Surviving COVID-19: What Enterprise CIOs Must Do Now
The fear of the COVID-19 disease infecting global enterprise operations is intensifying. We highlight key areas of vigilance for CxO’s that span both the technical and social domains.
We are facing an officially-undisclosed but very probable pandemic. No experts can make predictions with any degree of certainty, about how the COVID-19 virus will spread or what will happen. However, the sentiments of both the CDC and WHO organizations, suggest that potentially large societal and business impacts due to COVID-19 are not a matter of if, but when. COVID-19 will have an impact on business that is already beginning to be felt. This is the operating assumption of this paper.
Analysis – The Time to Act is Now.
Enterprises should be taking critical steps right now to avoid disastrous disruptions to internal business operations. Evidence continues to mount as one considers the near term impacts we see in travel, group business meetings and events, as well as the disruptions to manufacturing supply chains. All of which are becoming more widespread.
Enterprise leadership must make ready for disruptions, if for example 50% of more of the workforce is forced to work from home. We believe a pandemic outbreak of COVID-19 may become a significant test to enterprise IT agility systems, processes and management. In fact, it is possible that a given enterprise leadership team itself, may come under assault by competitors or in some cases regulators, for it’s ability to be cohesive and responsive should a pandemic outbreak occur.
We see the potential for significant regional and global implications to internal operations, employees and of course, customers. In fact, we believe for some CxO’s, an ineffective response to COVID-19 may well be career-ending. If your business has a pandemic response plan dust it off and use it. If not, build one. Now.
CxO’s must start by asking themselves a key issue: What is the effect of a pandemic outbreak on our business operations and how will this evolve?
The key here is to understand several critical known, unknowns including:
1. Where and how are our product and service supply chains vulnerable?
2. How will employee’s workflows, policies, product delivery and support mechanisms be affected?
3. What type of bad actors will exploit the chaos, where and how?
In discussions with clients, we are recommending not only to treat the enterprise reaction as a component of existing disaster recovery efforts but also to revisit systematic capacity in the short term, in conjunction with IT agility initiatives and process changes needed in the long term.
We have identified four key areas requiring immediate action:
1. Remote Access / Remote Work Programs. Remember without comms and without employee collaboration you are out of business. The issues range from raw IT VPN and mobile access capability and capacity to employee access provisioning and systems/document permission schemes.
Business and technical leaders need to ask important questions now, including:
a. How do we define remote access work and what does the employee demographics and ecosystem look like in the face of a potential pandemic?
b. Are we prepared to support a 24/7 remote workforce triple its current size that could occur almost overnight?
c. What changes do we need to make, if any, to remote read/write/edit/download/print/sharing document access permissions and security schemes? How does this impact existing security and privacy norms? What are the new risks?
d. How do we adopt VoIP and Video services – or extend existing ones?
e. What training is needed for new remote workers?
f. Do our employees have fast enough, and secure enough access from their homes. What does Wi-Fi provisioning look like? Consider the impact on employee vs company-owned access points including their privacy and security settings. Are in-home embedded AP software systems up to date?
2. Sales, services, support and product delivery. The issues here range from how product support may have to shift to how and when sales agent commissions get paid if product deliveries shift and the effects of COVID-19 are protracted.
3. Banking and payments. Hacker and other maleficent’s play on the distractions and chaos that come with an event like COVID-19. Where there is money to be made, crooks show up. We think looking at bank and payment systems and relationships is both product and critical.
4. Corporate Visitors: Since what we know most about the spread of COVID-19 involves social contact, we think companies should start thinking more about who visits a corporate site and why. Generally, we think corporations should consider new policies that minimize the number of visitors to offices since the people can apparently infect others before they even have symptoms.
We believe it is urgent for enterprises to be preemptive against the near certainty that their employees and their workflows will be effected by COVID-19.