Is Pandemic Part of Your Business Continuity Planning?

Question:  I am concerned about the news of the swine flu pandemic.  Please tell me some things I should do to be as prepared as possible if it affects my business.

Do not dispair even if you have not yet begun to plan.  Something is always better than nothing.  Here are a few thoughts to get you started.  The chamber has planned a business owner’s business continuity planning breakfast meeting on December 4, 2009, to help.  If you need more help before that, please contact your tech committee by email at drdata4u@gmail.com

Is Pandemic Part of Your Business Continuity Planning?

 

The floods, earthquakes and tornadoes of 2008 motivated many companies to revisit or begin Business Continuity Planning. The recent news of a potential Swine Flu Pandemic is just one more reminder of the importance of having a working plan in place.  A vital piece of continuity planning is workforce planning specifically for a pandemic. This should include establishing remote access, web conferencing, and identifying backup sites incase sites go down.

 

In case of a pandemic, companies need to ensure that key personnel can work remotely with secure computer and internet access. Critical systems must be accessible with contingencies in place for access if key personnel get sick and their responsibilities need to be taken over.

 

In recent years businesses have focused on Business Continuity with specific Pandemic initiatives and virtualization server technology aimed at helping firms keep computer systems and network infrastructures up and running in the event of an outbreak or disaster.

 

Web conferencing will help your team stay productive and allow them to conduct business without having to travel during times of potential outbreak. Remote access to files and documents is critical to making web conferencing effective.

 

Locating and equipping a remote operations site during a crisis is next to impossible.  Companies such as Agility, specialize in continuity solutions that provide power, technology, space and connectivity in the event of a disaster.

 

This is a good opportunity for you to emphasize to your employees the normal flu season messages–hand hygiene, stay home if you don’t feel well, etc. The Business Computer Focused Blog located at www.ManageMyTechnology.net  recently featured a 12 part series on web-worker tools. Most of the tools are free, all are on the Internet and all provide excellent collaboration features plus management insight into the work.

 

Key business continuity planning items are below for your informaiton.  For more information on Business Continuity and Web-Worker Program Planning, you may see the Chamber’s question and answer web site at www.MBQ4Biz.com or contact the technology committee with questions at DrData4U@gmail.com.

 

Swine Flu Update

 

The recent cases of swine flu in Mexico and the US are concerning, because they have occurred in individuals who have not had contact with livestock, indicating human-to-human transmission.

 

The current year flu vaccine is not expected to provide protection.  And millions of Tamiflu treatment courses have been strategically positioned throughout the US.

 

Deaths have occurred in affected individuals in Mexico, but not in the U.S.

 

DHS analysis at this time is that disruptions to U.S. critical infrastructure will be low, with impacts on healthcare most likely as symptomatic individuals and worried well individuals seek medical attention.

 

Should the outbreak intensify, there may be additional effects resulting from increased absenteeism.

 

Basic precautions, such as hand washing and avoiding contact with symptomatic individuals are recommended.

 

 

Key Points of Business Continuity Planning

 

•     Establish one person as your Continuity Director and let your members know who that person is

•          Prioritize critical functions

•          Identify functions that could be suspended for up to two months

•          Identify positions needed to carry out critical functions

•          Build depth through cross training

•          Plan for alternative work schedules and implement a web-worker program

•          Continuity planning for your computer systems and workforce

•          Maintain a healthy work environment

•          Update sick leave and FMLA policies

•          Encourage/require ill employees stay home

 

How Can I Reduce the Cost of Computers?

Business owners and managers often try to reduce what is spent on computers and end up spending far more than necessary.  There are three classes of business owners and managers:

1. Do-It-Your-Self (DIY)  The DIY actually listens to the marketing and sales hype from manufacturers telling us that computers are simple and we can do it our self with their product.  HELLO!!  They are in business to sell you their product and build their business.  Here’s the truth:  Computers are complex and the only way to keep your business computers running well and make sure your computers work reliably and securely is with support from an experienced and qualified business computer management company.  You don’t install and manage your own phone system or troubleshoot the emission system on your car.  Computers are just as complex or more so and need specialized care and management.
2. The “Genius” on-call when we need him/her.  Many organizations have a student or relative who helps out as needed.  Do you wait for your car to break down on the freeway and then call a backyard mechanic to come help you?  Why would you put your business at risk with the same model?  Why would anyone risk their business and data to a high school or college student with little or no experience in business and computers?
3. The Successful Organization.  These are successful because they outsource their computer management to a knowledgeable firm not an individual with the resources to manage your computers in order to maintain all your focus on your core mission and business. No one can be an expert in computers, security, data backup, data restore, messaging, networking, etc. and the line of business you are there to pursue.   There are only 24 hours in every day– It is up to you how you will spend them to move your business ahead.  You can spend 4 hours getting your email back on line or invest that time in the success of your business plan.  We can not get the time we spent back and there are no re-do opportunities at the end of the day.

How much is the right amount to spend?  Studies show between 12% and 15% of gross revenues represents the computer budget of a successful organization.  Want to save on this?  You need a “Managed Service Provider” who will monitor, manage, maintain, and administer all your computers 24×7.  In this way your outsource provides you with the expertise you need at a fixed and affordable price with a team of experts always available when you need them and the expertise shared across thousands of organizations thereby keeping the costs down.

Think of it this way, if you hired your own personal doctor, the cost would be unaffordable.  By going to the doctor’s practice and being one of many patients, you have great medical care- – and affordable.  Computer Managed Services Outsource is the same model.  With computer management outsourced, you receive all the healthy business benefits, and you do not even need to go to the doctor’s office-the computer management services are delivered to you remotely and in person!  If you are not outsourcing your computer managed service, your organization is not competitive or achieving the mission as well as it could.

What Should I Do About Computer Security for My Company?

According to the news today, I heard the Pentagon spent more than $100 million in the last six months fixing problems caused by hacker attacks. I read some other reports saying that they found software in the electricity grid the Russians and Chinese can activate to disrupt our supply of electricity.

HERE’S MY QUESTION:  If highly sophisticated and well funded enterprises like the Pentagon and the national electrical suppliers are this vulnerable, what chance do we have for our company computer security?

ANSWER:

First we need to dispel the myth that your organization is too small to be of interest to hackers. I have seen it repeatedly that when a computer is connected to the Internet for the first time, within minutes there are thousands of attacks on it.  This is to say that you must take action to protect yourself.  Depending upon your budget, you will be able to scale your protection to meet your organization’s needs.

Here are a few simple and inexpensive steps every organization must take now:

First be sure you have some security.  Anything is better than nothing!  At the very least, turn on the Windows firewall.  It came with Windows and it provides some small degree of protection.  Use it!

Be aware that the best security is a layered security.  If you have a connection to the Internet, a Firewall is recommended.  Next, add Anti-virus and Anti-Spy-Ware software.  If your network is slow, that is almost a sure sign that you have spy-ware.  

Next, if you can afford it, invest in a Spam Filter.  If you can not afford this, at least set up Outlook in a way that dumps questionable email into the Junk folder. 

Next, discipline yourself and your employees to NOT go to web sites or open emails and attachments that were not expected.  NEVER open attachments to emails unless you expected to receive it.  When in doubt phone the sender to confirm they actually sent the email and the attachment.  

Above all……never open emails or attachments sent from yourself …. unless, of course, you actually sent it.   It constantly amazes me that organizations will spend a large portion of their revenue on staff , facilities and computers, but fail to take even these basic steps to protect the enterprise. 

And perhaps most important,  be certain all data is backed up AND the backups are tested every week!  It is a disaster to need the data backup to restore data only to find out that the backup is corrupted or has not been working for weeks or months.  If you are still using tape backup, dump it and implement disk to disk backup with off-site storage.  Ideally you should be able to restore your organization to a date and time in the past of your choosing.  What good is it to you to restore your data with the spy-ware or virus that caused the problem in the first place?

These simple and basic steps will go a very long way to limiting your risk and providing security that will assure your security.  There is much more to do to fully protect your computers, but at least start with these.  What are you waiting for?