and adjust plans accordingly.
Atlantic-IT.net delivers cybersecurity solutions to companies in New York, New Jersey, Pennsylvania, and throughout the United States. Let us help with your strategic pandemic planning and managed IT needs. To learn more, contact us today.