How Businesses Can Survive COVID-19

by Mar 23, 2020Business Continuity

Business Continuity During COVID-19

We are in an unprecedented moment.

The COVID-19 outbreak has upended businesses in nearly every industry. Across the globe, companies are quickly shifting operations and forcing employees to work from their homes. In some U.S. states, non-essential businesses have been ordered to close altogether.

Cuts, layoffs and closures are now all on the table. It’s a situation that harkens back to the 2008 financial crisis and in fact could become far worse.

But if there’s one piece of advice we have for businesses that are scrambling for solutions, it’s this:

Now is the time to harden your business continuity systems, not loosen them.

Let’s start with the simple truth that the risk of a pandemic is constant. The threat was always there.

While businesses scramble to rework their disaster recovery planning for coronavirus, COVID-19 is exposing weaknesses in many organization’s overall preparedness.

To be fair, nobody knew this was coming at the time and speed that it did. But anticipating potential threats is what business continuity is all about. The underlying disruptions caused by COVID were always risks to prepare for: workforce interruptions, sudden revenue losses, supply-chain disruptions, office inaccessibility, government mandates and so on.

Thankfully, many businesses are adapting quickly to weather the storm. But the storm isn’t close to being over yet. There are endless additional risks and unknowns that businesses need to be preparing for right now.

 

Heightened risks during a pandemic

The safety of your employees is a chief concern right now, as is your ability to continue your mission-critical operations. But the pandemic itself isn’t the only threat. As coronavirus spreads, so do cyberattacks and fraud. Hacker groups around the world are already taking advantage of the chaos surrounding COVID-19 to infiltrate vulnerable businesses.

But that’s only one of the threats companies need to worry about right now. As businesses race to adapt to the current situation, many are particularly vulnerable to “everyday” risks such as:

  • Data loss
  • Phishing scams
  • Malware
  • Data migration mistakes
  • System failures

 

The heightened risks underscore the importance of iron-clad data protection during all this uncertainty. The last thing you want while combating COVID is another devastating blow.

Let’s look at a few of these threats in greater detail to illustrate why these threats are so serious right now.

 

Hospitals battling COVID-19 and ransomware

Prior to COVID-19, we were already in the middle of one of the biggest ransomware resurgences of the last few years.

Fortunately, at least one hacker group has promised to halt attacks on healthcare during the coronavirus outbreak. But that claim should pacify no one.

Consider this:

  • Ransomware attacks have devastated medical organizations over the past few years. The attacks have shut down hospitals’ computer systems and forced them to turn away patients.
  • Victims have shelled out tens to hundreds of thousands of dollars in ransom payments, but haven’t always gotten their data back.
  • In some cases, patient records have been permanently lost, resulting in other costly problems, such as regulatory fines, legal liabilities and reputational damage.

 

There’s no reason to trust that hacker groups will suddenly go easy on healthcare orgs, even if they say they will.

Without a robust data backup system, medical facilities could face a grave situation if they’re attacked at a time when they need their systems most.

 

Cyberattacks exploiting coronavirus crisis

The coronavirus outbreak immediately gave way to coronavirus scams.

Officials have warned of an “unprecedented” surge in coronavirus fraud. And we’ve already seen numerous reports of COVID-19 phishing schemes and hoaxes.

  • Maps of COVID-19 infections have been laced with viruses.
  • Emotional appeals for donations have been exposed as fraud.
  • Phishing emails have been disguised as COVID-related communications from banks and SaaS vendors.

 

It’s disgusting. But businesses can’t afford to be complacent about it.

Every organization needs to be reevaluating their cybersecurity defenses right now and also ensuring the availability of backups in case attacks get through.

 

Increased risks as employees work from home

The sudden surge in telecommuting makes these risks even worse.

Hackers are specifically preying on remote workers and stressed IT systems. They know they can inflict more damage by taking advantage of people’s fears and confusion. And in the process, these criminals stand to reap greater rewards, whether via ransomware, phishing scams, data theft or other crimes.

In a survey by CNBC, more than a third of senior technology executives said that cybersecurity risks have increased as their employees have begun working from home. One company saw a 40% spike in phishing and other cyber scams since the COVID crisis began.

Additionally, many companies are allowing their employees to work remotely using their own home networks. Those networks are often less secure than the business’s, creating additional vulnerabilities.

 

Stressed systems will fail

Businesses are rapidly scaling their technology capabilities to enable employees to work from home. But because of time constraints, many of these expansions are being implemented haphazardly.

Consider that companies are scrambling to build out virtual networks, video conferencing, collaborating tools and other systems. As such, IT systems are being put under tremendous stress.

System failure is inevitable. Whether it’s a server going down or applications suddenly breaking, these roadblocks cause yet another productivity disruption. And in the process, large volumes of data can be lost.

This is why we’re strongly advising businesses to harden their business continuity and disaster recovery (BC/DR) solutions at this time. As IT systems are pushed to their limits, the risk of a major data-loss event is simply too great.

 

Accidental data deletion

In addition to system failures, a number of other factors will naturally increase the risk of data loss as businesses use remote workers.

Files and folders are being moved. New applications are being integrated. Systems are being merged, modified, reconfigured and stretched.

All of these actions increase the odds that data will be lost due to accidents such as botched migrations and overwrites. It already happens all the time, and the risk is even greater now that all these changes are taking place.

Additionally, workers themselves are more likely to misplace files or accidentally delete them. This is especially true if they’re suddenly forced to use unfamiliar software or save their work to different locations.

 

Just one example

Consider a mid-sized business that is rapidly deploying a new file-sharing solution that allows employees to work remotely while also integrating existing applications.

But because of the time crunch, the deployment is rushed. Even IT admins don’t have the opportunity to be properly trained on the system or installation. Management wants it ready by tomorrow, regardless of the risks.

Sure enough, there are immediate problems.

During the integration process, the application is misconfigured. There’s confusion over a file archiving and storage setting. The wrong settings are entered, and as a result, large volumes of data are overwritten.

It’s a huge setback that requires the company to restore the data from backups. In turn, this drains their already-taxed resources and delays the installation even further.

 

What you need to do now

Businesses need to be proactive about the increased risks during this rapidly evolving situation.

If you are quickly adapting your operations to the COVID-19 crisis, then you need to be simultaneously adapting your business continuity protocols.

  • Reassess your backup systems: Could the business recover from a major ransomware attack at this time? How long would it take to restore the data? How would operations suffer? Reevaluate your BC/DR systems to determine how you can strengthen your data protection and continuity.
  • Identify security needs: Reassess existing network security and cybersecurity to ensure that vulnerabilities have not been created by telecommuting setups. How can you ensure that remote workers’ systems are secure? How can access controls be strengthened to reduce the risk of intrusion?
  • Reevaluate policies and training: If any operations have changed, policies need to be reassessed. And if employees are suddenly using new systems or processes, then they need to be thoroughly trained. A lack of training, or lapse in security, will significantly increase the risk of problems.
  • Monitor everything: Network health, system performance, backups, testing – every aspect of your infrastructure should be closely watched right now to spot potential problems before they occur. The last thing you want, while everything is in flux, is a crash – especially one that could have been prevented with better monitoring.

 

Fight the instinct to make cuts

We get it. Everything is uncertain right now. Businesses are already facing rapidly declining revenue, and they’re tightening budgets as a result.

However, when it comes to the IT systems that keep your business running, now is not the time to cut back. If anything, it’s the opposite. Just like we’re all making massive lifestyle changes to shelter our bodies from the risk of infection, businesses need to make massive changes to shelter their critical systems too.

Stronger continuity systems, such as enhanced data protection and cybersecurity, help to ensure both the immediate and long-term survival of your organization, in spite of all the current unknowns.

 

Need help?

If your organization is evaluating business continuity systems during these uncertain times, we’re here to help. Request a free demo of our recommended backup solutions, or contact our experts at Invenio IT: call (646) 395-1170 or email success@invenioIT.com

New call-to-action

Tracy Rock is the Director of Marketing at Invenio IT. Tracy is responsible for all media-related initiatives as well as external communications—including, branding, public relations, promotions, advertising and social media. She is one busy lady and we are lucky to have her!