This post first appeared at MHA Consulting
By RICHARD LONG
The coronavirus pandemic presents health challenges not only to individuals but also to a company’s IT systems. In today’s post, we’ll look at six areas of your IT program where you should do a wellness check to make sure everything related to information technology at your organization is functioning as it should.
In addition to posing serious threats to public health and to your company’s workforce, the COVID-19 pandemic is causing unprecedented challenges for IT systems across all organizations.
Some of the challenges are caused by the distractions of the pandemic. Some are brought about by having large numbers of people working remotely for an extended, indefinite period.
This unprecedented situation poses challenges and opportunities for IT that people are just beginning to consider or come to grips with.
The Old Problems Are Still Our There
If I could share one point with managers of corporate IT shops in terms of adapting to the pandemic, it would be this:
The pandemic did not replace your previous problems. It only added to them. The old problems are still out there. Now you have to manage the new tasks (supporting a large remote workforce for an extended indefinite period), plus all the old tasks (change management, security, projects, etc.).
Furthermore, if you’ve been putting off doing your routine tasks to focus on sorting out your remote work solution, you need to begin moving past that. It’s time to start walking and chewing gum at the same time. You need to simultaneously manage your remote work solution and get back to doing everything else that’s needed to keep your systems secure and running well.
Just because we have the pandemic doesn’t mean cybercriminals, maintenance needs, human error, and bad luck are taking a vacation. They aren’t. In fact, some of these things are likely to get even harder to contain in the new environment if we are distracted.
Conduct an Information Technology Wellness Check
For these reasons, I strongly suggest you conduct an IT wellness check.
To conduct such a check, look at the following six areas of your IT program to make sure that you are doing what must be done to make sure your systems can meet the moment and that they remain optimized, secure, and resilient.
1. Change Management
A review of your current change management state is in order. We have seen two conditions during this time: some organizations are freezing changes to limit potential outages and ensure all business functions continue. Others are relaxing change to ensure the nimble and flexible support of needs. Should you make adjustments in the way you manage change given the current situation and unknown future? Some companies have required previous pre-approved changes to go through the change board. If change management at your organization remains in an exceptional state, review the current need and adjust to allow for continued movement forward.
2. Maintenance Activities
Most organizations continue to patch and maintain their systems, but we have heard of somewhere maintenance has been postponed because the IT staff has been occupied in adapting to the pandemic. During your IT wellness check, maintenance activities should be reviewed for potential risks, but they should be carried out. Failure to properly maintain and patch systems increase the risk of malicious attacks against systems, applications, and end-user devices. Increased concern about the use of personal devices for business activities is warranted. An infected device is a risk even if a VPN is in use. Moreover, many employees access web services outside of a VPN, regardless of what the company policy says. Access to Office 365, Google, and other cloud-based services can be and probably is being accomplished with personal devices. Does your organization have a policy on anti-malware usage for personal devices? Should it? Obviously, you should definitely continue performing security updates.
3. Remote access support
Conduct an assessment of what your organization needs to work remotely over the long term. For example, you might need to provide people with headsets or find ways that they can print high volume, long, or sensitive documents. Looking ahead, if there is a phased return to work, the IT shop might need to simultaneously support a group of people working mostly at home and a group working mostly onsite. What will this entail for your organization?
4. Cloud provider capabilities
Review your provider’s current plans and capabilities. Cloud providers are going through the same thing as every other company in terms of the pandemic and working remotely. Your provider is probably dealing with the same challenges your organization is in terms of network connectivity, staff availability, collaboration software, and employee distractions. This is especially true if they rely on third parties to support them.
5. Security
In conducting your IT health check, pay special attention to security issues. Consider the possibility that company devices might be used by non-company personnel (family members using them to surf the web, for example). With so many people working at home, the potential for non-employees to view confidential information onscreen or in a printed document, or overhear private conversations, is greatly increased. Should you conduct security training and raise awareness to better protect your company’s private data? You should also continue your anti-phishing campaigns, remembering that scammers are already trying to exploit people’s concern about the pandemic.
6. IT/Disaster Recovery and Resiliency
Are you prepared to support any major outage remotely? Can your remote workforce access any alternate site from home or does that require special access? Does your DR solution site have a sufficient number of remote access licenses? What is the state of your cloud-based services DR position?
Conclusion
The coronavirus pandemic poses challenges not only to public health but also to a company’s IT systems. The pandemic has not replaced our previous problems as IT/DR and business continuity professionals; it has only added to them. Even in the current environment, it’s vital that you continue performing your regular IT tasks. To make sure your IT systems stay healthy, perform an IT wellness check looking at the areas of change management, maintenance, remote access support, cloud provider capabilities, security, and IT/DR, and resiliency.
Further Reading
For more information on adapting to the pandemic and other hot topics in business continuity and IT/disaster recovery, check out the following recent posts from MHA Consulting and BCMMETRICS:
- Working Remotely over the Long Haul: Living with COVID-19 as a Business
- Ready or Not, Here It Comes: 5 Steps to Protecting Your Company Against Coronavirus
- Telephone Train Wreck: Crisis Call Chaos in the Time of COVID-19
- When the Quarantine Ends: How to Be Ready to Reopen Your Company
- The Plan that Time Forgot: The Importance of Protecting Your Business Processes
- Mark My Words: Commonly Confused Business Continuity Terms
Richard Long is one of MHA’s practice team leaders for Technology and Disaster Recovery related engagements. He has been responsible for the successful execution of MHA business continuity and disaster recovery engagements in industries such as Energy & Utilities, Government Services, Healthcare, Insurance, Risk Management, Travel & Entertainment, Consumer Products, and Education. Prior to joining MHA, Richard held Senior IT Director positions at PetSmart (NASDAQ: PETM) and Avnet, Inc. (NYSE: AVT) and has been a senior leader across all disciplines of IT. He has successfully led international and domestic disaster recovery, technology assessment, crisis management and risk mitigation engagements.
