I want to preface this post by saying that the CoronaVirus is a horrible disease that’s having a devastating impact on not only individuals and families but entire communities, regions, and industries. Our hearts and prayers are with everyone impacted and we hope this problem is resolved quickly.
With that said, CEO’s and Business Owners need to be aware that threats like these exist and need to ask their organizations if they’re protected and how. Here in South Florida 30 students and 3 teachers are quarantined for 3 days out of fear that they may have been exposed to the virus at a conference they attended at Yale University. Fortunately, they’ve all be cleared and they’re back in school but it really drove home the impact this could have. Let me ask you as a fellow business owner or business leader “If 30 of your employees couldn’t come in the office for several days, would your business continue operate?” Here’s another scenario “What if 30 of your employees all invested in the Lotto pool Friday afternoon and Monday morning called you from Kingston Jamaica letting you know ‘Irie! we don’t work der no more mon!'” Could your business survive? What would you do? Let’s investigate both scenarios.
Several of your employees all quit at the same time.
In this scenario, most large enterprises are protected but many small to medium-sized businesses, not so much. In a smaller organization, the business owner or senior management is usually the choke point in the company. They often find themselves unable to take vacations without the phone ringing, having to jump on a conference call or rush back to send an email. In most cases, this is because they haven’t properly documented their processes and procedures and haven’t trained others on what to do. So that’s the solution. I like to think of it as making myself replaceable. That may sound scary but when you start thinking about exit strategies and valuations, it’s not scary, it’s profitable!
What to do when my employees can’t come to the office?
Now, what about when your employees can’t make it in the office for a long period of time. Today this is less of a problem than it would have been just a few years ago thanks to the wide adoption of Cloud-based technologies and remote enabled applications. Today your employees are able to use Voice over IP phones, email, cloud based crm or business applications and do their work from anywhere with the same ease as if they were in the office. In fact, one could argue they’re doing it better because they’re happy and when your employees are happy, your customers are happy and happy customers generally means more business and better profits! So enabling a remote workforce is the key in my opinion.
How do I go about enabling a remote workforce?
Every business is different and the needs and requirements of the business and its customers equally different, but here’s what we did at Applied Innovations. We decided to have work from home Fridays a few years ago. In preparation for this, we created special desktops that our team would securely remote into and do all their work from. You see, while the employee was physically out of the office, all of their work still happened from within the office and the office systems. This way we were able to maintain the same level of security and service. This proved immensely valuable when Hurricane Irma when through our area. Our team was well trained and comfortable working from home and while some employees were without power for days, others had left the local area, and yet others stayed home and weren’t impacted at all. Because of this, while our office was without power for nearly 7 days and many of our employees without power for several days, our data center was not impacted, was fully operational and our team was able to remote in and keep the business operating 24×7 even in the midst of a storm. Your internal IT team or your IT consultants can discuss with you the different options available today to enable your own team to work remotely.
Should I be concerned about Cybersecurity with a remote workforce?
Absolutely! Look, it’s estimated that two thirds of small businesses have been targetted by cybercriminals and while you may think your company isn’t a target, it very much is. When you connect your systems to the outside world and even more important when you open a door up to the outside world you’re creating a point of entry for not only your employees but for cybercriminals and it needs to be monitored. Not only that but when your employees are using their own computers or devices to access company information you need to ensure that your data is protected, that your systems don’t become compromised and that only the people you want to access your data are the people accessing it. Here’s some things you should do:
- Enable Multifactor Authentication – it should be no surprise I start with this but it’s important even on your VPN accounts but equally on your cloud based applications where you store your data, I’m talking about your CRM, your ERP, your accounting software, your billing software, everything.
- Create device management policies – if you’re going to allow employees to bring their own device then you need to be able to ensure those devices meet corporate security requirements and maintain these requirements or they shouldn’t be allowed access to your data. Mobile Device Management is great for this.
- End to End Encryption – Ensure that your employees are using encrypted connections to your systems and more importantly if any of your corporate data is being stored, that it’s stored isolated and encrypted so that no one else can gain access to it.
- Train Your Employees – Cybersecurity training is key today. Your employees are either your best defense or your worst defense. It’s up to you to ensure they’re training and remain trained through ongoing micro training that’s updated as new threats and tactics are exposed. This training shouldn’t just focus on what they should do at the office but how they should protect their personal computers, families and personal information.
- Next-Generation Security and Monitoring. Today artificial intelligence is being leveraged throughout cybersecurity to identify anomalies and automatically stop threats. You should work with your IT vendors to ensure your business is staying up to date with technology and adopting the new and modern technology that can combat the hackers. Hackers are constantly learning new techniques and tactics and you should be changing your defenses accordingly.
- Proper Disaster Recovery & Business Continuity Planning – You need to plan for what if, build-out procedures and then test those plans and procedures to ensure they work for your business. It’s not a one and done thing either, it’s something you need to continuously evolve and improve upon.
This is by no means an exhaustive list of what you should and could do to protect your business but it’s a great a conversation-starting point and will certainly help you identify ways to enable your employees while protecting your company.