It’s always good to take a breath, just don’t stop for too long…

/

2020 has been a tough year for most organisations and individuals alike. A couple of months ago, the team here at Standby produced a white paper called ‘COVID-19: An Uncertain Future - how to plan your way through’, which discussed a number of the current COVID-19 impacts on organisations and some strategies to help you deal with these impacts and begin planning a roadmap to your new normal. At the time we were desperate to get the paper out as quickly as possible, trying to beat the curve and ensure we were able to provide useful and timely information for anyone who needed help trying to restart normal operations.

Interestingly though, since we published the paper, for many parts of the world, and the Middle East in particular, it doesn’t feel like much has really changed. There have been a few ebbs and flows along the way and some changes in restrictions have been applied in various countries, but in general it feels like many organisations have now settled in to a temporary new operating model and are very happy just to take a breath and not rush to change anything more just yet.

Don’t rush your next steps

There are certainly many positive reasons to encourage this approach: minimising any further expenditure for the year; allowing staff some sort of normality for a while to prevent more stress; presenting a stable environment to customers and stakeholders; and for most, it just gives time to wait and let the dust to settle a little, to ensure further time, effort and expense is not spent now on a resumption strategy that 3 months down the line, no longer makes sense due to the external political and economic changes still taking place.

As discussed in a recent blog ‘Balancing the security vs efficiency dilemma for your new normal’, this breathing time also provides an excellent opportunity to take stock of what has happened recently, and carry out some sort of ‘halftime’ action report to review any lessons learnt and actions taken and begin to think about where to go next, also horizon scanning for any upcoming risks that we should be prepared to deal with.

But don’t forget your key commitments

One very important risk that we should be looking out for at this time, and an operational activity that may well have taken a slightly back seat over the last few months is our regulatory compliance.

We are now in August and before we know it summer and then potentially the rest of the year will be over, putting some pressure on many compliance requirements taking place before the year end. Although we would like to think there may be some sympathy and flexibility shown by regulators in these difficult times, it is still essential that central banks and other regulatory bodies ensure that companies are operating safely and effectively, and therefore there must be some enforcement of existing regulations, for all our sakes.

In the case of many of our clients within the Middle East this will mean ensuring ongoing annual update and improvement activities are taking place within their IT and resilience programmes. Activities for example such as:

·       Updating resilience documentation such as the BIA reports or IT DR/BCP/Crisis Management plans

·       Ensuring staff are provided with up to date BCP and resilience awareness training

·       Carrying out an annual IT DR failover tests and CMT exercises

We know that with a number of other external pressures these items can become bottom of the priority list, but its vitally important they do not, not only to ensure conformity with regulatory requirements, but more importantly to ensure your resilience infrastructure and processes have been properly tested in the new business environment and are not found to be ineffective if called upon for real in these unpredictable times.

Time for a new approach

One major positive from all the recent change this year is that new operating models and recently altered perceptions on remote and outsourced working may just offer an opportunity to change some old methodologies. The new normal may allow you to look at more time and cost effective models for managing any of these regulatory requirements. Standby have developed a number of managed services to help our clients and partners manage your resilience and IT DR programmes, including online training activities for both staff awareness and other training requirements, as well as remote Crisis Management Team exercising.

Get in touch with one of the team today to see what services we can offer that will allow you the opportunity to continue to focus on more pressing issues, whilst still ensuring you stay on top of your regulatory commitments.

Balancing the security vs efficiency dilemma for your ‘new normal’

/

Many management and IT teams have done an amazing job over the last few months, completely changing their working environments to shift most, if not all, their staff ‘offsite’ in such a tight timeframe. A project completed in just a matter of weeks or months, which would usually be assigned many more months if not years to plan and carry out safely and effectively, is a great achievement, but at what cost?

Have we left major security gaps that can be exploited by hackers? Or have we locked our doors so tight, our staff are struggling to work effectively?

Finding the right balance between security and efficiency can be challenging, especially when under immense time pressures. Now the dust is beginning to settle, what can your organisation do to review and adjust your remote team connectivity to deliver on both levels?

Securing the remote environment

Cyber security has been a hot topic over the last few years due to the ever-increasing and high-profile attacks seen on numerous major and international organisations. The introduction of new or enhanced data protection laws such as the New Zealand Privacy Act, The EU GDPR and more recently within the Middle East, country regulations such as the Bahrain Personal Data Protection Law (PDPL), have only acted to enhance the focus on properly securing our systems and data.

We successfully locked our doors and secured ourselves, then Covid-19 came, forcing us out from behind our carefully built layers of security and into a more dynamic working landscape. We now need to work out how to safely open things back up again to allow our teams access to our data from outside our internal networks.

For a lot of our clients, remote working was already something on the agenda, and some had even set it up for key employees or senior management, but most had not finalised an effective strategy to roll out organisation wide on the scale that the current crisis has required.

Most IT departments have worked tirelessly over the last few months to implement their remote working strategies and in turn most organisations are now rightfully feeling very proud of themselves and the speed in which they have adapted their operating environment. But that does not mean the job is even close to done.

·       How many of these changes have been properly tested to ensure airtight security?

·       How long can you be comfortable just hoping no hacker notices the gaps before they can patch them up?

·       How many staff are using old laptops they had at home already which very likely have some sort of previous malware embedded somewhere?

·       How many staff are on home WIFI networks which may have been compromised a long time prior to the start of this pandemic?

·       How many staff or managers are reading or printing confidential company information and data in an unsecured environment which is open to visitors and potential prying eyes?

This is just the start of a very long list of security questions which may find serious compromises within your current infrastructure. My hope is that most IT teams will have already addressed most, if not all, of these obvious problems, but if you are not, then now is definitely time to clean up your systems; before someone else notices!

Balancing Security and Efficiency

Implementing secure remote access comes with its own set of usability problems: it can often take forever for a member of staff to get in to the system; layer after layer of passwords and links before even accessing emails. Or once you have logged in to your emails, you can’t just jump online to check something on Google, because your VPN is blocking access to anything else outside of your internal network. All of this creates a very secure environment, but not a particularly productive one.

That’s not to say there aren’t a number of good technical solutions out there that are able to allow both very tight security and also efficient ways to navigate through them, I just don’t know many organisations that been able to secure enough budget or had enough time to implement them yet.

How can you improve?

Before we accept anything as the ‘new normal’, or use any of our current practices as a roadmap for long term success, now is a critical time for an organisation to take a deep, long look at everything they have done recently and ask a few questions:

·       Are our systems and endpoints truly secure?

·       Are our people able to work within our systems as effectively as they were from the office?

·       Are our people truly happy with the current setup?

And if the answer to any of the above is no:

·       What can we do to make it better?

This may come across as all too easy, but the process of gathering the right information to answer these questions effectively should not be taken lightly. You will need to spend serious time and effort engaging the whole business and digging in to everything that has happened over the last few months, alongside any existing structures and procedures, and figuring out exactly how it will all best fit together going forward to ensure both organisational effectiveness and long term resilience.

If you would like help assessing you current environment or planning your next steps, then why not download our Free Standby Consulting Lessons Learnt questionnaire here or contact one of our team to discuss how else we may be able to help.

About Standby Consulting

Standby Consulting are specialists in organisational resilience based out of New Zealand and the Middle East with a presence in Bahrain, UAE and Saudi Arabia. With a wide range of experience across most business sectors, Standby is here to support your organisation in the development and implementation of your critical Business Continuity, Disaster Recovery and other resilience activities. We help our clients and partners by offering independent, honest, and experienced advice to ensure that all of your bespoke resilience needs can be met in a timely and cost-effective manner.

COVID-19: An uncertain future - How to plan your way through

/

The spread of COVID-19 has triggered an unparalleled shake-up of the conventional work environment.

Without knowing exactly how the next period may play out, there are likely to be many further peaks and troughs, with this pandemic staying with us in some form for a prolonged period; more than likely heading into at least 2022, which means businesses have to be prepared to be flexible.

In this White Paper, Standby Consulting provides a detailed analysis of the current and ongoing effects of COVID-19 on organisations, the three phases of Respond, Recovery and Restoration and some thoughts on how to ensure long term survival.

While the economic landscape is continuously changing and the future still very much unknown, it may be some time until organisations are able to progress from their current Response or Recovery phases. It is essential though, that organisations begin to plan their required recovery and restoration strategies now, considering how they will operate and hopefully even thrive during the next few months and years. It is essential that businesses are agile and anticipate their plans for the transition.

Please read our Privacy Information.

Standby Celebrates 20 years in Operation

/

As Standby celebrates its 20th year of operation I felt it was a good time to reflect a little on our company history.  Standby was established in 1996 in response to an approach from IBM New Zealand to partner with them and establish a Business Continuity Recovery Service (BCRS) centre in the South Island of New Zealand.  Following a successful first project working for Wickliffe Press, IBM and Standby established a very successful long term partnership, working closely together to provide BCRS services and as well as Business Continuity Consultancy service throughout New Zealand and later in Australia and Fiji for clients such as New Zealand Dairy Foods Takanini, Auckland; Honda New Zealand; Schering-Plough Animal Health and Sealord one of New Zealand and Australia’s largest seafood companies.

Alongside the work completed in conjunction IBM, Standby, also carried out numerous consultancy projects under its own company name.  Some of the most memorable of these projects have been Mainland Products and Tower Australia & N.Z.; Waikato District Health Board and Massey University.

In 2007 Standby were proud to be approached by a Fortune 100 company based in the Kingdom of Bahrain to enhance and implement their IT Disaster Recovery solutions for the Middle East. Developing this project into a long term relationship allowed standby to lay foundations in Bahrain and establish a permanent office for its Middle East activities. From our Bahrain base, Standby has carried out many interesting new projects all over the GCC, in numerous different industry sectors such as banking and finance, insurance, construction, manufacturing and also education.

It was not long until Standby were also recruited to carry out Data Centre builds as well as IT consultancy, which due to my background in the IT sector and previously having built and managed data Centres for over 20 years it’s always one of my favourite areas of what we do. I am proud to say Standby has now successfully carried out over 10 data centre builds and 40 risk assessments throughout New Zealand and the GCC.

Twenty years is a significant time for any company to be in operation. During this 20 years Standby has built up a wide and extensive knowledge within the Business Continuity Management sector and put together an excellent team with an extensive knowledge of different industry sectors as well as in-depth expertise in Business Continuity Project Management and data center builds. Without the professionalism and high standards of our great staff, Standby would not have been able to develop its highly regarded knowledge and experience, or its enviable client base. They have taken on board my personal approach, where we deliver excellent bespoke reports, plans or data centers that meet the clients’ requirements.

 So as we move past our 20 years of operation I wish to thank our clients, supporting organizations and our Standby personnel and contractors who all work so hard to deliver above and beyond what is expected of them. 

Sam Mulholland  - Founder and Managing Director.