The Noggin Blog

In the midst of the COVID-19 crisis, business continuity plans (BCPs), processes, and programs have never been in greater demand. But we’ve been here before.

Both the 11 September 2001 terror attacks and late 2000’s financial crisis spurred similar upticks in the popularity of business continuity management systems (BCMS). And yet, by the time COVID-19 came along, an alarming number of companies were unprepared.

Why didn’t business continuity management take off before; and how can you build a sustainable program today?

Ensuring compliance with regulatory requirements is critical to your client’s business. But crisis and business continuity planning – often mandated by law – shouldn’t be a box-ticking exercise. Unfortunately, too many of your clients fall into the trap. What risks do they face treating crisis preparedness as a compliance-first practice? 

First things first: regulatory mandates following crises are ubiquitous – that’s been the case far before the onset of the COVID-19 crisis. In the U.S., for instance, employers with more than ten workers must have written emergency action plans that specify what workers and others at the workplace should do in the event of an emergency.

Even before the COVID-19 crisis struck, the consensus was that protective security technologies still had a long way to go to ensure maximal security, in a timely manner, for people and physical assets.

The reason? Hardware-intensive physical security management equipment had proven unable to keep up with the physical security threat as it had evolved.

Now, that threat is even more mobile, rendering traditional equipment even less effective. Why?

Mere days into the hurricane season, the Atlantic basin is already experiencing its third named storm. Meanwhile, China, faced with flooding in its south and east, is upping flood defense emergency response to level III. Western Australia, for its part, is less than a month removed from a “once-in-a-decade storm,” so dubbed by the state’s acting commissioner of Fire and Emergency Services.

For many organizations whose physical operations were forced to close due to COVID-19-induced lockdowns, reopening day is coming soon. Indeed, employers are busy planning for a safe reopening as the day approaches.

While planning matters, it’s the quality of those plans that will determine whether a safe reopening is possible. And as it turns out, too many organizations follow one-size-fits-all strategies that can actually compromise the safety of returning employees, imperiling business recovery from the crisis. How, exactly?

The scale of the COVID-19 disruption to what had long been normal working arrangements has been unprecedented. Take remote work: an early April 2020 MIT survey revealed that nearly a third of all workers in the U.S. who had been employed the month before were working from home, up from five percent in 2017.

We’re proud to announce that our Noggin 2.0 integrated safety and security platform is now available in the AWS Canada Region, in addition to other generally available Noggin 2.0 zones around the world. Launched in December 2016, the Canada Region enables AWS customers in Canada to store data locally and address regional data compliance requirements.

At the outbreak of the COVID-19 crisis, more than 70 percent of employers admitted not having a pandemic plan in place. That glaring lack of planning suggests that your clients might not be as prepared as they think to resume normal working operations, now that the conversation has shifted to business recovery.

For many organizations, COVID-19 has meant a halt to on-premise operations and the introduction of broad work-from-home policies.

Sure, that pivot has been key to business survival. But it does carry serious risk, including a greater opportunity for physical security incidents from less oversight. How to mitigate that risk with a remote, fragmented staff? Best-practice security standard, ISO 27001 offers some clues.

On the heels of a successful audit of its Noggin 2.0 platform under the Information Security Registered Assessors Program (IRAP), the integrated safety and security management technology provider passes another stringent security audit, designed to protect the confidentiality, availability, and integrity of information.