Three Steps to Mitigating the Business Risks of COVID-19

The business challenges created by COVID are significant and a test for any organisation. However, by applying common sense and effective management, organisations can mitigate the risks and address the challenges the situation has created.

The challenges of COVID-19 go beyond the resilience plans of most organisations. The current situation is open-ended, in the short-term; staff have to work from home for much longer than most resilience plans envisaged. It is global, affecting all countries, in succession. It is also pervasive – all businesses and organisations are being affected. All companies are having to work hard to maintain their business as usual, and their commercial relationships, ready for when normal service resumes.

Overcoming the hurdles places great onus on front line staff, and it has to be said; they have responded very positively, especially once the initial teething problems have been ironed out.

There are a few steps to ensuring that your staff are best placed to maintain your resilience over a sustained period:

1. Maintain your anti-virus software

Whether staff use a company machine, or their own PC/smartphone, they need to have effective anti-virus software installed, and kept fully up to date.
The nature of home working means that company use and personal use of a machine many be ‘mingled’, exposing a device to perfectly innocent email traffic and website traffic that might not be as secure as normal corporate traffic. This can expose a machine, and therefore your network to a technical attack.

2. Maintain vigilance

A topic like COVID-19 is a ready hook for scammers and cyber criminals to use in Phishing attacks, to install malware that can compromise a machine, or worse, be used to access a secure corporate domain. Maintain the awareness of your staff, and ask them to be suspicious of ANY unexpected email they receive – personal or professional – that could pose a threat to the technology they use.

3. Be aware of how your staff use technology to do their jobs effectively

Corporate IT systems deliver many capabilities to organisations, but they are not the only way people use technology to their job.
End User Computing (EUC) applications – typically Excel spreadsheets, or Access databases, but also powerful cloud based applications using Python or R for example – are commissioned, developed and managed by end users. They form a growing element of the technology value chain of a business. Outside of IT’s control, they may not be fully part of a resilience plan. Senior management may not fully understand the scale of their use.

In the current situation people should be regularly reminded, and perhaps be educated about the company’s EUC policy.  At the very least, people should be reminded to:

• Store key EUC files on shared drives, not their C: drive, to ensure there are not multiple versions of the same critical file in use at the same time
• Password protect the most vital files
• Save each version of a document, so that rollback is straightforward if multiple versions develop
• Managers should have a list of the key files their teams use so that proper controls and ownership of these files can be fully established and maintained.

Taking these steps will help organizations to come through a sustained period of lockdown, with their reputation, relationships and business ready to flourish once again.

In due course, many organisations will review, evaluate and re-prioritise their technology investments. If you want to learn more about how to create and manage an effective policy management framework, find out more.   Or to learn more about effective EUC management, check here.