From managing IT infrastructure with limited staff to securing remote workers, the CIO has his plate full of challenges. Here is how CIOs can prepare themselves
The Covid 19 crisis has clearly disrupted operations with huge impact on business continuity, method of working and supply chains. CIOs have to focus completely on strategic projects and on enhancing capabilities for employees. IT priorities have certainly changed, and there is a renewed focus on operational efficiencies and controlling costs. Given the new reality of working from home, CIOs have to focus more on remote working tools and secure communication platforms.
For preparing their organizations for uncertain times, CIOs must create a dedicated playbook or documentation that details every possible step. We outline some of the best practices:
# Well documented BCP plan: The business continuity or BCP plan must contain steps that needs to be followed in the event of a disaster. The BCP plan should clearly detail out what employees must do in the event of a disaster, and the maximum timeframe by which critical IT services will be delivered. It is also equally important to identify critical systems and take an inventory of the key applications. At the same time, organisations must document and have in place a list of external contacts such as bankers, IT consultants and utility personnel.
# Testing of infrastructure: As more and more employees log on to the IT systems from remote places, it is important for the IT team to test their scalability. For example, a large number of employees will log on using VPNs. Organizations must check if they have enough VPN licenses for the entire team. They must also check if there is a single IT help desk that can handle multiple queries.
# Be proactive about security: At a time, when phishing scams and ransomware attacks are at an all time high, CIOs must pay extra attention to prevent unauthorized access to systems: As part of their security policy, organizations must enforce rules that ensure that employees keep updating their passwords on a regular basis. Attacks can also happen via cleverly designed phishing mails. Hence, employees must be advised and cautioned against clicking on suspicious emails. Secure access of data and applications for remote workers can be done using VPNs or virtual desktops.
# Test your dependency on suppliers: If your organization is dependent on key IT suppliers, it is important to test out their preparedness for riding out the current crisis. This may be a network service provider or an IT hardware service provider. For example, if a network fails, can you quickly transition over to another network service provider. Similarly, if a particular IT equipment fails at a particular employee's site, the organization must have a ready supplier who has the logistical and technical capability to deliver the equipment at the home of the employee.
# Use the DR in the cloud option: The cloud has risen to its claim of being a resilient technology in this time of crisis. Organizations must consider going in for a cloud-based business continuity plan. A cloud-based DR plan enables companies to quickly speed up the recovery time. The cloud option also enables companies to automatically provide access to services from any part in the world. For example, companies can empower their remote workers by delivering access to virtual desktops or critical applications. With the elastic capability of the cloud, organisations can scale up their IT infrastructure in the cloud to meet increasing remote worker demands.
# Consider outsourcing to a Managed Service provider: Managed Service Providers (MSPs) typically have access to thousands of customer networks and invest significantly in creating the best infrastructure and hiring of the best skilled resources. MSSPs can also create test environments for testing out if the infrastructure can handle and scale to the demands of a remote workforce. MSSPs can also best equipped to identify when networks and bandwidth can get overwhelmed by remote working, and use automated tools to resolve these issues proactively.