Here are the top 5 critical areas for your business continuity planning today and in the new normal.
In 2020, we are all living through a world-changing event. Huge chunks of the workforce are on lockdown. Pretty much all of us, our colleagues, and our families are seriously affected in one way or another.
It is a unique, new, and unsettling situation that not many of us would have predicted or foreseen. I just wanted to share some of the issues we've encountered from an IT perspective, how this is different and new, and what we've been doing to help enable people to work again in this brave new world we're all in.
In most cases, the best practice for all service design and delivery is to build a platform that's got some sort of "disaster recovery" built into it – one that could be a live, highly-available platform and might well include multiple data centers in different locations. (As an aside, you would be surprised how many companies – banks included – have their redundant data centers within a stone's throw of each other).
You've probably talked about RTOs (recovery time objectives - how long you can cope with a service outage) and RPOs (recovery point objectives – how much data you're willing to lose, such as last night's backup). And it's one of the selling points of Software-as-a-Service platforms like Microsoft's Office 365, and even Infrastructure-as-a-Service platforms like Microsoft Azure, that they are hugely resilient and massively redundant – much more than we could build ourselves without it being financially unrealistic.
Some companies even go as far as building 'dark' end-user sites. I know financial trading arms of a few banks that had an entire site with a duplicate of their City of London “market maker” trader floors entirely replicated (including the desktop workstation PCs, multiple monitors and custom trading telephony platforms) in an empty building 40-50 miles outside London – just in case that site had a power issue or was out of action in some way.
But few of us had planned for a pandemic. Figures from recent surveys seem to suggest only 3 percent of businesses had planned for a pandemic incident.
If I read through the Business Continuity Institute's Horizon Scan Report 2019, I see that Disease Outbreak was in the low-impact, low-likelihood category, along with Political Violence/Civil Unrest and Higher Cost of Borrowing. The things everyone was planning for – Critical Infrastructure Failure, Cyberattacks and Data Breaches, Reputation Incidents, Natural Disasters, and IT and Telecom Outages, for example – were considered high-impact and higher likelihood. And in most cases, these were well covered in what I've talked about already.
When lockdown suddenly required all those employees who were able to work from home to do so, it brought a different and novel challenge to the IT provisions of many employers.
Companies that had the benefit of having adopted a progressive mobility strategy and a flexible workforce strategy were already in a better position here, especially with the growth of faster cellular speeds and home Wi-Fi connections. But even a few of those who would have considered themselves well prepared have been caught out in the rush to enable remote working.
Based on my experience, there are 5 key areas that can help your BCM planning today and in the new normal – remote access and VPN; automation; power users; secure remote desktop and VDI; and management of change.
Remote Access and VPN
In most cases when you have designed a remote access solution such as a VPN service, I would wager you definitely did not design it to enable every single employee who works for the business (whether they have a laptop or not) to connect in simultaneously. You probably did not even design it to enable all the employees who did have remote VPN-capable devices (such as corporate-built devices like laptops or corporate home-based desktops) to connect in at the same time, either. You would apply some capacity management theory to your inbound connections, similar to the way that call centers and dial-up ISPs use something called “Erlangs Calculation.” And you would probably come up with a rough figure that, say, 25% of your staff who could remote-access in (probably those with corporate laptops and the relevant VPN profile) would likely want to connect in at any one time.
So suddenly having hundreds or possibly thousands of end-users simultaneously connecting into your VPN environment, rather than just the 25% you'd planned for, has multiple complications. You may not have enough licenses or capacity on your VPN endpoint infrastructure – meaning that some users can't connect, or that the Internet link may not have enough capacity.
This also may affect the Internet access of those who are still on-premises, or the resilience of collaboration services hosted from your own data center, by effectively swamping the entire Internet connectivity for the business.
Even at HPE we're not immune to this problem. When the remaining 50% of our 60,000-plus employees who normally work in an office started working from home, our VPN endpoints became swamped, with the knock-on effect of making Skype for Business unreliable for some time. It required HPE IT to increase not only the bandwidth available on our Internet links but also the capacity available on our VPN concentrators.
Also, when an event has passed over and you are back to the new normal, you may end up paying for emergency capacity you didn’t need and are then not utilizing, so this is also a cost you may not want to bear.
Automation
But what about those people who can't work remotely?
IT cannot immediately help a factory worker who needs to be on the shop floor, or a production facility that needs manual intervention or specific skills in engineering. Many roles cannot currently be automated. However, where technologies such as Industrial IoT have assisted companies to automate and robotize their working environment, those organizations are mostly in a better position. The current situation that we find ourselves in could well be a catalyst to drive the growth of automation in factories and production lines, where possible.
Power Users
IT can do more to help when it comes to desk-based office staff who utilize complex applications via a desktop PC. People like financial traders, back-office staff and even call center reps no longer need to be tethered to a desk in an office. By using remote desktop and virtual desktop technologies from companies like Citrix, and hardware that’s up to the job (especially HPE Moonshot along with a Citrix hypervisor layer – for financial traders, for example) you can enable safe, performant, and secure access to desktop environments from most any device. Remote desktop is a thinned-down version of this and allows a user to be productive out of the office by “remote controlling” their existing desktop located on their desk inside the office. And virtual desktop, or VDI, is a way of moving all of that “desktop” compute into servers in the data center, or even into the cloud if practical.
Secure Remote Desktop and VDI
The other challenge comes around getting hold of physical infrastructure and devices – whether it's more server hardware to increase capacity on an existing VDI platform, for example, or laptops to provision with your custom build to enable remote work. The supply of physical infrastructure available may be constrained, especially when there are CPU shortages, and you may also struggle to get access to data centers or resources to build devices. And this all costs money, which may also be a challenge in the current climate. In some cases, your only option may be to somehow enable your end-users’ access to your environment via their untrusted devices, BYOD, or similar. But delivered incorrectly this introduces risk, and potentially risks compounding the issue of an already stretched VPN capacity.
In this scenario, a move to cloud is not always the right answer, either. A rushed move to cloud to mobilize applications has already made the headlines for some companies who have not implemented robust security controls and have found their applications and services open to the world without security. Even cloud providers have been caught out with "thin provisioning" at the beginning of the current pandemic, when customers tried to spin up their reserved instance compute services (which may have been shut down overnight to save cost), only to be greeted with error messages because their compute had been allocated to another customer. In some instances, customers have been recommended not to shut their instances down for this reason, completely negating the cost savings generated by moving that service to cloud.
HPE Pointnext Services has implemented urgent remote-work VDI solutions for customers recently – for example, we've been engaged in Russia to urgently and successfully deploy a remote desktop solution using existing desktop PCs for a customer that needed to send their staff home and enable them to use untrusted devices securely. We have many customers coming to us and asking how we can help.
We have a new Remote Work VDI Rapid Assessment, which is a single day's workshop of services that we've had in our portfolio for a while. It's delivered remotely via Microsoft Teams or Zoom. We go through your current challenges with remote working and your current pain points, and we work with you to create a practical remote working tactical plan, assisting you in deploying a solution quickly and efficiently. We enable you to allow your staff to remote work, but also, afterwards, we'll help you plan and build a long-term strategy around remote working going forward.
That strategy could be an expansion of an existing VDI investment; a move to a VDI on-premises consumption model; a hybrid-cloud-based VDI using Citrix Cloud; an acceleration to full mobility with Microsoft 365; application virtualization; or possibly some combination of the above. It would take security and regulatory controls into account to ensure that the best service possible is designed to enable you to weather the storm and ensure the productivity of your workforce at any time.
Many companies who have embraced full mobility and collaboration solutions, including Microsoft 365, have already put themselves in a good position, and in our experience have not had many issues that have stopped them from being able to work effectively remotely. Alongside this, by using tools such as Windows Autopilot (part of Microsoft 365) they were also able to securely and safely onboard and manage laptops that their staff were able to just go and procure themselves, or which were delivered directly to employees at home.
HPE Pointnext Services can also assist with your networking strategy. For example, we can help you with an implementation that will enable you not only to scale up and balance your VPN provision and Internet bandwidth using flexible solutions, but also to dial capacity back down at the end of an event, saving you money and enabling you to adjust to the new normal. There are also many proven transformation workshops that enable HPE Pointnext Services to bring our skill and knowledge to help you build your strategy for the workplace, covering all areas of the network, workplace and IoT.
When it comes to the Internet of Things, and automation within your factory, HPE also has a number of fast-start IoT solutions that enable you to quickly validate the viability and efficiency gains in your own environment.
Management of Change
It's not just the technical challenges that we've been helping with. We've also been assisting customers who just want help around best practices when dealing with remote workers. Our Management of Change practice has lots of great strategies to help with the transition to remote work, and we are always willing to share best practices and what's worked for us and your peers – everything from how IT can remotely support a user at home effectively, to the actual challenges of working from home. It's not always quite as simple as someone just setting up their laptop on the dining room table. It's a real change in work style, which can affect team dynamics. And there’s always a worry about changes in productivity. But we can help with experience-based advice – we can even share tips such as how to help your children avoid interrupting your video conference calls by enabling them to watch online streaming videos at the same time!
In summary, the situation we are all in now is extremely challenging – but you are not alone. I and the team at HPE Pointnext Services are in it with you. We have lots of tools, experience, and partnerships in our toolbox to solve your technical issues, advise you on the soft skills, help you upgrade your business continuity plans, and enable you to build a strategy for the new normal with confidence.
Mark Wayt
Hewlett Packard Enterprise
twitter.com/HPE_Pointnext
linkedin.com/showcase/hpe-technology-services/
hpe.com/pointnext
Mark_Wayt
Mark is a Worldwide Client Platforms Architect, owning part of the portfolio and covering all elements of Digital Workplace (VDI, Microsoft 365 & Windows 10) in the Intelligent Edge and IoT Practice Area in HPE Pointnext.
