Covid-19 has fundamentally changed how IT teams think about managing their infrastructure. In the Spring, organizations scrambled to purchase end-user laptops and hardware, conducted mass imaging of new gear, shipped that equipment to newly remote workers, and then taught them how to connect everything. But as a result, VPN connections were pushed beyond their intended use, and IT leaders quickly learned that infrastructure that works in the office doesn’t always work well across remote VPN.
On the security side, IT learned that a multitude of security problems arise when corporate networks are exposed to at-home personal networks, vastly increasing attack surface. Bad actors seized on these vulnerabilities and, unsurprisingly, ransomware attacks were up 147% in the early part of 2020. The good news? We realized that remote work can actually work well, and in some cases even better than the office. In this blog, we outline some of the infrastructure lessons we learned in 2020 and recommend 4 steps to build a business resilience IT plan of your own.
IT Infrastructure Lessons From the Rapid Shift to Remote Work
There are a number of key takeaways IT leaders learned when making infrastructure shifts during Covid-19:
- Complete VDI implementation would have helped immensely. Properly built VDI implementations don’t need VPNs or even endpoint devices sent to remote workers.
- Legacy VDI vendors are way too complex and expensive and were not built to thrive in a rapid reactionary world.
- Legacy virtual infrastructure struggles to handle WFM and rapid change and adding 200 end user seats creates a host of issues.
- Cloud-first approaches/lift and shift of EUC and data is time consuming and very expensive, and teaching remote workers how to access their resources is a huge challenge.
- HCI works hand in glove with VDI to easily enable WFM/remote work.
- Cyber threats grow exponentially when your network is extended to some of the least secure networks—the home network.
- Ransomware and malware attacks got much worse as attack surfaces in the home networks and VPNs expanded.
How IT Leaders Can Build Robust, Future-Proof IT Infrastructures
Usage of the term business resilience has increased as C-Suite leaders have impressed upon their IT teams the need to develop a plan to withstand rapid changes like what we experienced in 2020. Business resilience is a combination of proactive and reactive planning that an organization undertakes to mitigate and adapt quickly to threats and disruptions affecting the operation and success of the organization. For an IT department, business resilience includes traditional preparedness like cyber security, backup, and disaster recovery, but also includes having an infrastructure that can scale as needed, can support employees working remotely, and can include cloud and edge computing as needed.
The 4 Elements Needed to Build Your IT Business Resilience Plan
At Scale Computing, we’re helping our customers build resilience plans with these four steps:
Step 1: Hyperconverged infrastructure (HCI) is a highly-available, scalable infrastructure that is easy to deploy and manage. This is the foundation piece that you need to implement and enable every other piece of your datacenter. HCI provides high availability and disaster recovery, quickly connect remote users securely to existing infrastructure, cyber security to actively protect your networks and data from attacks, backup to protect data both to comply with regulations for long-term retention and to give an extra layer of recovery options in case of disaster.
Step 2: The next piece of your plan should include an effective, efficient, easy to implement and rapid-to-deploy Virtual Desktop Infrastructure (VDI) implementation. It needs to be connection-brokered, secure, gatewayed, and able to link into your authentication mechanisms regardless of whether it’s active directory or LDAP or NIS/NIS+. This allows you to securely get people into their workloads and workflows without needing VPN.
Step 3: Cybersecurity experts acknowledge that it’s much easier to attack remote users than corporate IT environments. To provide adequate defense against attacks, you need active, machine-learning intelligent protection against malware when your workers are in remote environments.
Step 4: It’s impossible to eliminate all cyber security and data protection issues, so archival backup and rapid recovery is the final piece of building your business resilience IT plan. The elements you should be looking for are: long-term retention and archiving; low-cost storage; multiple cloud storage options; granular object-level recovery; recovery to other platforms; and granular file-level backups.