The COVID-19 pandemic has forced organizations to review their Digital Transformation Plans and, in particular, the Work from Home Business Continuity Plan (BCP/WFH). In this process, infrastructure capacity and remote access functionalities are top priority. Sending home an entire corporation’s workforce requires immediate analysis of the infrastructure capacity for remote access service. Less obvious, however, is that the organization’s business risks will increase with the expansion of the corporation attack surface, extended by multiple remote workers.
Remote access affects two main corporate user groups: contractors, working on site or remote, and regular employees working typically on site and eventually remotely. The first group generally have a well-defined limited access, framed by their service contract and imposed by rigorous IT security policies and infrastructure. The corporate employee group works mainly from the office, where a less restrictive security policy is often allowed. Employee remote access is thus limited in infrastructure and time usage, which is perceived as “limited” or “controlled” risk. The Work from Home Business Continuity Plan remains a business risk mitigation measure, and the Security Team should take part in the plan review exercise.
This assessment offers the first step in actively keeping your business running securely while keeping employees and customers safe. Through a series of discovery questions, IT and security roles can determine the current state of your organization and how you can achieve full functioning by incorporating best practices identified by Cisco® Trusted experts.
As you discover your level of readiness and where your areas of risk are, you can identify what you can do first, and learn how to improve your readiness for the future. Cisco IT offers best practices across processes and technologies for business continuity to enable remote work with effective, secure, and collaborative solutions.
As we transition to the next phases of the pandemic, your business is being redefined by the changes of today and the uncertainties of tomorrow. These factors have accelerated the digital transformation trends that were already in motion. Cisco provides ways to connect your people, secure your business and automate processes in the evolving distributed work-model with a set of offerings to help you re-imagine and redesign your workforce and workplaces.
Remote Workforce Requirement for Effective Business Continuity
COVID-19, Employee Health, Legal Requirements
Employees, Contractors, Partners, Customers, Infrastructure
Organization, Security, Remote VPN, Collaboration tools
Effective change starts by establishing a clear and Realistic Vision aligned with the company business goals
In the current environment external forces drive your Organization’s Incentive for Change
Comprehensive change plan that will affect the entire Organization Ecosystem
Action plans based on Best Practices and expert guidance, will lead to Predictable Outcomes
Your Corporate Business Continuity Plan includes multiple aspects beyond simply the IT domain. These various dimensions are even more important as your organization is in the middle of a digital transformation. When planning for Work from Home Business Continuity, four aspects are essential to review: organizational readiness, approach to security, remote access infrastructure, and collaboration solutions.
Prepare Your Organization for Change: Successful change requires properly communicating the vision and action plan, plus having the right skills, motivation, and resources
Review your IT organization readiness
Review your processes, policies, and compliance readiness regarding remote workers
Review critical assets and endpoints protection readiness
Review your remote access capacity and redundancy
Increased productivity
Managed cost control
Effective employee retention and engagement
Organizational governance is a key consideration in assessing your readiness to effectively extend your targeted toolsets and capabilities to a work-from- home environment.
Define a continuity plan for historically on-premise activities
Baseline core safety guidelines for work-from-home environment (health and IP)
Facilitate and capture productivity metrics independent of work location
Extend corporate culture by including remote activities and data capture
Extended productivity environments
Safe and “ready” for business workplaces
Remote worker visibility
Connected workforce
Pop up sites
Virtual Visitation
Secure Remote Worker
Cisco DNA Spaces
Webex Contact centre
Virtual education
Business Resiliency Strategy and Roadmap
Getting security right is all about the holistic consideration of the people, technologies, and processes that make up your business. To move forward, you must understanding inherent risks and take calculated steps to manage them.
Utilize a common security framework to cover key functions such as billing, payroll, HR, executive functions, and intellectual property
Maintain policies and procedures to cover common scenarios with each function
Understand the regulatory regimes under which you manage these functions
Assess the risks that you’re exposed to
Create an action plan to treat any residual risks
Ensure that the people, systems, and processes have appropriate security controls applied to protect them
Ensure compliance when employees are working from unfamiliar surroundings
Ensure that outstanding risks are understood and can be communicated to appropriate senior executive stakeholders
Security Advisory
Business Resiliency Architecture Advisory Service
Operational security is all about building institutional muscle memory and making policies and processes scale with the organization. It is important to have the people and capabilities to identify, protect, detect, respond, and indeed recover the organization in the case of critical events.
Understand your users’ and systems’ “normal” behavior
Ensure data is secured in transit and at rest
Incorporate Multi Factor Authentication (MFA) wherever possible
Segment your network to reduce potential for contagion
Assess your external posture and the attack surfaces it presents regularly
Plan and train for business continuity failures
Ensure that the work force, work place, work flow, and work load have appropriate security controls applied to protect them
Ensure that new risks are understood and can be communicated to appropriate senior executive stakeholders
Managed Security Services
There are multiple factors that influence any given RNA VPN solution’s readiness. It is imperative to ensure that RNA service continues to meet functional and organizational requirements. Well-designed scalable solutions provide the best experience while increasing productivity and reducing infrastructure costs.
Flexible service scalability to meet business agility requirements
Increased business agility
Great end-user experience
Increased workforce productivity
Increase VPN Remote Access capacity and manage security vulnerabilities with your Cisco Customer Experience team with the CX Offer for Secure Remote Workers. If you need to expand quickly, or reconfigure your facilities to address new rules around social distancing and to keep people safe, Cisco CX can help. CX Offer for Pop-up Sites allows you to set up a hospital, clinic, office and classroom space swiftly and securely. CX Offer for Business Resiliency Strategy and Roadmap can help accelerate your customized strategy based on prioritized use cases.
Centralize zero-touch management and service assurance over the Internet
Baseline platform resource utilization
Monitor central and remote systems resources
Prioritize network traffic for critical/latency-sensitive applications. Divert local Internet traffic, by offloading “trusted” Internet traffic
Engineer central clusters balancing, business requirements, costs, and cluster fail tolerance
Collaboration consists of a collection of tools and applications that rely on the previous categories to be effective. An identified risk in any of the previous sections corresponds to a risk within the collaboration environment.
Identify all adjacent architectures and align functionality against success criteria (network, security, etc.)
Identify and account for all external collaboration scenarios and baseline them against compliance and regulatory requirements
Facilitate and centralize targeted training sessions for remote work policy and procedures
Incorporate Single Sign On for authentication
Incorporated holistic plan that incorporates people, process, and technology
Decoupled workplace and task fulfillment
Connected and empowered workforce
