The pandemic has thrown the way many businesses and enterprises operate into disarray. Millions of people are working from home or partially remote. Digital transformation is accelerating, and companies are shifting their business strategies to compete in a digital-first world.
Gartner categorizes the pandemic response into three phases:
1. A response to the immediate requirements of the crisis.
2. A recovery to a stable state.
3. A process of strategic renewal where businesses “use lessons learned and emergent patterns from prior phases to coalesce around a new foundation and way forward.”
What inevitably comes with us on this journey is the need to reconsider approaches to IT in order to stay ahead as we move forward.
The Important Difference Between Cybersecurity And Cyber Resilience (And Why You Need Both)
Effective Ways To Engage And Connect With Remote Teams
What Are The Fastest Growing Cybersecurity Skills In 2021?
Many of us have experienced recent tech-enabled change firsthand as employers reacted with impressive efficiency to move to a virtual environment after years of embedded office culture. Who would have believed that might be possible just a few months ago? Imagine going to business and HR leaders at the start of the year and proposing that they switch their entire workforce to remote work within a few weeks. The idea would have seemed ludicrous, as would the notion that a whole range of positives could emerge from the process. Yet many of us are wondering why we didn’t appreciate the possibilities sooner, and CEOs across the economy now are converts to the benefits of digital transformation.
The revolution in working practices hasn’t been lost on Microsoft. When delivering his quarterly earnings report in April, CEO Satya Nadella said, “We’ve seen two years’ worth of digital transformation in two months.” Indeed, April alone saw Microsoft logging over 200 million Microsoft Teams meeting participants in a single day, adding over 4.1 billion meeting minutes.
Some will think this is the technology industry doing its usual job of emphasizing innovation — an opportunity born out of adversity. But given the collective experience of recent months, it’s arguably more likely that we’ve arrived at a once-in-a-generation fork in the road for IT. Do we revert to the “old normal” where technology inertia prevents businesses from improving, or do we take this opportunity to rethink our wider IT philosophy and fix the challenges that impede progress and limit information security and safety?
Rewards And Risks
While emphasizing the technology and organizational positives that have emerged thanks to widespread remote working, there’s no doubt that businesses face considerable risk. The Information Systems Security Association (ISSA) and analyst firm Enterprise Strategy Group (ESG), recently characterized the Covid-19 pandemic as “a once-in-a-lifetime opportunity for hackers and online scammers.” Their April research revealed that cybersecurity professionals had seen a 63% increase in cyberattacks related to the pandemic.
Looking closer at one of the most worrying issues, that of ransomware, underlines the point. A study covering the first quarter of 2020 discovered that ransomware had increased by 25% compared to Q4 2019.
Even before the pandemic, these issues were serious. According to the State of IT Resilience white paper produced by IDC, 91% of respondents suffered a tech-related disruption in the last two years. These high numbers of attacks have consequences: About 28% of respondents experienced major reputational damage, while 26% of respondents experienced loss of customers as a result of business disruptions.
Understandably, organizations are focusing on ransomware prevention. But given the increasing sophistication of attacks, the complexity of modern tech infrastructure and the growing number of managed and unmanaged endpoints, prevention should go hand in hand with risk mitigation via recovery. To meet these challenges, businesses need to rethink their cyber resilience strategies and opt for a bend-but-don’t-break approach to cybersecurity. Protecting your business now means knowing an attack will come but being able to absorb it and bounce back when it does.
However, in the event of a ransomware attack, many organizations rely on a legacy approach to disaster recovery, which assumes traditional backup tape and disk are an effective strategy. The problem is, ransomware can easily affect entire file servers, preventing access to enormous volumes of business-critical data. In many cases, a reliance on tape and disk means that 12 hours or more of valuable data will be permanently unrecoverable, and it can take weeks to fully restore systems.
One only needs to look at the recent experiences of currency business Travelex, where ransomware disrupted operations for a month, or the attacks on schools when Hartford, Connecticut, was forced to cancel its first day of virtual classes due to a ransomware attack, to understand the potential existential risks.
We should expect better. Business leaders should emphasize a modernized approach that protects data in real time. The solution I recommend is continuous data protection (CDP), which allows organizations to automatically capture and track changes in data, saving every version of user-created version as a checkpoint, seconds apart from the previous one and stored locally or at a cost-effective target repository. In doing so, administrators can restore data to any point in time with deep granularity, and instead of losing days of data and taking weeks to recover, organizations can return to business in a matter of seconds after a ransomware attack or any other disaster.
The key to CDP and an improved IT strategy is three-pronged:
• A continuous stream of recovery points that make recovery possible from any point in time going back just seconds to hours, months or even years.
• Application consistency that is maintained across multiple virtual machines (VMs) no matter where they are running in your infrastructure.
• Continuous nondisruptive testing that enables orchestrated and automated disaster recovery testing, carried out at any time.
Apply these strategies, and you’ll find your way to Gartner’s “renew” phase in your pandemic response process. Take the opportunity to rethink strategic IT fundamentals and build the resilience your business needs in a cloud-native era. Change has been accelerated by an unprecedented global crisis, and collectively, we must act on the positive lessons to fix technology’s legacy shortcomings.