A lot of businesses, especially SMEs are currently under huge pressure from the coronavirus COVID-19 and the need to ensure business continuity during this disaster.
IT systems and data must be protected alongside users. There is an augmented risk of attack by cyber criminals with no moral compass, and setting up, managing and securing remote working is a huge operation.
I have worked on PR for IT companies for over 20 years and have learned how they support other businesses to carry on working in the event of floods, fires and storms and other disasters. So here is some advice that's hopefully worth sharing to ensure that you can continue operations.
1. Set up a dedicated team
Businesses should consider setting up a dedicated team that reports to senior management and takes responsibility for assessing and managing the potential impact of an external risk such as COVID-19. This team can monitor and respond appropriately to the steps put in place by relevant authorities in response to the issue or outbreak.
HR, IT, purchasing, procurement, security and legal representatives should form the team and establish and plan for regular and emergency communication with employees, customers and other key stakeholders.
In the case of COVID-19, monitoring should encompass local government and World Health Organisation (WHO) bulletins. Communication should include notifying and reminding staff of recommendations and travel restrictions and how they can contribute to preventing the spread of this outbreak.
2. Ensure a business continuity plan is in place
The dedicated team will call on or develop a business continuity plan which should cover factors such as mapping your locations, assets and operations, and identifying the critical processes you need to operate and what minimum resources are needed.
The plan should also take into account relevant legal and regulatory obligations.
3. Adopt backup and disaster recovery technologies
In the event of a crisis or a disaster the importance of data backup and recovery for a business becomes abundantly clear to ensure data is stored safely and securely if on-premise infrastructure is damaged or cannot be accessed.
A good disaster recovery (DR) strategy should ensure maximum security, accessibility, reliability and affordability and there are a number of different data backup solutions – from cloud to on-premises - available so it’s important you select the options that best suit your company’s requirements and budget.
4. Ramp up cybersecurity
Unfortunately, cyber criminals will take advantage of a crisis. Phishing emails and ransomware attacks today may have a coronavirus theme, for example. Attacks may occur as the number of endpoints extend with remote workers accessing corporate systems and devices away from business premises and even on non-business owned devices.
Either internal IT departments or IT Managed Services Providers (MSPs) should work on keeping systems up-to-date and patched.
Many companies already need to ramp up their cybersecurity, so this crisis will probably increase the implementation of security systems and software and educating staff on security awareness.
5. Be ready for remote working
Remote working has been a growing trend for some years. Over the coming months it will become essential for some businesses as non-essential travel is restricted.
SMEs should consider whether the technology and equipment used for remote working is reliable and whether further measures are necessary to maintain customer confidentiality. When putting a remote working plan in place, SMEs should ascertain whether all users need full access to all systems and what levels of connectivity is available via home internet bandwidth.
Either internal IT departments or Managed Services Providers should be able to advise on technology, tools and cybersecurity protocols. They may need to look at the number of virtual private network (VPN) licences and licensing for remote collaboration products like Microsoft Teams might need to be obtained.
Robust phone systems are necessary for remote employees and we predict a rise in the adoption of Virtual PBX. For those without expertise, a Managed Service Provider or telephony supplier should be able to support set up and implementation.
6. Consider using a managed services provider
Managed Services Providers provide an array of IT services and act as an outsourced IT department. An MSP can support internal IT department that may be overwhelmed. On a day-to-day basis, MSPs deal with IT issues including backups, supporting remote working and moving to the cloud when businesses can no longer access hardware.
Cost may feel prohibitive, but outsourcing your IT demands can be scaled to your budget, and is often based on a fixed cost solution without the pain points associated with the complex recruitment process.
MSPs can also reduce costs through their solid working relationships with industry software partners. They’ll also be the first ones to know of any updates, patching requirements, or new products that become available in the market. This can be crucial as working patterns change dramatically.
One of the overriding benefits of choosing a complete managed IT service provision is the freedom it creates to move away from the responsibility of IT and cybersecurity entirely and to concentrate on business continuity and revenue generation.
7. Deep clean equipment
IT equipment is a huge harbinger of germs and it can be neglected with normal housekeeping protocols. It’s important to provide staff with the right equipment for disinfecting hands and their equipment.
In a recent survey into the State of Technology at UK SMEs 59% of respondents had said they were planning to increase the use of collaboration tools, 57% wanted to accelerate the adoption of cloud computing and 55% were looking to invest in better backup and disaster recovery solutions to ensure business continuity.
Today, these figures will probably increase as SMEs are forced to ensure that business productivity and profitability are supported by flexible and robust IT systems. This is why we recommend a dedicated team to address this crisis, a business continuity plan, disaster recovery and remote worker technology implementation, and the engagement of experts if required. These approaches combined with cybersecurity awareness can help to mitigate the business impact of any crisis.