Covid-19: How CIOs can prepare themselves for uncertain times

From managing IT infrastructure with limited staff to securing remote workers, the CIO has his plate full of challenges. Here is how CIOs can prepare themselves.

The Covid-19 crisis has clearly disrupted operations with huge impacts on business continuity, methods of working and supply chains. CIOs have to focus completely on strategic projects and on enhancing capabilities for their people. IT priorities have certainly changed, and there is a renewed focus on operational efficiencies and controlling costs. Given the new reality of working from home, CIOs have to focus more on remote working tools and secure communication platforms.

In preparing their organizations for uncertain times, CIOs must create a dedicated playbook or document that details every possible step. Below we outline some of the best practices:

Well documented BCP plan: The business continuity plan (BCP) must contain steps that need to be followed in the event of a disaster. The BCP plan should clearly detail what employees must do in the event of a disaster, and the maximum timeframe by which critical IT services will be delivered. It’s also equally important to identify critical systems and take an inventory of the key applications. At the same time, organizations must document and have in place a list of external contacts such as bankers, IT consultants and utility personnel.

Testing of infrastructure: As more and more employees log on to their IT systems from remote places, it’s important for the IT team to test their scalability. For example, a large number of employees will log on using VPNs. Organizations must check if they have enough VPN licenses for the entire team. They must also check if there is a single IT help desk that can handle multiple queries.

Be proactive about security: At a time when phishing scams and ransomware attacks are at an all-time high, CIOs must pay extra attention to prevent unauthorized access to systems. As part of their security policy, organizations must enforce rules that ensure that employees keep updating their passwords on a regular basis. Attacks can also happen via cleverly designed phishing mails. So, employees must be advised and cautioned against clicking on suspicious emails. Secure access of data and applications for remote workers can be done using VPNs or virtual desktops.

Test your dependency on suppliers: If your organization is dependent on key IT suppliers, it’s important to test out their preparedness for riding out the current crisis. This may be a network service provider or an IT hardware service provider. For example, if a network fails, can you quickly transition over to another network service provider? Similarly, if particular IT equipment fails at a particular employee's site, the organization must have a ready supplier who has the logistical and technical capability to deliver the equipment at the home of the employee.

Use the DR in the cloud option: The cloud has risen to its claim of being a resilient technology in this time of crisis. Organizations must consider going in for a cloud-based BCP. A cloud-based DR plan enables companies to quickly speed up the recovery time. The cloud option also enables companies to automatically provide access to services from any part in the world. For example, companies can empower their remote workers by delivering access to virtual desktops or critical applications. With the elastic capability of the cloud, organizations can scale up their IT infrastructure in the cloud to meet increasing remote worker demands.

Consider outsourcing to a managed service provider: Managed service providers (MSPs) typically have access to thousands of customer networks and invest significantly in creating the best infrastructure and hiring the best skilled resources. MSPs can also create test environments to see if the infrastructure can handle and scale to the demands of a remote workforce. MSPs are also best equipped to identify when networks and bandwidth can get overwhelmed by remote working, and can use automated tools to resolve these issues proactively.