Your Business Is Ready For Viruses. Now, How About The Flu?
The Big Flu is coming. Many of your employees will be working from home, or not at all. How prepared is your company for this?
The dog days of summer may strike you as a bit early to begin thinking about the winter flu season. But not only is the time ripe for flu thoughts and planning, some pretty large business issues rest on getting a jump on the season's sicknesses, and their IT security implications.
Security implications? Sure.
In the first place, there's far more to business IT security than antivirus software, firewalls, user policies, and the rest of the digital defenses we deploy and erect. You know this as well as I do: You live with the range of digital and nondigital security issues every day.
As the CDC points out, even an ordinary flu season affects between 5% and 20% of the population, which makes it likely that 5% to 20% of your employees could be knocked low for a few days. You go through that every year, no doubt, and know its effects on productivity and operations.
Big Flu -- an influenza pandemic that spreads like wildfire through a third or more of the world's population, with death rates reaching a measurable percentage of that population -- is what's overdue and it's what has got public health organizations, governments, and businesses scared.
A portion of that simulation, which will look at economic and services disruptions caused by a pandemic, will undoubtedly review the role telecommuting can play in mitigating, if not minimizing, those disruptions.
Which is where IT security comes in.
You're already accustomed -- or better be -- to addressing security issues for mobile and remote employees and staff. Those employees know the drill: up-to-date antivirus and etc. -ware, extra care when using unsecured or public networks, heightened vigilance about using computers in public places or anywhere where eyes other than their own can see the computer.
Now: How much planning and how much of a policy have you applied to circumstances that might have a substantial number of your employees working from home?
Think about it. The security issues apply to "routine" flu years and, for that matter, any time an employee works from home as well to mass outbreaks and pandemics.
Will the employees be using their personal home computers for telecommuting? If so, who else has access to those computers? How protected are those home computers from the most basic cyberthreats? How will confidential, sensitive, and proprietary data be transferred from their business computers to their home machines?
Will employees be taking company equipment to their homes? How certain are you that those devices contain only the materials, confidential or otherwise, that the employee needs for specific jobs?
How secure are you in your security procedures, practices, and policies regarding the remote access your business will be dependent on? Are you and your team up to speed on virtual private network security best practices?
While we're at it, what about the equipment and data and everything else that remains at the office, store, or plant while everybody else (or even most of them) are working from home? How secure are the facilities? Will you be leaving equipment and the data it contains in place or locking it away off-site?
A Plethora Of Issues
The more you think about the issues, the more issues that come up, most of them applicable to day-to-day telecommuting and remote workers as well as to disaster planning, recovery, and continuity of business.
What, for instance, are your policies regarding remote equipment and material when the remote worker is hospitalized? (And we all know employees who'll want to insist on taking work and probably a company notebook with them to the hospital. Don't let them.)
How covered are you for key-employee absences or incapacity (or, sadly, worse), particularly key IT security employees? Are their skills and system-knowledge backed-up as well as their data?
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.