The first step to prepare involved drawing up a list of possible risks.
"We were expecting that there will be no internet in all of Ukraine, so that our infrastructure and cellular towers will be damaged and we couldn't operate because of no internet connectivity," said Tkachenko. "The next risk we saw was about the physical occupation of our offices by invaders, so it won't be possible to enter our offices."
Then there was the risk of attacks on company services. "Modern war, it's not only about military stuff, it's also about cyber war," said Tkachenko. "And as for today, we have, like, the biggest cyber war happening in the world."
The MacPaw team identified other risks: the increased phishing attacks on employees and on company social media accounts; unauthorized access from lost or captured devices; the disruption of the hardware supply chain; and the effect of sanctions and the consequences of operating from a war zone, such as the reluctance of suppliers to maintain relationships.
Tkachenko said MacPaw's 2022 War Outbreak IT Business Continuity Plan "was created in Google Spreadsheet, one of my favorite instruments as a manager." It describes service assets like Okta, Github, and AWS, emergency procedures for safeguarding the system, backup procedures, responsible team members, and so on.
"We had two procedures," she explained. "The main one and backup one, if the main one won't work. And the instructions were very simple, with the least directions we needed to follow to do something. And it's a great idea to keep it very simple. Because in times of emergency, you're getting very emotional. You can't do anything really complex so it's better to keep it simple."
The business also created an emergency team – two people representing each product or service who could fix any issue that came up or knew who to ask. These people, said Tkachenko, were asked to move somewhere safe or at least to western Ukraine, where the threat of invasion looked less imminent.
