Ensure Business Continuity is the New Normal
Before COVID-19 caught the world flat-footed, business continuity planning focused on resuming operations after a disruptive incident like a wildfire, earthquake, or cyberattack.
By design, these plans help the enterprise limp along until an electric utility restores service or you lease another office building. They address short to medium-term needs in the belief that long-term the enterprise will return to its pre-incident normal.
For the last month, we’ve all lied to ourselves. As stay-at-home orders were issued and then extended, we convinced ourselves that we’d return to business as usual next week, then next month, and now maybe in June. It’s time we all face reality. Until we have scientifically-proven treatments, a vaccine, and adequate vaccination coverage, social distancing and periodic stay home orders are our new normal.
If your business continuity plan accounts for a pandemic with a one-year business disruption minimum, we commend your foresight and beg you to lend us your crystal ball. Ours is broken. If yours doesn’t, don’t worry. You’re not alone. It’s not too late to elevate your existing business continuity plan and turn parts of it into a long-term operations strategy.
1. Adapt Your Organization to New Operating Conditions
Store all documentation, including playbooks and running sheets, in a centrally located platform and make it available to all team members remotely.
Review the response team’s roles and roster. Confirm all primary, secondary, and alternate are filled. Monitor each team member’s health. Ensure they have the necessary equipment needed for their duties.
Reach out to your customers. We cannot say this strongly enough. Your customers, clients, business partners, and vendors all need to know what services remain available, any new offerings, and how you plan to continue providing goods and services. Be visible.
Within the enterprise, introduce instant communications. Although these digital discussions will lack the personal touch of a business lunch or casual conversation by the water cooler, they will enable your employees to exchange ideas and keep your business moving forward.
2. Enable Remote Access Capabilities
The enterprise is only as secure as its weakest link. Remote work changes this equation. A highly trained expert will setup and maintain your enterprise network. Your CFO isn’t using that network. His teenage son set up his, and the password is “password.” You must treat every remote worker’s home network as if it’s public Wi-Fi. Trust nothing. Encrypt everything.
Secure all endpoints throughout the enterprise, including mobile devices, tablets, and laptops, by employing Unified Endpoint Management (UEM) or Mobile Device Management (MDM).
Adeya’s recent partnership with MobileIron combines our industry-leading collaboration solution with their best-in-class unified endpoint management platform. For more details, see Adeya and MobileIron’s strategic partnership announcement.
3. Prevent Social Engineering Attacks
Most workers view their home as a safe space. Working from the comfort of home, potentially for an extended period, extends this perception of safety into the work environment and may encourage some to drop their guard online, inviting hackers into the enterprise.
Before you sign off today, send all staff a targeted email that alerts them to the escalating cyber threat and tells them to remain hypervigilant about phishing emails and other suspicious communications, especially while working from home. Remind them about the recent cyberattacks targeting hospitals. If hackers target the institutions charged with saving lives during a global pandemic, they’ll target anyone.
Re-examine your cyber risk remediation strategies, particularly any data exfiltration scenarios, and extend them to include current and near-future remote work arrangements for employees and third parties.
4. Evaluate Impacts Throughout the Entire Value Chain
For many enterprises, the coronavirus pandemic means rapidly introducing new tools and technologies, continually shifting supply chains, and a dispersed workforce. Security and risk management leaders must understand and maintain cyber-resilience throughout the value chain while remaining flexible to current events.
Contact your major security vendors, ask about their COVID-19 response plans, and how it may impact their ability to provide services to their clients.
Verify how these vendors collect, store, process, and use data obtained from your enterprise and how they will ensure its security as part of their business continuity program.
Although many regulatory agencies are working from home with limited staff, they retain their ability to investigate past behavior and fine your enterprise for any lapses that may occur during this time. Adapt your existing compliance best practices to a remote work paradigm and encourage your employees to use these in their daily work. Prohibit unapproved apps and tools within the enterprise.
5. Implement Collaboration Tools that Respect Employee Privacy
Long-term business continuity requires communication and collaboration. Unfortunately, app providers do not always respect your compliance and security needs or your employees’ privacy.
Skip WhatsApp and Zoom and choose solutions tailor-made for the enterprise with the data control, compliance, security, and privacy features you require.
Make It Easy with Adeya
Adeya is a communication and collaboration suite with military-grade end-to-end and at rest encryption. It uses standard data channels—no 5G required—and runs on iOS 11+ and Android 6+ mobile devices and Windows 10, macOS, and Linux workstations.
Empower your employees with one-to-one calls and video calls, conference calls, videoconferences, messaging, notetaking, file sharing, image and video sharing, and voicemail. Enterprise-grade features keep IT in control of sensitive data. These include organization-wide password policies, auto-destruction and take-back, remote wipe, secure clipboard, secure backups, and robust role-based access. Online status and notifications help your communities stay in touch with each other. Intuitive group chats let them keep talking even after the video conference ends.
If you haven’t started your free Adeya trial, fill out this form, and we’ll be in touch within the next 24 hours. Follow the steps below after your trial begins.
First, get in compliance. Our applications are security-first and privacy-centric. We are GDPR-compliant out of the box. That said, login to the Adeya Management System and configure the audit trails, application logs, and other settings to meet both your regulatory and organizational requirements.
If you opted for our Swiss-based cloud, your installation uses military-grade encryption by default. You’re already secure. You don’t need to change any settings here.
If you’re deploying Adeya On-Premise, choose from a selection of well-known and studied cryptographic algorithms or install a custom cryptographic set, if desired.
That’s it. You’re compliant and secure.
Next, assign your community managers and let them begin building their virtual communities by sending employees invites with links to the private application store—another security feature. As your enterprise scales up its roll-out, extend guest invitations to business partners, including any outside attorneys and accountants.
When you do this, keep in mind that people do not like change. When introducing the app, stay upbeat and encouraging. Use phrases like “easier than WhatsApp,” “I like it better than email,” and “it even runs on my old phone.” If you’re speaking with an older or less tech-savvy individual, always offer a tech support phone number.
Our extensive usability testing indicates our app is highly intuitive and easy-to-use. That said, this is still a fundamental shift in how your enterprise communicates. Video tutorials, help hotlines, and printable how-tos will ease the transition and help everyone grow more comfortable with the mobile and desktop apps.
After a few weeks, examine your pre and post-pandemic operations and start thinking about rebuilding lost revenues. List out any confidential information typically exchanged with customers or clients during these pre-pandemic business activities. Then call your clients and tell them about what your enterprise is doing to return to normal operations and how your new app helps you protect their sensitive data. Once they’ve given you the go-ahead, send them a guest invite.
In today’s environment, business continuity does not and cannot mean limping along until we return to normal. Normal is at least one year away, probably longer. Business continuity means coming up with new ways to do old things. For now, we’ll sign legal documents online instead of in-person, plan our UIs by videoconference, and code from home.
Start your 90-day free trial today and prepare to weather any storm.