The global health crisis of 2020 hammered home the importance of having a business continuity strategy firmly in place before you need it. Even businesses with well-established plans for continuity and recovery were caught off guard by the unprecedented level of disruption the COVID-19 pandemic caused.
The mass pivot to a remote workplace exposed weaknesses in some organizations’ security infrastructures; others were unprepared to move operations to a 100% virtual environment. Few businesses had a solid plan for continuing operations with a large number of key staff incapacitated for a prolonged period.
Any one of these events would put your business continuity plan to the test, but in 2020, organizations around the world were grappling with all of these—and often much more—simultaneously.
Where Pre-Pandemic Business Continuity Plans Fell Short and How to Repair the Gaps
Traditional business continuity plans include eight key components:
- Trained business continuity and disaster recovery team
- Business impact analysis
- Risk analysis and mitigation
- Threat-specific response plan
- Internal and external communication plan
- Business continuity technology
- Testing and training
- Regular continuity plan reviews and updates
When COVID-19 hit, many businesses became suddenly and painfully aware of major gaps in their business continuity plans. As we emerge on the other side of the pandemic, addressing these shortfalls is a top priority for IT teams.
IT professionals identified needs for improvement and expansion of business continuity plans in the following four areas. The good news is that each of these gaps can be repaired to mitigate future risks.
1. Workplace Health and Safety
In regions with high numbers of COVID-19 cases, businesses struggled to balance employee safety with productivity. Some industries opted to shut down operations altogether over virus-related concerns.
Going forward, business continuity strategies will need to take into account a broader range of public health risks and incorporate improved plans and processes for workplace safety, including:
- Illness policies
- Workstation configuration
- Flexible/staggered schedules
- Remote/hybrid work options
2. Mobile-First Emergency/Incident Notification Strategy
When offices closed en masse, communication became a major challenge for both clients and employees. With no one on-site to field calls, it was difficult to efficiently disseminate information.
Updated business continuity plans are introducing a mobile-first communication strategy to ensure that no matter where stakeholders are located, they have access to updates and alerts through multiple digital channels, such as:
- Voice messages
- Email alerts
- Push notifications
- Text messages
The primary purpose of a business continuity plan is to ensure operations are restored quickly after an outage or disruption. The coronavirus crisis identified critical gaps in key components of many organizations’ strategies, including the business impact analysis and threat-specific response plan.
This reality check prompted process improvement updates, such as revising the inventory of essential and nonessential functions and training backups for all critical roles within the company.
4. IT and Technology Support
Ransomware operators shifted into overdrive during the pandemic, putting IT security teams on the defensive. The increase in cyberthreats also pinpointed new and enhanced vulnerabilities introduced by the huge increase in remote workers.
Post-pandemic business continuity and disaster recovery strategies are laser-focused on cybersecurity and data protection with new IT policies and technology solutions for:
- Secure VPN and RDP, two of the most popular attack vectors
- Remote work environments, including laptops/office equipment, shared devices, mobile devices, and personal use of business equipment
- Enhanced security awareness training focused on securing remote workers
Planning for Business Continuity in a Post-Pandemic World
As the COVID-19 pandemic began to subside, the business world’s collective mantra became “Expect the unexpected.” Doing business during a pandemic brought to light gaps in continuity and security processes that would have otherwise gone undetected.
Incorporating the four enhancements discussed above into traditional business continuity strategies will help ensure organizations are better prepared for unexpected threats, unlikely risks, and unforeseeable global disruptions.
Download “Smart Strategies for Business Continuity” to learn more about safeguarding your business operations against downtime and data loss.