Every company has a thorough, longstanding, regularly-tested, and comprehensive business continuity plan, right? Probably not. In fact, 68% of small to medium-sized businesses have no form of business continuity plan at all, handling all of their continuity incidents purely reactively. We all know in the back of our minds that a significant incident will happen at some point, so it’s incredibly important to invest time and resources into planning for when that happens. Not only is advanced planning vital to maintaining operations, but it can also allow your organization to walk away from an incident stronger than ever.
Current events make business continuity planning more relevant than ever. With the growing concerns over the COVID-19 virus pushing more and more organizations to push employees to work from home, having a solid plan and proper tools in place will be necessary for success. Kinetix provides Business Continuity Planning services to all of our clients, but for those who have not yet taken us up on this service, here are some of the most important questions your business should be asking:
Secure and convenient systems for accessing company resources remotely is arguably the most important concern for any work-from-home arrangement.
Do you have reliable methods for remote access to critical resources?
Are instructions for remote access clearly documented and available for to all employees and contractors?
Are these systems configured with Single Sign-On and/or multi-factor authentication like with OneLogin to ensure bad actors aren’t using these same methods?
Are any of your resources hosted at your office or another site with low redundancy? What would happen if your office lost power or internet and no one was there to troubleshoot?
Can your infrastructure, such as your office firewall or VPN appliance, handle the load from increased remote access?
Are you leveraging enterprise-grade cloud filesharing tools like Egnyte that are built to handle the high load?
Do your employees have suitable equipment and WiFi at their homes to allow them to remain productive
Collaboration and Tools
Without face-to-face interaction, quality collaboration tools will be critical to maintaining high standards of communication.
Do you have a business-grade instant messaging client like Slack or Teams?
Do you have a reliable video conferencing tool like Zoom? If so, do you have enough licenses for frequent usage and simultaneous users?
Do you have a backup system in case your primary video conferencing tool fails due to increased demand?
Do users have the appropriate accessories at home, including webcams, monitors, cables, adaptors, etc.?
Are passwords to infrequently-used systems known by all users? Are user accounts and permissions configured appropriately?
Can users receive remote help from their IT team, 24/7?
Are you using a VoIP phone system that allows users to place and receive calls on their work phone numbers at home?
Your organization’s assets will be more exposed to physical security risks when accessed from new locations;.
Do you have a central device management tool like Jamf or Intune to ensure workstation logins have a strong password policy?
Do you have automated centralized deployment of the latest security updates and patches to all workstations?
Are network security monitoring and antivirus tools installed globally through a central device management system like Jamf or Kaseya VSA?
Are you requiring that all workstations be encrypted to secure them in case of theft?
Do users have access to privacy filters and/or webcam covers?
Can users encrypt network traffic via VPN?
Are users trained to save files to the cloud to avoid data loss? Are workstations backing up to the cloud?
Having all of the above tools and systems in place is great, but if you don’t have a formal, well-communicated plan, it doesn’t really matter.
Do you have a written business continuity plan?
Does the plan have a clear definition of a business continuity event?
Has the plan ever been tested?
Who decides when the plan goes into effect?
Has senior management recently reviewed and signed off on the plan?
How will you communicate that the plan is going into effect?
How will you QA employee practices to ensure the plan is being followed?
Advanced consideration of all these questions is incredibly important when planning for a potential extended office closure. Should you need any help assessing your organization’s standing on any of these recommendations, please reach out to your Client Success Manager.