The concept of business continuity is based on the identification of all business functions within an organisation, and the assignment of a level of importance to each business function. Business continuity planning ensures that all personnel in an organisation understand which business functions are the most important to the business. These activities may include many daily chores such as project management, system backups, change control and help desk.
However, business continuity is not something implemented at the time of a disaster; it requires planning and should include all activities that need to be performed daily to maintain service, consistency, and recoverability.
Today more than ever, government agencies and enterprise businesses of all sizes are dependent on a variety of applications and resources to access, store and process critical information for their business functions.
Despite its importance, business continuity planning has not often been deemed a high priority. Instead, an alarmingly large number of companies have been "assuming” that their existing systems will be adequate for emergency situations. This lack of preparedness is unwise for all, and it is definitely not an option for government departments and agencies.
A key component for helping government agencies plan for potential emergencies is taking continuity planning seriously and adopting a proactive approach. Planning for a range of scenarios ahead of time with clear processes and responsibilities is essential to ensuring that the needs of citizens will be met. Once disaster strikes, an organisation’s ability to respond quickly and effectively may be critical in protecting its staff, citizens, and reputation.
Planning for a disruption to business services from typical network outages and server crashes is a full-time job by itself. When preparing contingency plans for a major disaster or emergency, the planning effort is magnified tenfold, and network managers are presented with these unique challenges:
Maintaining productivity by enabling access to applications and information from anywhere at any time and on any device. Security threats from today’s global Internet community are constantly challenging companies and organisations. Added to these challenges are environmental threats of pandemic or catastrophic events that can bring a business to a halt.
Business continuity relies on a company having the ability to maintain its productivity, services, and partnerships in the event of a disaster or pandemic. This makes a compelling case for the wider adoption of remote access, as employees are quarantined or required to work from home for an extended period of time.
Sustaining partnerships with real-time access to applications and services while knowing that your resources are secured and protected. VPNs effectively address the requirements for cost-effective, fixed, site-to-site network connectivity; however, they were, in many ways, still too expensive for mobile users, while for business partners or customers, they were extremely difficult to deploy. It is in this environment that SSL VPNs were introduced, providing remote/mobile users, business partners, and customers an easy, secure way of accessing corporate resources through the Internet without the need to pre-install a client. See also separate box.
Continuing to deliver exceptional service to customers and partners with online collaboration. If a pandemic disaster forces social distance between people, multiple means of conferencing will be required to help facilitate collaboration. Employees and partners will be looking for real-time applications that will help them function as if they were sitting in their offices. In addition, help desk staff and customer service representatives will need to provide remote assistance to users and customers by remotely controlling their PCs without requiring the user to install any software.
Balancing risk and scalability with cost and ease of deployment. Network managers of government agencies and departments are constantly balancing between ease of deployment and high levels of security with their remote access solutions. These network managers are also faced with the challenge of preparing for possible disasters or epidemics, and the attendant remote users, with a cost-effective and scalable solution.
Issues with remote access
Remote access is a critical component of any business continuity plan. Remote or isolated emergency workers will need to continue their critical roles during times of emergency, and have secure and reliable access to an organisation’s key information databases and application servers.
Although the benefits and importance of remote access are clear, government departments and agencies have experienced problems with providing remote access solutions that, until now, have typically been based on IPsec technology.
IPsec solutions have resulted in end user frustration from only being able to access resources from a device with client software, and from the high deployment and support costs associated with maintaining that software. The security concern has proven particularly vexing given the increasing sophistication and frequency of cyber attacks against information systems.
These issues have contributed to a status quo regarding remote access in the government that is now beginning to change in earnest. Many of the government agencies that have already implemented client-based IPsec VPN technology for teleworkers are experiencing a multitude of problems with their current solution: