As we saw from the recent major connectivity outage that affected Facebook, Instagram and WhatsApp, IT incidents are a significant challenge to today’s businesses. When it comes to managing them, there are often multiple fires to put out and minimal time to do so.
While remedying the technical issue itself is paramount, you’re also tasked with simultaneously reassuring your stakeholders, preventing panic and protecting your organization’s reputation. An effective communications strategy is your most formidable tool to tackle this multi-tiered goal.
Here are five key steps to ensure you can rally your IT professionals promptly to staunch the flames, while keeping everyone from getting burned:
1. Determine your trigger criteria.
What are the circumstances, actions and occurrences that will trigger an IT incident alert?
Differentiate between those that are intentional (i.e., cybercrime) versus those that are accidental (power outages, wide scale system glitches and overloaded servers).
To give yourself a big picture overview, it’s helpful to create a flowchart that maps the effects that stem from these various types of incidents, including who is affected by each and how. Review both your organization’s own history, as well as common threats that are specific to your industry.
Once you examine this matrix of cause and effect, you’ll be better prepared to take a proactive security approach.
2. Notify and escalate the issue to the right people.
Within your IT response team, which leaders will take ownership of resolving the various pieces of a given incident?
It’s important to delegate this in advance, as well as consider which key staff will work under them during the resolution process. Consider your organization’s schedule, including your hours of operation and staff shifts. Are you confident that people with the right skillsets will always be available, regardless of when an IT incident takes place?
Thorough coverage and accurate alerting are crucial parts of preventing smaller incidents from escalating and causing greater impairment.
3. Decide the contents of your stakeholder messages.
What does everyone need to know?
Aside from your responding IT team, there are a multitude of stakeholders who’ll be affected by an IT incident: Your organization’s non-IT employees, vendors in the supply chain, customers and investors.
A critical communications system allows you to craft specific messages for these groups according to how they’ll be impacted. The ability to create subgroups and send geo-targeted alerts ensures you’re only notifying impacted individuals (rather than raising unnecessary cause for alarm).
Your message should reflect that you’re endeavoring to minimize business disruption. In addition to informing them of the incident, determine if there are any instructions they need to follow while it’s being resolved. Be sure to convey them clearly, provide FAQs and give them a channel to direct any additional questions.
4. Utilize multiple modes of communication.
How will you notify everyone?
In order to resolve the incident as quickly as possible, your IT staff must be alerted immediately. Older systems such as pagers are no longer sufficient to keep up with the complexity of today’s communications needs.
By contrast, a mass notification system that integrates with your existing software and utilizes multiple channels including desktop notifications, voice calls, emails, texts and in-app push notifications means your message will get their attention.
The same goes for your stakeholders. The last thing you want is for customers and investors to hear about an incident on the news before you’ve had the opportunity to reassure them that it’s being resolved.
With the right critical communications system you’ll also be able to see who received your messages, which is helpful when it comes to legal compliance.
5. Provide regular updates.
When will everything be back to normal?
Expect all stakeholders to be anxious for this answer. Keep everyone in the loop during the resolution process. IT incidents can be stressful, so make sure your critical communications system is easy to use. A simple send process reduces the anxiety for your IT team.
Give estimates of when people can expect the issue to be resolved and be upfront when setbacks occur. This is another important part of protecting your organization’s public image. Transparency is key to fostering trust.
Internal updates are also important for your responding IT teams. There may be multiple staff working on different aspects of the incident. Ensure they all stay apprised of each other’s progress. It’s vital to coordinate their efforts via an accurate alerting system that keeps everyone focused and on-task.