Strategy and Self-Assessment tool
In the current COVID-19 pandemic, the global urgency for businesses, governments, families, and individuals to be able to work from home is unprecedented. This document can help you navigate these profound challenges. Basic questions you may be facing are, “Where do I begin?” or “What can I do right now while keeping safety a top focus?”
The COVID-19 pandemic has forced organizations to review their Digital Transformation Plans and, in particular, the Work from Home Business
Continuity Plan (BCP/WFH). In this process, infrastructure capacity and
remote access functionalities are top priority. Sending home an entire corporation’s workforce requires immediate analysis of the infrastructure capacity for remote access service. Less obvious, however, is that the organization’s business risks will increase with the expansion of the
corporation attack surface, extended by multiple remote workers.
Remote access affects two main corporate user groups: contractors, working
on site or remote, and regular employees working typically on site and eventually remotely. The first group generally have a well-defined limited access, framed by their service contract and imposed by rigorous IT security policies and infrastructure. The corporate employee group works mainly from the office, where a less restrictive security policy is often allowed. Employee remote access is thus limited in infrastructure and time usage, which is perceived as “limited” or “controlled” risk. The Work from Home Business Continuity Plan remains a business risk mitigation measure, and the
Security Team should take part in the plan review exercise.
This assessment offers the first step in actively keeping your business running securely while keeping employees and customers safe. Through a series of discovery questions, IT and security roles can determine the current state of your organization and how you can achieve full functioning by incorporating
best practices identified by Cisco® Trusted experts.
As you discover your level of readiness and where your areas of risk are, you can identify what you can do first, and learn how to improve your readiness for the future. Cisco IT offers best practices across processes and technologies for business continuity to enable remote work with effective, secure, and collaborative solutions.
As we transition to the next phases of the pandemic, your business is being redefined by the changes of today and the uncertainties of tomorrow. These factors have accelerated the digital transformation trends that were already in motion. Cisco provides ways to connect your people, secure your business and automate processes in the evolving distributed work-model with a set of offerings to help you re-imagine and redesign your workforce and workplaces.
Solutions When It Matters Most: Work from Home Readiness and Business Continuity Strategy
Vision
Remote Workforce Requirement for Effective Business Continuity
Motivation
COVID-19,
Employee Health,
Legal Requirements
Resources
Employees, Contractors, Partners, Customers, Infrastructure
Action Plan
Organization, Security, Remote VPN,
Collaboration tools
Effective change starts by establishing a clear and Realistic Vision aligned with the company business goals
In the current environment external forces drive your Organization’s Incentive for Change
Comprehensive change plan that will affect the entire Organization Ecosystem
Action plans based on Best Practices and expert guidance,
will lead to Predictable Outcomes
In the dynamic situation created by COVID-19, use this Remote Worker Experience and Strategy assessment to help you navigate the current
unprecedented challenges, technology options, and business process strategies now available.
How to Use This Assessment
Use this high-level assessment for a quick overview of glance into your organization’s current state,
identify where the technical gaps are, and view Cisco recommendations and delivery capabilities.
Your Corporate Business Continuity Plan includes multiple aspects beyond simply the IT domain. These various dimensions are even more important as your organization is in the middle of a digital transformation. When planning for Work from Home Business Continuity, four aspects are essential to review: organizational readiness, approach to security, remote access infrastructure, and collaboration solutions.
-
Prepare Your Organization for Change: Successful change
requires properly communicating the vision and action plan,
plus having the right skills, motivation, and resources
-
Review your IT organization readiness
-
Review your processes, policies, and compliance
readiness regarding remote workers
-
Review critical assets and endpoints protection readiness
-
Review your remote access capacity and redundancy
What is your company’s current state?
Organizational governance is a key consideration in assessing your readiness to effectively extend your targeted toolsets and capabilities to a work-from- home environment.
-
Define a continuity plan for historically on-premise activities
-
Baseline core safety guidelines for work-from-home environment (health and IP)
-
Facilitate and capture productivity metrics independent of work location
-
Extend corporate culture by including remote activities and data capture
Organizational Readiness Cont.
What is your company’s current state?
Getting security right is all about the holistic consideration of the people, technologies, and processes that make up your business.
To move forward, you must understanding inherent risks and take calculated steps to manage them.
-
Utilize a common security framework to cover key functions such as billing, payroll, HR, executive functions, and intellectual property
-
Maintain policies and procedures to cover common scenarios with each function
-
Understand the regulatory regimes under which you manage these functions
-
Assess the risks that you’re exposed to
-
Create an action plan to treat any residual risks
-
Ensure that the people, systems, and processes have appropriate security controls applied to protect them
-
Ensure compliance when employees are working from unfamiliar surroundings
-
Ensure that outstanding risks are understood and can be communicated to appropriate senior executive stakeholders
What is your company’s current state?
Operational security is all about building institutional muscle memory and making policies and processes scale with the organization. It is important to have the people and capabilities to identify, protect, detect, respond, and indeed recover the organization in the case of critical events.
-
Understand your users’ and systems’ “normal” behavior
-
Ensure data is secured in transit and at rest
-
Incorporate Multi Factor Authentication (MFA) wherever possible
-
Segment your network to reduce potential for contagion
-
Assess your external posture and the attack surfaces it presents regularly
-
Plan and train for business continuity failures
-
Ensure that the work force, work place, work flow,
and work load have appropriate security controls applied
to protect them
-
Ensure compliance when employees are working from unfamiliar surroundings
-
Ensure that new risks are understood and can be communicated to appropriate senior executive stakeholders
Security Operations Cont.
What is your company’s current state?
Remote Network Access (RNA)
There are multiple factors that influence any given RNA VPN solution’s readiness.
It is imperative to ensure that RNA service continues to meet functional and organizational requirements. Well-designed scalable solutions provide the best experience while increasing productivity and reducing infrastructure costs.
-
Flexible service scalability to meet business agility requirements
-
Increased business agility
-
Great end-user experience
-
Increased workforce productivity
Increase VPN Remote Access capacity and manage security vulnerabilities with your Cisco Customer Experience team with the CX Offer for Secure Remote Workers.
If you need to expand quickly, or reconfigure your facilities to address new rules around social distancing and to keep people safe, Cisco CX can help.
CX Offer for Pop-up Sites allows you to set up a hospital, clinic, office and classroom space swiftly and securely.
CX Offer for Business Resiliency Strategy and Roadmap can help accelerate your customized strategy based on prioritized use cases.
-
Centralize zero-touch management and service assurance over the Internet
-
Baseline platform resource utilization
-
Monitor central and remote systems resources
-
Prioritize network traffic for critical/latency-sensitive applications. Divert local Internet traffic, by offloading “trusted” Internet traffic
-
Engineer central clusters balancing, business requirements, costs, and cluster fail tolerance
Remote Network Access (RNA)
What is your company’s current state?
Collaboration consists of a collection of tools and applications that rely on the previous categories to be effective. An identified risk in any of the previous sections corresponds to a risk within the collaboration environment.
-
Identify all adjacent architectures and align functionality against success criteria (network, security, etc.)
-
Identify and account for all external collaboration
scenarios and baseline them against compliance and regulatory requirements
-
Facilitate and centralize targeted training sessions for remote work policy and procedures
-
Incorporate Single Sign On for authentication
-
Incorporated holistic plan that incorporates people, process, and technology
-
Decoupled workplace and task fulfillment
-
Connected and empowered workforce
Collaboration Solution Cont.
What is your company’s current state?