The New Normal
2020 and Beyond

Chapter 2

Security and Business Continuity Planning

alt-text

Every organization has had a Business Continuity Plan (BCP) and a crisis management team in some form, but the plan wasn’t needed in most cases before COVID-19. As the severity of COVID-19 increased, business leadership accelerated BCP reviews and crisis management teams started working 24×7. 

One thing that stood out as businesses hastened their preparedness for COVID-19 was: organizations that had their work environments on Cloud before the pandemic were at a relative advantage. Their workforce was already enabled to collaborate and work remotely. 

BCP and security measures in the New Normal will have different focus areas and priorities

For business continuity beyond the pandemic, businesses will have to focus on the following areas:

Enabling the workforce to continue to work

Businesses will have to enable their workforce emotionally and physically so that they continue to deliver quality work. Physical-enablement will happen with the right devices and access to the required corporate applications from anywhere.

BCP champions will have to tie up with the Human Resources to work on the emotional level measures. For example, health monitoring, vaccine records tracking, and also communicating health advisory measures on a regular basis. Such initiatives will keep employees’ morale up as they show that the business cares for them.

Compliance

Depending on the nature and type of the business, the BCP teams will have to work with concerned internal stakeholders and establish the best and mandatory practices for infrastructure usage, application access, and data processing. In addition to the general cybersecurity guidelines for a remote workforce, compliance associated with HIPAA, PSS-DSS, CCPA, GDPR, and more will have to be reviewed and updated continually [24]

Corporate security

Corporate IT teams will have to regularly review and strengthen the security constructs at the end-device, network, and access-control levels. The stakeholders will have to define and follow policies, procedures, and practices that align with ISO 27001 compliance and also regularly communicate this to the workforce, thus creating a security-sensitive culture. Security mechanisms similar to the zero trust security model and Google’s BeyondCorp will have to be adopted to give employees’ democratic, context-aware access to the company applications [25].

These plans and procedures will require continual revisions and improvements for years to come to ensure business continuity. 

© 2022 MediaAgility Inc. All Rights Reserved      Page 9

© 2022 MediaAgility Inc. All Rights Reserved
Page 9