Much has been written about the tremendous infrastructure changes necessitated by the Covid-19 crisis, including articles previously written by my colleagues here at Strongbow. In this article, I want to dig a little deeper in to the technologies that are so key to enabling our now globally distributed workforce – including some thoughts on how to thoughtfully manage these technologies as a short term response becomes a long term solution for many.
In the past, when there was a snowstorm or other natural disaster, our enterprise Remote Access team would run around the clock, monitoring the performance of the Remote Access infrastructure. This operational headache included counting client sessions, reporting hourly usage, watching RADIUS (Remote Authorization Dial-In User Service) sessions, help-desk tickets, and, of course, reporting metrics to upper management until the crisis subsided. Think Super-Storm Sandy, Fukushima, Typhoon Yolanda and Hurricanes Katrina, Marie, Harvey… all of these events required significant response from the network team, although such response was relatively short in duration.
After the crisis subsided, the infrastructure team would discuss lessons learned to apply during the next large incident. But until that next event arrived, operations would go back to normal. But what
if the snow day never ended, and what if the entire world shared the same snow day? Welcome to Groundhog Day.
During the first week of mandatory “Stay at Home” orders, it became clear that those enterprises who had previously migrated to Cloud services for Desktop, Unified Communications (UC) or Unified Communication and Collaboration (UCC), were best positioned to survive this Groundhog Day.
As my colleague Barry Platzman recently wrote in “Your Old BCP = Your New Normal”, business continuity plans are now running as if it’s business as usual. If the old remote access infrastructure wasn’t 100% available for 100% of your workforce, the network and security teams of large enterprises have recently spent long nights and weekends making it so.
Standardized End-User Services
Today’s latest and greatest UC and UCC offerings offer a single service for conferencing, IM, document sharing, and remote access for end-users to communicate and collaborate with each other.
For those organizations that don’t have a common platform for remote access and UCC it would seem circumstances now dictate it’s time to take your company there. It may seem like a simple no brainer, but there are many reasons why large enterprises may not have standardized their platform usage. Ranging from growth through acquisition to decentralized decision making to disaggregated budgets to meeting external customer demand. Of course, there are other reasons to run a common UC platform: a single enterprise solution drives better cost performance by eliminating duplicate platforms, license fees and operating costs (more to come on cost containment in my next post).
A key milestone in the global standardization effort is to identify current costs and budget owners (regional, line of business, etc.) By quantifying duplicate costs, a Total Cost of Ownership (TCO) can be calculated. By eliminating duplication, the TCO can be reduced, illustrating the advantages of standardization. And if the sales team still wants Zoom – well then, let them pay for it!
While this transition to standardized services is one most agree should happen sooner rather than later, it needs to be done in incremental steps. In this current environment of great uncertainty, especially from a budgetary perspective, now is not the time to forklift one (or many) enterprise solution for another. One possible consideration is to evaluate an individual license subscription (e.g. named host model) versus a single Enterprise license. It’s important to understand the platform intricacies and use-cases, in order to provide all parties in an organization with the ability to schedule and host internal meetings on the same collaboration software.
With all of the change, it can be easy to lose sight of end-user adoption. Training is no simple task in a pandemic-induced remote environment, however certain accommodations can be made as a result of platform advances. For example, one solution could be to monitor “Top 10 Ticket Trends” at the Service Desk, in order to create FAQs for frequently occurring issues.
Access to Internet-Based Applications
If you operate a traditional hub and spoke Data Center / DMZ model, this could be the right time to evaluate Software Defined Wide Area Network (SD-WAN) with distributed Internet service.
Different services from different vendors can be mixed and matched to affect the best value across different use cases or site types / segments. Different access methodologies including Broadband and LTE can drive significant savings when replacing traditional network services such as MPLS.
But perhaps the biggest value from SD-WAN is the ability to provide improved performance for Cloud based services via Internet connectivity. Distributed internet allows clients to go directly to the cloud for business applications without backhauling to a data center secure de-militarized zone (DMZ).
To make distributed Internet work, however, new security solutions will need to be tested and certified for your enterprise. In your DMZ today, you likely have hardened Firewalls, Application aware Firewalls, Internet Proxy Services, third party VPN services, and Threat Intrusion Detection – Prevention (IDS-IPS) to name just a few. These services have cloud-based options that will allow your distributed workforce to securely access Internet and Cloud services without backhauling through your data center.
We recommend you start by looking at Cloud Proxy with distributed Application Aware Firewall services. Quick wins can be made by whitelisting well-known cloud applications. This both improves the client and lightens the load on the data center DMZs. Cloud Access Security Broker (CASB) services provide security structure between the corporate infrastructure and multiple cloud providers. This is key to your security strategy as the Enterprise subscribes to more cloud services.
Virtual Desktop Infrastructure (VDI)
As mentioned in Strongbow’s recent webinar, many Enterprise clients have taken the opportunity to spin up thousands of VDI clients in just weeks, enabling end-users to work from home without a company provisioned device.
VDI, when combined with a virtual machine image running in the cloud, gives true scalability on demand, Data Loss Prevention (DLP) protection, as well as a great model for driving savings when compared with traditional capital purchases for end-user devices.
VDI can present a challenge for real-time services such as voice and video. As such, it is important for clients to make sure that testing and certification verifies this functionality. Even if conferencing and collaboration services don’t function as expected on VDI, solutions can still enable real-time services including call my phone and mobile device support. OneDrive combined with an MDM / DLP solution, for example, gives all of the benefits of VDI with the flexibility of a dedicated desktop.
Summary
As time progresses, we will see what the economic landscape dictates from a workforce perspective. For sure, there is a paradigm shift underway and we can safely say tomorrow’s work environment will not look like it does today. Therefore, continuous planning and financial due diligence will be required for some time to come.