Disaster Management Plan for Remote Access

TTelecommuting and mobile access can help enterprises cope with emergencies. When disaster strikes, key company locations may go offline or be physically inaccessible. Remote work capability will keep businesses running.

The moment that disaster strikes, whether a terrorist or military attack, earthquake or other dangerous event, marks only the beginning of disruptions that can last for weeks to years. Enterprises that rely on location-specific business operations can be severely disabled. Those that have implemented any kind of work-at-home or mobile work schemes stand the best chance to get their employees back to work as safely and quickly as possible. Those enterprises that have moved to virtual teaming as a primary work format will be ideally positioned, via remote access, to move quickly in the event of a disastrous interruption to operations. This Research Note lists steps for managing remote employees to help cope with the aftermath of a disaster.

What enterprises can do:

Enterprises must establish remote-access-aware disaster management teams (DMTs) to restart the business process and coordinate the employee population. More than one team will be required, ideally, one per region where the business has a major operating presence or employee population. The DMTs must be created as cross-functional teams, with representatives from Human Resources, Facilities, relevant business units and the IS organization.

The DMTs must have direct access to registry lists of employees per site, access to home addresses and contact numbers, and remote-access capabilities. These lists should be organized in chains so that all employees have a chance to be contacted in the event of disruption of normal business communications channels. These lists can also be used to verify casualties and missing persons.

DMTs must make determinations as to where people should report to work and if people should report to work. In an emergency, only those employees essential to the business at any point in time should be reporting to work, but not to physical locations that involve unnecessary travel. Physical work locations may be inaccessible due to transportation issues, biohazards or damage. Remote access may be unattainable or unreliable due to network service outages. Using the enterprise’s network management tools, DMTs should maintain an up-to-date inventory of which network services are functioning and which employees are in areas that are able to gain access. With this information, DMTs can direct employees to alternate remote work sites and set them up in virtual teams formed around critical business processes such as customer service and logistics. DMTs must monitor and coordinate all virtual teams during the emergency.

DMTs must create virtual business teams through remote access that in themselves are not vulnerable to failure. Each team leader needs a backup or understudy manager, who in an emergency should not be located at the same physical site or exposed to the same risks and resource constraints as the primary team leader.

As the pattern of the disaster becomes clear, the DMTs can request that essential employees volunteer to team up at each others’ homes, or at hotels or telework centers to create small workgroups, using broadband access, for example. DMTs should have access to a current inventory of the remote access capability of each employee (dial, cable, DSL, etc.) and access to lists of hotels and telework centers in every nearby city and region (see Note 1). Because most enterprises have invested in remote-access technologies for only a subset of their employees, every attempt must be made to avoid a flood of unnecessary VPN connections from the curious and the concerned. Where WLANs are available, setting up connections for these users will be easier to manage. However, WLANs should not be set up unless they are configured to be secure. WLAN access points should be connected directly to VPN gateways, and all WLAN users should be required to use a VPN and personal firewall.

Employees ranked as nonessential to emergency operations must be discouraged, perhaps even blocked and redirected, from logging into production systems in order to avoid communications congestion. DMTs must have a means to rank the relative importance of remote access to each workgroup and department, and to request that nonessential user IDs be blocked and redirected to a company information site.

DMTs must direct employees to monitor dial-up recorded messages and Web portals to obtain company information. A special secure stand-by Web site must be developed and activated as a virtual command center. The site can serve as an up-to-the-minute status-reporting medium, complete with names and contact information on accountable managers. The site can also point to external resources such as construction management firms, engineering, architects, office supply firms, communication firms and other third-party providers that have been preselected as part of the disaster recovery operations plan. Because employees need to retain their sense of community in an emergency, DMTs should set up private newsgroups and chat systems offloaded from the main e-mail systems.

DMTs must ensure that all corporate data centers, security and intrusion systems continue to function and are monitored for opportunistic attacks. Locations of application servers, backup servers and stored data, as well as the WAN services used to access them, must be revised based on the parameters of the disaster. New remote users lacking prior experience with the Internet must be reminded and warned of the absolute requirements to use personal firewalls, to not send company business over public mail systems, to not accept executable e-mail, and whatever other cautions are necessary to ensure the integrity of company information and systems. Ad hoc demands for VPNs to create dynamic groups of users can be made easier by supplementing the VPN architecture with software tools designed to support rapid reconfigurations, as offered by Yipes Communications, SmartPipes, IP Dynamics and OpenReach.

What employees can do:

Employees must know where they rank in the list of essential personnel in an emergency. They should use every means possible to check in with their company to confirm their current location and to verify their ability to assist. Employees should expect that their remote access must be prioritized because companies often do not have enough remote access bandwidth or services to accommodate everyone at once.

Employees with broadband access and home networks should volunteer to share their connection to set up a temporary workgroup location.

Employees should keep their access sessions as brief and focused as possible. They should connect when information needs to be exchanged, complete their transactions and log out as quickly as possible.

“Fat” bandwidth-hungry applications should not be run unless absolutely necessary. Thin-client front-end access should be used wherever possible. For example, if users have a choice between running Outlook 2000 or Outlook Web Access (OWA), they should choose OWA. Likewise, if an application can be accessed by Windows Terminal Services, Citrix or other thin-client front ends, choose the thin interfaces over a full application.

It is natural for employees to want to share their feelings about a disaster. Employees should avoid generating traffic on their company e-mail and Internet connections for chat and news. TV and radio are better choices. Employees should keep phones and the Internet open for essential traffic and for checking in on the company’s internal information portal.

Employees with wireless data access (for example, pagers, PDAs or phone SMS) can use these alternative portals for monitoring messages and workflow coordination. The limitations of the platforms restrict the amount of traffic generated from each message, but messages should still be restricted to an as-needed basis, because a large quantity of even short messages can congest wireless gateways.

Remote access affords enterprises an opportunity to operate anywhere, anytime. Conventional telecommuting and mobile access could leave workers in the same region and collectively subject to impacts of the disaster. However, remote access coordinated by a network of competent DMTs allows companies and their people to work from anywhere, and to move out of danger zones, forming global virtual teams, ultimately creating a level of resilience that will be greater than was originally planned for traditional telecommuting. Going forward, remote access is more than a nice-to-have workstyle: it will become a matter of business survival.

This research is part of a set of related research pieces. See AV-14-5238 for an overview.