The evolving situation of COVID-19 is creating unprecedented challenges for Australian organisations. Our customers and the wider community are in our thoughts during this difficult time, and we would like to offer our extended support in any way we can.
Earlier this week, our Technology Consulting Manager, Glendin Franklin-Browne was featured in Hunter Headline, for his Expert Article which discussed how to assess your Business Continuity Plan during COVID-19.
We would like to share these recommendations with you now.
To assess your Business Continuity Plan during Covid-19, we recommend considering these 6 areas:
1. Do you have one?
A Business Continuity (BC) Plan is a comprehensive plan organisations use to reduce the risks and provide recovery options from potential threats that may disrupt operations. Potential threats generally include natural disasters such as floods, fires, earthquakes and hurricanes, and currently disruptions to operations due to the Novel Coronavirus (Covid-19) outbreak.
A BC plan should not be confused with a Disaster Recovery Plan (DRP) which focuses on the IT function. It should, however, be a company-wide plan that ensures written policies and procedures are in place across all areas of the business and tested.
The main goal is to improve responsiveness by employees in different situations and ease confusion by providing clear and consistent information.
Covid-19 holds a real risk of disrupting your operations, we recommend you assess your ability to enable and support a remote workforce.
2. Is your team set up to work remotely?
Whilst a lot of organisations already have the infrastructure in place to support some employees to "work from home", extending this across most or all of the organisation can be a very different matter. Here are some areas to consider:
- Hardware: Will you provide your staff with laptops, allow them to take home their workstation or set them up to connect via their home computer? Each scenario has its own set of considerations. We discourage companies from allowing staff to use personal (home) computers to access corporate system as these are often shared among the family and may open your organisation up to cyberattack scenarios you hadn’t previously considered or prepared for.
- Secure Connection: Ensuring a secure VPN (virtual private network) connection to your network is essential as an uncontrolled remote computer potentially creates other significant risks around cyberattack. Including a Firewall or a Unified Threat Management (UTM) device on the network adds an extra layer of security.
- Licensing: Do you have enough licences for staff to connect into your corporate systems? Security products such as the FortiGate device offer up to 10 free FortiClient licences which can be used to protect home computers, with the option to purchase up to 200 clients.
- Policies: It is important to provide employees guidelines around working from home, particularly if this is something you are enforcing across the business. What are the expectations for "working from home"? Are employees being conscious of security? Have the WHS (work health & safety) considerations be taken into account regarding ‘fit for purpose’ working environments? How can you ensure business as usual remotely with minimal productivity loss?
3. Can your team collaborate effectively?
Working remotely does not mean employees cannot communicate effectively.
- Microsoft Teams provides an effective digital work space allowing for chat, meetings, calls and collaboration. Meetings can also be recorded for your staff to catch up on at a later date.
- Other online web conferencing tools such as Zoom and GoToMeetings can provide effective meeting and collaboration spaces for the team.
- And finally, with a cloud hosted voice system, staff can seamlessly work from home. Implementing a software client such as Diamond Cloud (DCloud) Voice on to the computer, laptop or mobile phone will provide an experience similar to being in the office.
Investing in a headset and a webcam can make the experience more effective, however most mobile devices have built in speakers and webcams that are effective enough.
4. Can your team access their data
Microsoft's SharePoint helps you organise and share important documents in a secure, structured manner from virtually any device, providing your team with a familiar working environment while working remotely.
5. Is your remote connection secure?
With employees connecting remotely to your domain, ensuring a secure connection is vital. Multi Factor Authentication (MFA) is an authentication method which grants access to users only after two or more pieces of identification are confirmed.
Diamond’s MFA system is available at two levels of security, both of which boost your ability to protect your most precious resources – your data and the privacy of your staff and clients. Intruders no longer just need a username and password to access your resources, as there is always at least one more method of authentication.
6. Have you tested it?
Whilst most companies will have some sense of a Business Continuity Plan, most may never have had the time or resources to conduct testing.
Consider running a ‘Mock Incident Event’ to test your plans under controlled conditions. A mock incident enables companies to test their plans and consider changes or tweaks that can be added to ensure seamless activation and implementations when it counts. Diamond IT offers a solution to test and update your plans. We attend site and facilitate a mock incident to enable your incident response team to test their skills and plans under controlled conditions.
We are here to help...
Our goal to ensure your organisation remains safe and operational. Our Business Technology Managers (BTMs) and Technology Consulting team are here to guide you through making the best decisions around your Business Continuity Plan.
If you need our assistance, call us on 1300 307 907 today.