read

How Are CEOs Responding To The Coronavirus Impact?

By Steven Freidkin | March 19, 2020
Steven Freidkin is the founder and CEO of Ntiva, Inc., a Managed IT Services company that provides a full suite of technology services to businesses across the U.S., including IT consulting, cybersecurity services, cloud hosting and more.
ntiva

As the coronavirus pandemic continues to escalate, CEO’s are quickly coming to grips with the fact that business will be anything but normal for the next few quarters.

According to a global survey released on Tuesday from the Young President’s Organization (YPO) 82% of business leaders expect declines in revenue over the next six months. Note that the survey was done March 10-13, 2020 - just ahead of increased restrictions and closures.

Although no one can fully predict the extent of this disruption, there is high likelihood of substantial revenue decline for many businesses. While everyone is at risk, smaller businesses with tighter cash flow are likely to be hit much harder.

As a CEO or business owner, it’s critical to be out in front of this with an aggressive plan of possible actions based on how different scenarios might unfold. Waiting and watching is the absolute worst thing you can do.

Taking Bold Action – Now Rather Than Later

One of the first steps we took at Ntiva, an MSP who offers IT support in Washington DC and other locations,  is to appoint a senior team that is focused on all aspects of the crisis. This requires daily meetings and an agile approach to making both short- and long-term decisions, as new information arrives daily.

Clearly the #1 priority for everyone is the health and safety of employees and clients, which will include your remote working strategy.

But it’s equally important to sit down and take a look at the possible impact to your business. A plan should be drawn up for stabilizing operations, defending against revenue declines, and in general building contingency plans for all aspects of the business.

As an example, we have accelerated our cash flow forecast, building out a data model based on the expectation that many of our clients might be slower with payments. We also have started to include ACH and credit card payment options with our billings to help stabilize cash flow.

It’s far better to prepare for the worst and be thankful it doesn’t happen, vs. a “wait and see” approach.

If possible, you should work on tapping into extra cash via line of credit or other mechanisms, making sure you have cash so that you can meet your financial obligations. Other considerations might include delaying bonuses or even reducing pay checks in a “share the pain” model to prevent layoffs.

Conserving cash is important. Whether you need to freeze hiring, cancel training, or postpone major investments, now is the time to do it.

Communication is Key

Frequent and transparent communication both internally and externally is crucial. It’s up to leadership to be the model of calm for employees and customers, and far better to over-communicate with full transparency than to remain quiet.

We are currently using video collaboration tools (Microsoft Teams and Zoom) for our mandatory daily team huddles, which not only includes senior management meetings but also all of our downstream teams.

As CEO, I provide a daily update to the entire company over email each morning, and we have a small team dedicated to pushing out weekly updates to clients, over both email and social media channels.

Building trust, opening up lines of communication and sharing information with clients is especially crucial during this time, including proactively communicating any potential impacts or delays.

Currently, a good deal of my day is spent speaking directly with clients and employees, as emotions are running extremely high on all sides.

Adjusting to the New Way of Working

One of the major impacts that we are all experiencing is the disruption to the way business is being conducted. The necessity of remote communications was thrust upon many with very short notice, sending businesses scrambling to ensure they had the right technology in place.

As an IT services and consulting company that provides critical technology support to hundreds of businesses, we’ve always had a business continuity plan in place to prepare for this type of scenario. We’ve been fortunate that all has worked as planned, but even we have had to make spur of the moment adjustments to handle the dramatic increase of technology support requests.

Many of the businesses we support felt they were prepared for remote working. However, it turns out having a couple of employees work the odd day from home is vastly different from having the entire office work remotely – with very short notice.

Companies that are 100% cloud-based tend to have fewer issues than those that still need to access on-premises servers, which require VPN or RDS technologies for security reasons.

However, there are still many short-term challenges that our clients are running into, from slow home networks to lack of hardware, not to mention simply learning a new way of working and communicating.

Responding to Coronavirus IT Security

Security Concerns for Remote Workers

As droves of Americans start to work from home, hackers are taking notice. Experts have already warned us over the past few weeks that a new wave of cyber-attacks have started, aimed at workers outside of relatively secure office environments.

Larger organizations may have established work-from-home practices and infrastructure already set up, but smaller businesses likely had to make an abrupt transition as mentioned above. There are some cases where small, overburdened IT teams have had to open up gaps in their corporate network, simply to accommodate remote work.

Additionally, what is called the “attack surface” has dramatically increased, meaning tons of new devices such as personal laptops and tablets are suddenly in the same network, all of which are completely outside of the control of the corporate IT team.

Even for those organizations who have a VPN set up, all those extra devices may inadvertently be given access to the organization’s data center. It’s fine line between limiting employee activity and empowering workers to do their jobs remotely.

Action Items for Improving Remote Security

Make sure that your VPN, network infrastructure devices and end-user devices are all updated with the latest software patches and security configurations. Ideally, employees already have work-provided and secure laptops, that can only access the corporate network via encrypted and authenticated access, using corporate credentials and multi-factor authentication.

You also need to be extremely vigilant on suspicious emails. There has been a surge of phishing emails that are taking advantage of users who are likely to click on links to COVID-19 updates and news, and then downloading computer viruses such as ransomware.

 I’ll summarize the basics with the “3 P’s” initially provided by the Cyber Readiness Institute.

  • Passwords. Make sure home routers are password protected and enable multi-factor authentication wherever possible for all applications - including cloud apps and services.
  • Patches. If you don’t have an IT Service Provider doing this for you, make sure all of your operating system security patches are up-to-date. Make sure that employee devices have their operating systems set to automatically update – and that they accept the updates immediately.
  • Phishing. You can expect an increase in online scams, social engineering and phishing attempts. Remind employees to always “mouse over” the email sender’s name to ensure the sender’s true origin and take a careful look at the actual email address. Do NOT click on any unknown or suspicious links or attachments, even from internal colleagues. When in doubt – pick up the phone.

In conclusion, we are all in this together and are dealing with challenges as best we can on a daily basis. There is no question that this crisis is going to change the business landscape both short term and in the long run.

It will be an interesting journey to see how we adapt and the potential positive changes that might arise from this shift in how we conduct business today.

 “Leadership is not a position or a title, it is action and example.”–Donald McGannon

 

Tags: Cybersecurity, Cloud IT