In these times of extreme crisis, businesses must go back to the basics. And that means understanding how to provide the best-in-class customer service, taking care of employees, and being resilient to this disaster. These all revolve around making sure that your business continuity is up to snuff. While it is possible that you may not experience any disruption, you might as well plan ahead because business disruptions can come in many forms.
In the “old days,” business continuity usually meant doing disaster recovery drills and setting up duplicate data centers that could come online in case the main data center was unavailable for a period of time. Those days are behind us now. Today, we are living in different times, and we must think of continuity in a new light. The notion of having “headquarters” staff working at your “main data center” takes on different meaning.
Let’s take a step back and see how to frame things and prepare properly. Bob Moore has been involved in numerous startups, including Stitch and RJMetrics. He writes about what he has learned about building resilient businesses and has a longer-term vision that is relevant in today’s context. Moore recommends that you adjust your product offerings to changes in market dynamics and test your assumptions constantly, along with creating a remote-friendly work environment. This is essential, especially as companies are quickly moving towards 100% work-from-home (WFH) operations.
To get you thinking about these issues, check out what Slack’s CEO Stewart Butterfield has documented in this Twitter stream on what Slack did internally as it made its own transition. There are a lot of moving parts to consider.
At the core of continuity is ensuring that your processes, applications and data are intact, no matter what happens to your Internet connectivity or your servers. Do you even have a current list of your business-critical applications? Probably not. Just look at any of the number of ransomware victims over the past year: how many of them couldn’t get their systems restored because they forgot to do backups of one or two of them? We now have more complex IT operations, and what’s more, they are happening on a larger scale. That means solving potentially more complex problems.
Here are a few steps I’d recommend taking to improve the continuity of your business:
1. If you have a disaster recovery (DR) plan, examine it carefully or have a third-party audit of it to ensure its currency and viability with a 100% WFH staff. Figure out if you have missed some critical database or forgotten some improvement that was done after you created your last DR plan. The point of this exercise is to find out where your weak points exist, and to fix them. As Tim Bonno, Executive Director of the St. Louis-based Reinsurance Group of America, said in an old blog post, “learn from the experience what worked well and what needs improvement.”
2. Can your IT staff create a solid collaborative environment from their home computers? This is not a rhetorical question, because moving everyone out of their offices takes on several dimensions:
a. Having the right hardware configuration of screens, microphones and webcams. Just because everyone has their own laptop doesn’t mean they can use it effectively. Many IT workers have docking stations with multiple monitors: trying to do a web conference and run commands on a bunch of different remote servers can be very frustrating when this is being done from a laptop with an 11” screen. You should develop policies and deploy this hardware now.
b. Having the right software collaboration tools. Standardize on providers for video conferencing (this is why you need a solid microphone from the first point – nothing can frustrate a group conference more than poor audio quality), remote access tools, and file sharing services. Moore insists that every meeting should be scheduled with an associated web conferencing link and that “there can be no assumption that an attendee will be there in person.” You don’t want to encourage ad hoc solutions that depend on personal Dropbox (or equivalent) accounts because you haven’t put all of this together.
c. Are you missing some critical tool that needs to be on your home-based workers’ laptops from the audit done in step 1? Chances are you forgot something that is taken for granted because your IT team is office-bound.
d. Training your help desk to reflect this new environment. Part of this training effort is using your existing cadre of remote workers as mentors to spread the knowledge to the newbie WFH’ers. There has been a lot written on how to develop the socialization side: Check out this piece in the NY Times with some other helpful suggestions for how to set up your personal space along with some other suggestions from a blogger on how to interact with your family during the workday.
3. Finally, re-evaluate after 30 days to see what is working and what needs adjustment. You probably won’t get everything right initially. Learn from your mistakes and be flexible.
This current disruption, triggered by an outbreak, can be a learning lesson for organizations and a catalyst for change. It can be the start of many conversations we need to have on how to better navigate towards improvements in business continuity and resiliency.
This post was sponsored by RSA, but the opinions do not necessarily represent RSA's positions or strategies.
# # #
Author: David Strom
Category: RSA Point of View, Blog Post, Industry Perspectives
Keywords: Business Resiliency, Resiliency, Cyber Resiliency, Business Continuity, Digital Risk, Digital Risk Management
David Strom is an independent writer and expert with decades of knowledge on the B2B technology market, including: network computing, computer hardware and security markets. Follow him @dstrom.