Resolution: Learn from the Past 

by | Feb 2, 2021 | Security

2020 was certainly an unusual year for everyone. Many of us have resolved to learn from the past. As with any disaster (let’s face it, 2020 was a disaster) one of the recommended actions for an Incident Response Plan (IRP) and/or Disaster Recovery Business Continuity Plan (DR/BCP) is a Lessons Learned session and documentationBefore we get to Lessons Learned, let’s review the people, process and technology. 

Remote workforce 
The People 

Let’s face it – everyone is not cutout to be a remote worker and some organizations cannot perform their core business functions remotely. Some people are self-motivated and easily made the transition from the hustle and bustle of the office to the solitude of a home office with an increase in their productivity while others already worked from home some of the time and had the technology to support remote workThere are people that are in situations that are much more complex: people that struggle with the lack of human contact, folks without an appropriate home workspace, a houseful of others trying to work or remote learn. And throughout all of this, the IT team has been working to provide secure remote access and support a remote workforce. 

The Process 

Depending on your industry, some work must be performed on-site while other work can be performed remotely. Each organization has its own unique processes – there is no standard playbook 

Organizations that have reviewed their processes regularly and formally documented Disaster Recovery/Business Continuity Plans and Incident Response Policies have playbooks to assist in the process of responding to this pandemic as well as other disasters and incidents. For organizations that had no documented plans or policies, the impact to IT in 2020 was more challenging. 

The Technology 

Information Technology Requirements: IT, IS and Operations departments that were not accustomed to supporting large numbers of remote workers were heavily taxed. Infrastructure teams that are accustomed to working in a waterfall project process quickly became Agile as they increased VPN capacity and associated licensing, increased bandwidth, many purchased as many laptopsheadsets and webcams as they could get their hands on, segregated workspaces for on-site workers and implemented solutions such as Microsoft Direct Access, Microsoft Teams and Zoom. If you would like to learn more about the Microsoft solutions, please contact us. 

Back to the beginning – IRP, DR/BCP 
  • Do you have an Incident Response Plan? 
  • No – please contact us, we can help you draft one. 
  • Yes – it is time to update your plan. 
  • Modify the pandemic section from the old school idea of a large flu outbreak to the reality of COVID19 lockdowns and add lessons learned 
  • Do you have a Disaster Recovery/Business Continuity Plan? 
  • No – please contact us, we can help you draft one. 
  • Yes – it is time to review the effectiveness of your plan and add lessons learned. 
What are Lessons Learned?  

Lessons Learned sessions are recommended to document the good and bad from an incident or disaster. Lessons Learned should identify the gap between expected business process and actual performance of business continuity and/or incident response process. 

A session is recommended and should include stakeholders from various business units, not just IT. A moderator and note taker should be identified. Below is a sample Lessons Learned Agenda: 

  • What did we learn? 
  • Not just corrective actions 
  • Keep in mind: People, process and technology 
  • How can we improve? 
  • What are the strengths and weaknesses identified during the response and recovery? 
  • Did the plan include adequate instruction? 
  • If not document how to expand and who is responsible for the draft
  • Were the right people involved and were they responsive in a timely manner? 

Good Lessons Learned will document the expected outcome, the actual outcome and the gap. The goal for documentation of lessons learned is to track the outcome and provide continuous improvement. For most events these goals would also include enough information for root cause analysis. 

On a personal note – mwork experience in 2020: 

Because I work for a technology company that normally has 75% or more of the workforce at locations outside of the office, my IT team already was prepared to support remote workers and we made that transition without a hitch. I have had the ability to work remotely in some fashion or another for 25+ years, so I feel that I was fortunate in 2020: I already have a home office, no commute, no office banter to distract me from my tasks at hand and I have a furry (currently napping) security system that will bark the moment any delivery arrives. 

Some of my prior work from home experience includes:  

  • Communication plan: Let your house mates, spouse, kids know that you are “at work” 
  • Make a dedicated workspace and ensure your space is ergonomically correct: invest in a good chair or fashion a standup desk from existing furniture 
  • “Get ready for work” – keep the same daily hygiene habits for working in the office i.e. I keep the same shower, hair etc. routine whether I’m working at home, going to the office or visiting a client. This helps me “get ready for work”.  
  • Wardrobe: I do not work in pajamas – I require the above “get ready for work routine 

On a lighter note, in 2020 I had a new lesson learned: I learned that some delivery drivers won’t venture down my driveway if it is not cleared of snowConsequently the goal of the dog food delivery can only be obtained if the snow is removed, therefore snow removal had to remain on the chore list even though the car will remain in the garage. 

For help with your Incident Response Plan (IRP) and/or Disaster Recovery Business Continuity Plan (DR/BCP), contact us at