The coronavirus outbreak may have long term health implications for your organization that you haven’t even considered.
Businesses in the U.S. are shutting their doors and telling employees to work from home to avoid spreading the virus. It isn’t hard to find a news article that considers the economic implications of quarantines around the country, but you might be hard pressed to find much information about the compliance and security risks your company could be taking on.
Coronavirus is going to have a massive negative impact on the productivity and security of many organizations. Many companies allow employees to work remotely on an as-needed basis. But sending their entire workforce to work from home is an entirely different matter that introduces unique strains.
Coronavirus is just the latest business disruption, but major interruptions can occur at any time, for any number of reasons — including:
- Blizzard, hurricane, wildfire, or other inclement weather
- Flooding, power outage, heating/cooling problem in the building
- Bomb threat or terrorist threat
- Any other declared state of emergency
Whether you’re dealing with the COVID-19 outbreak or something more mundane, your organization may not be ready to handle a fully remote workforce.
Business Implications of Suddenly Going Remote
When everyone throughout your organization is suddenly working remotely and virtually, you need to quickly adapt your business operations to an unfamiliar format. It’s important to have a robust operational plan in place that’s already been thoroughly tested, to be sure your company can handle a sudden disruption.
When all your employees are working from home, be prepared for implications in the following areas:
- Business operations
- Network accessibility and security
- Compliance management
What do these implications look like for your business?
Stalled Business Operations
Many businesses have robust processes in place for maximizing their productivity. But those processes may rely on in-person interactions or manual procedures. For example, if your company uses a manual process to deal with change control approvals, that process becomes defunct when no one is in the building. There’s no process.
Take a look at your existing business processes. How many of them depend on in-person or manual activity? Take those processes and adapt them for remote work wherever possible.
Network Accessibility and Security
If your employees are expected to work from home, they’ll need the ability to connect to your system securely. For companies that haven’t encouraged remote work in the past, it’ll be a tough ask to implement that effectively and in short order.
There are several issues surrounding secure connectivity that you’ll need to work through, and then you’ll need to test your solution to verify that it’s robust enough for the demands your employees are about to place on it.
Your employees will also need access to the right equipment to make those connections. If they’re using their personal machines to log into your system, they could unknowingly introduce serious security risks — especially if their Antivirus or firewall software doesn’t meet your company’s security and compliance standards.
Even if your workers can securely access your system, their home networks may be slow enough that employees’ productivity is affected.
When a major interruption occurs, many organizations have a knee-jerk reaction to the crisis. Their first reaction is simply to get things done, not necessarily to do them right. The worst scenario in their minds is falling behind or halting operations.
If you’re just trying to get things done, your thinking becomes nearsighted, and you can unwittingly introduce long term threats to your business. People stop crossing their Ts and dotting their Is on mundane maintenance activities, such as patching and patch management. They’re focused on keeping operations moving. But that little slack can easily snowball, and it opens the door to bigger (and more expensive) security and compliance problems down the road.
When your company is facing a disruption, don’t compromise on maintaining the security and compliance of your organization in the mid-term. By all means, get through the initial push of getting configured for connectivity — but quickly move toward ongoing security and compliance measures.
Prepare Your Company to Go Remote
Many businesses can make the switch from an entirely in-person to a remote workforce. It just takes proper planning. Follow these best practices to get started on the right foot.
Adopt the right processes
Review your operational, security, and compliance processes. Are they flexible and robust enough to handle remote situations? Can your company stay strong from a security and compliance perspective? If not, modify them as needed so that business can continue virtually.
Use the right tools
You’ll need to keep your people as connected as possible while working remotely. You still need to have meetings and check-ins. Teammates need to work together, and direct reports will need to be kept accountable.
Use tools that make remote collaboration and offsite productivity easier. There’s a plethora of options, but some are better than others. Consider the security measures around the tools you adopt.
For TCT, one important consideration is the security of our conference lines. As a fully remote organization, we only use conference software that allows us to lock down a meeting. Otherwise, anyone with the right phone number or password could get into a sensitive call.
Make sure your people can connect securely
Don’t let your employees connect to your system with their personal devices. You can’t control what’s on their hard drives, and you don’t know if their computers have proper Antivirus and firewall software. Only allow company-issued laptops or workstations to access your network.
Also make sure that the networks they originate from are secure. There are several options that allow you to manage that, but none of them are quick and easy solutions. For example:
- Run your own internet connections to each location
- Use company-sponsored high-speed hotspots
- Distribute internal hardware firewalls to each person
Build the right infrastructure
Finally, make sure your infrastructure can handle all of your employees connecting into your corporate resources remotely. There’s a big difference between a few people working from home here and there, and all of your employees working full-time remotely. The load on your systems is exponentially greater, and you can’t afford to guess that your infrastructure will be alright.
Make sure you’ve got a robust infrastructure in place, and test it thoroughly. If you can’t handle that much traffic at once, nothing else will matter. You may need to employ some interim load balancing solution, or schedule workers on split shifts.
Maintain a Strong Business in Any Crisis
Whether it’s the coronavirus or a less dramatic event, business disruptions happen. You’ll rarely see them coming, so you’ve got to be as prepared as possible ahead of time. Put these best practices in place now and you’ll strengthen your company’s ability to ride out the storm — without risking your security and compliance health.
TCT’s mission is to help companies like yours weather the storms of compliance. Talk to us to see how we can help!