IT BEST PRACTICES

Subscribe to
IT Best Practices.

STAY CONNECTED

    SANS Policy Templates: Pandemic and Business Continuity Policy

    The SANS Institute has published several information security policy templates describing best data security practices in template format. This largely means that you can ‘fill in the blanks’ when developing a security policy (although some modification will be in order for your specific circumstances). In this post we’ll look at the SANS template for a pandemic response and business continuity policy.

    As a pandemic is different from a disaster, so is the planning which goes into mitigating the effects of a pandemic different from normal disaster recovery planning. The primary difference is in terms of scope, but that does not mean that a pandemic response plan is merely an economy-sized disaster plan. Once you accept the difference in scope, underlying assumptions and questions arise which would not necessarily be considered in normal disaster planning.

    For the purpose of pandemic planning and response, a pandemic may be defined as a large-scale illness or disease related event. Large-scale may mean a geographic area larger than that which may be affected by a tornado or hurricane; illness or disease-related may be understood to be some event along the lines of the 1918 flu epidemic. The implications to business continuity are significantly different in such a circumstance than they would be if, for example, a local power plant went offline.

    Policy specifics which attend to planning for a pandemic include identifying key roles in your company. This is different from identifying key people; a pandemic scenario does not assume that specific individuals will be available. Likewise, fallback employees in the event of localized disaster may be concerned with personal or family issues arising from a pandemic and may not be ideal selections in such a case. A complete if scaled-down pandemic leadership team needs to be selected based on a key-role triage.

    How employees will be paid, and if they can work from home in the event of travel restrictions need to be considered, including whether there are systems in place to allow for this (for example, available internet bandwidth). Emergency policies (ideally scalable depending on pandemic severity) may replace normal operating policies and permit working from home, using own devices or equipment, and permitting employees to bring children to work. None of these policies are fixed nor appropriate for every company, but they are questions which every company should consider during plan development.

    Compliance and monitoring regarding such a plan concerns making sure that the policy is kept up to date and, to the degree reasonable, practiced and tested on a smaller scale.

    For more information on how Global IP Networks can be a valuable part of your business continuity plan, please contact us.

    SANS Policy Templates: Pandemic and Business Continuity Policy

    The SANS Institute has published several information security policy templates describing best data security practices in template format. This largely means that you can ‘fill in the blanks’ when developing a security policy (although some modification will be in order for your specific circumstances). In this post we’ll look at the SANS template for a pandemic response and business continuity policy.

    As a pandemic is different from a disaster, so is the planning which goes into mitigating the effects of a pandemic different from normal disaster recovery planning. The primary difference is in terms of scope, but that does not mean that a pandemic response plan is merely an economy-sized disaster plan. Once you accept the difference in scope, underlying assumptions and questions arise which would not necessarily be considered in normal disaster planning.

    For the purpose of pandemic planning and response, a pandemic may be defined as a large-scale illness or disease related event. Large-scale may mean a geographic area larger than that which may be affected by a tornado or hurricane; illness or disease-related may be understood to be some event along the lines of the 1918 flu epidemic. The implications to business continuity are significantly different in such a circumstance than they would be if, for example, a local power plant went offline.

    Policy specifics which attend to planning for a pandemic include identifying key roles in your company. This is different from identifying key people; a pandemic scenario does not assume that specific individuals will be available. Likewise, fallback employees in the event of localized disaster may be concerned with personal or family issues arising from a pandemic and may not be ideal selections in such a case. A complete if scaled-down pandemic leadership team needs to be selected based on a key-role triage.

    How employees will be paid, and if they can work from home in the event of travel restrictions need to be considered, including whether there are systems in place to allow for this (for example, available internet bandwidth). Emergency policies (ideally scalable depending on pandemic severity) may replace normal operating policies and permit working from home, using own devices or equipment, and permitting employees to bring children to work. None of these policies are fixed nor appropriate for every company, but they are questions which every company should consider during plan development.

    Compliance and monitoring regarding such a plan concerns making sure that the policy is kept up to date and, to the degree reasonable, practiced and tested on a smaller scale.

    For more information on how Global IP Networks can be a valuable part of your business continuity plan, please contact us.

    Subscribe to
    IT Best Practices.

    STAY CONNECTED

      ALL ARTICLES

      Cloud Services

      Component Highlight: Veeam Data Protection and Backup

      READ MORE
      Cloud Services

      Meet the team – A word (or two) from our CEO, Reyner Natahamidjaja

      READ MORE
      Cloud Services

      Why you need a full cloud platform, and the pitfalls of going piecemeal

      READ MORE
      Cloud Services

      Component Highlight: IBM Flash Storage

      READ MORE
      Cloud Services

      Can You Trust Your Old Data with Hyperscale Providers?

      READ MORE
      Cloud Services

      Increasing Data Integrity & Security through multi-site replication with CloudKey

      READ MORE
      Cloud Services

      The Dissolution of AWS and their Cloud Monopoly

      READ MORE
      Cloud Services

      Meet the team – The Insights of Chris Martin

      READ MORE
      Cloud Services

      Component Highlight: Palo Alto Firewalls and Edge Security Services

      READ MORE
      Cloud Services

      How the right cloud platform can reduce your RTO and RPO

      READ MORE

      You Have The Momentum. We Help Keep It Going.

      At Global IP Networks, our mission is to keep your net working. Our team of dedicated, certified IT experts is 100% committed to your success. For over 20 years, we’ve relentlessly helped companies like yours tackle their IT challenges to maximize the security, uptime and performance of their networks.

      That’s tenacity. That’s Global IP Networks.

      wLearn More