tssci security

Pandemic Influenza, Business Continuity Planning and You

Today Congress will ask the President for an update on National Strategy for Pandemic Influenza. This reminded me of an article I read in the December 2006 issue (pp 36-43) of Information Security Magazine. One of the feature stories, Don't Wait for Disaster, looks at what some security managers are doing to address the risk of an avian flu pandemic. A nation or even worldwide pandemic poses a risk to some organization's ability to operate, and one many of us overlook when creating a business continuity plan.

"You have to start planning," Klahn says. "Everything I've read from the Centers for Disease Control (CDC) and the World Health Organization (WHO) characterizes it as a real threat." The warnings from experts about the possibility of an avian flu pandemic are certainly ominous. According to WHO, the H5N1 virus--a strain of avian influenza--has "considerable" pandemic potential. If the virus becomes fully transmissible between humans, it will spread throughout the world in three months, the organization believes.

There are ways organizations are planning for such pandemics, but their solutions may introduce new problems on larger scales. Having employees telecommute via VPN can raise support costs for IT, who may need to improve current VPN capabilities, increase bandwidth and address privacy, security and regulatory concerns. How will paper processes be handled? And how about critical functions that need to be performed onsite?

...companies need to plan for how they'll take care of employees who must come into the facility to perform critical functions...

The article also raises economic issues a pandemic may present, such as food and other critical infrastructure. The study recognizes a possibility for increased demand in online shopping and home delivery; how will distributors get food to grocery stores and then to people?

If anyone has been involved in creating/maintaining a business continuity plan, what are your thoughts on this? Has your organization addressed the risk of a pandemic? Does your organization even have the resources or ability to even function in case of an outbreak?

Posted by Marcin on Thursday, January 11, 2007 in Security.

blog comments powered by Disqus
blog comments powered by Disqus