4 Steps to Ensure Business Continuity Post COVID-19

In the world before COVID-19, business continuity planning (BCP) for certain organizations fell short of adequately preparing for vast physical disruptions. Those in charge of BCP typically prepared for earthquakes, terrorist attacks and fires. But it simply never occurred to most people that a global pandemic could impact nearly all business as we knew it, forcing organizations to pivot protocol quickly.

Data backups, inventories, redundant locations and distributed supplier base were usually included in business continuity plans. But few companies likely had a plan in place to ensure a consistent, uninterrupted shift to fully remote work that could span a year or longer and affect both a company’s underlying infrastructure as well as its employees.

Simply put, it was assumed that in the case of a physical “emergency,” employees would be moved to a safer location—but few could have predicted this location would need to be 100% virtual well into 2021. In this article, we discuss how to ensure business continuity post COVID-19 so your company can avoid further disruption in case of future events.

1. Enable a Virtual Workspace

All signs point to a critical need to cater to a full virtual working environment. This environment must enable an organization to pivot easily to a 100% remote plan if in-person contact must be limited due to another health emergency, or if a natural disaster or similar event occurs that prevents people from working in the office again.

In early 2020, business leaders were left with no choice but to shift operations to a fully remote model due to COVID-19. Interestingly, they discovered that most daily tasks could continue as usual. In fact, just about any organization can ensure continuity by rolling out:

A bring-your-own-device (BYOD) policy to include, at a minimum, personal laptops and tablets. It’s essential to offer people myriad ways to access their work while working remotely to avoid productivity loss or the need to invest in new, expensive hardware for employees.

Remote access to critical applications. Without this, people cannot carry out the responsibilities of their role and cannot be productive.

Virtual solutions that enable any employee in any position to work securely from home. These include virtual desktop infrastructure (VDI) solutions such as Parallels Remote Application Server (RAS), which we’ll discuss later.

The mobility infrastructure at most enterprises is meant for occasional remote working (not a completely distributed workforce), so remote access is often limited in its permissions and bandwidth for security purposes. That will no longer work for obvious reasons, so careful consideration of viable collaboration and remote access tools is imperative.

As companies extend remote working to ensure business continuity, security risks have bubbled up as a primary concern. The shift from a fortified corporate landscape to more vulnerable offsite solutions is giving cyber criminals new pathways to wreak havoc.

According to a survey by Barracuda and Censuswide, among global businesses that are working remotely today:

46% have encountered at least one cybersecurity scare.

51% witnessed a rise in email phishing attacks.

49% expect a data breach or other threats in the coming months.

With more than half of businesses moving their critical data to cloud-based models, there is a greater need than ever for virtual solutions to include stringent security measures. It’s no longer an either/or scenario—it must be a package deal.

2. Rethink Physical Operations

For companies whose employees conduct much of their work from computers at their desks, operations can be moved to a remote model quite easily by way of laptops and tablets, a secure internet connection and the right virtual access solutions.

But what about physical businesses that rely on heavy machinery or equipment that cannot be easily transported, such as those in manufacturing, retail and healthcare? Many of these businesses are considered essential and must stay open during a global health crisis, albeit with new safety procedures in place.

The most important thing for these businesses to implement is flexibility. Focusing on essential operations only, investing in employee morale and ensuring there is personal protective equipment (PPE) in place is key. Those companies that can staff fewer people, while running at full capacity, are poised to minimize exposure while still keeping their doors open.

Many organizations have adopted machine learning solutions to gap-fill processes historically filled by humans. Employing chatbots for general customer queries, for example, and eliminating the need for employees to respond to every phone call or web form fill can help businesses pivot during tough times. For short-staffed employers, or those working with physical space limitations, this tactic can save money and ensure a consistent end-user experience.

Divvying up work (when possible) across multiple locations (if your company has them) can also keep operations running when lockdowns or reduced capacity are mandated. For instance, while some countries were hit hard during the onset of the pandemic, they recovered rather quickly, while in other countries, recovery has lagged, making “business as usual” nearly impossible. While ideally a Business Continuity and Disaster Recovery Planning should be implemented consistently across business locations, there may in fact be geographical or regional differences that enable locations to operate slightly differently (e.g., if one location hasn’t been affected by a disruption as greatly as another). As such, it is important to empower mid-level leadership to make decisions that are most effective for the locations for which they are responsible.

3. Consider Creating an Emergency Operations Center

Disaster event planning usually calls for the setup of a command center or emergency operations center (EOC). Keep in mind that during a communicable disease outbreak, an organization may need to (re)locate the command center away from its originally planned designated area.

Regardless of location, the center is there to manage support services and infrastructure. This may include supplying essential items such as laptops and phones, or even food and water.

If not already developed and maintained, a current list of vital records, documents, systems and databases should be created. This may include contracts, patents and intellectual property, leases, policy manuals, quality assurance records and more. Hard copies of vital records or documents should be current at each facility as well.

The next step is to determine what functions and services are most important for your company to provide (along with what may be postponed), and then map out a plan for how to proceed with the most critical operations. To determine what is critical, ask yourself the following questions:

How important is a function (e.g., 24/7 phone support) to your overall business?

Could you lose clients/customers if this function is not provided in a timely manner?

Could there be significant revenue loss if this function is not performed?

How long can a business function or customer service be delayed before there is an adverse effect?

Could a service disruption lead to a loss of client/customer confidence and the business?

Next, consider diagramming your workflows to visualize all the dependencies. These dependencies may shift over time, so be sure to think ahead: three, six and nine months. Also, consider putting plans in place for near-term and long-term damage control—how will you communicate with customers who are unhappy with a disruption or delay in service?

While the immediate loss may only affect the livelihood of your workforce and/or your bottom line, a longer-term loss may include more vital facets of your business health, such as reputation and client/customer base.

4. Amend Security Protocols

As mentioned earlier, security protocols are one of the key items that must be amended to cater to the possible need for full remote access across a distributed workforce. In addition, adhering to data protection standards like the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA) are critical to the long-term health of many businesses.

Remember when a solid lock and security system (e.g., cameras with remote monitoring) gave business owners peace of mind? Those days are long gone. In our new world, physical walls don’t matter, and businesses are not concerned primarily with damage to property or petty theft.

Instead, the most valuable commodity is data. Security today generally falls to Chief Information Security Officers (CISOs) in larger organizations, and IT administrators or managers in smaller ones. Both are in the position of approving remote access to their company’s most valuable information.

CISOs, IT administrators and BCP managers must consider and adopt a range of solutions to protect their data. This includes embracing a new way of thinking about identity and access management, as well as redefining security protocols especially around device support and data access. Business of every size and type, including schools, governments and nonprofits, must be vigilant about data protection.

As companies extend remote working to ensure business continuity, security risks have shifted from the fortified corporate landscape to more vulnerable off-site areas. But curiously, while more businesses have reported experiencing a breach or the potential for a breach, cybersecurity spending is down. As noted previously in this article, Barracuda surveyed the market and revealed that 40% of businesses have cut their cybersecurity budgets to save costs. It is an odd move, since more than half of the workforce are not professionally trained to handle cyberattacks.

That said, Gartner foresees an increase in cloud security, which agrees with Barracuda’s finding that 53% of businesses are moving their data to cloud-based models. Unfortunately, 85% of IT professionals have expressed concerns on the vulnerabilities of remote cloud environments.

That is where a solution like Parallels® Remote Application Server (RAS) makes a real difference.

The Impact of Parallels RAS on Business Continuity Planning

The reality is that full-time remote work was already trending pre-pandemic; COVID-19 simply accelerated the process and amplified the need for ongoing support. Parallels RAS is a textbook example of how virtualization, when done right, can help businesses maintain continuity in the best and worst of times. This is because Parallels RAS is designed to:

Bridge the gap between physical and virtual workspaces.
Enhance data security to align with amended security protocols.
Increase the service delivery of IT operations to support a disparate workforce.
Simplify deployment, configuration and maintenance of critical technologies.

Simply put, Parallels RAS facilitates the cohesive delivery of server-based desktops and applications, and backup of endpoints, to connect employees to their work no matter where they are working from. The flexible architecture enables organizations to address business demands in real time, and adapt quickly to continuous workplace changes, making it easier to connect the dots when rethinking physical workspaces.

With Parallels RAS in place, organizations can auto-scale their IT infrastructure, mix and match different technologies (such as Windows Server OSs, hypervisors and hyperconverged solutions) and manage multi-cloud deployments centrally, so that with or without an emergency command center, IT can ensure consistency in the cloud.

As an all-in-one VDI solution, Parallels RAS saves resources, reduces hardware footprint, ensures far greater security protocols and lowers overhead costs—all things that businesses need to survive this current economic downturn and will ensure greater resiliency should a disaster (natural or otherwise) strike again.

Learn more about how Parallels RAS can help your business by watching a live demo!