The evolution of portability and digitization over the past few decades has been a vital asset for our ability to mitigate the pandemic. Yet, technological capacities vary greatly across industries and companies, and from a societal standpoint, those with lower incomes are disproportionately unable to benefit from these advances. Best practice for the IT domain involves confirming the impact of changes that may have been made in haste to ensure security and smooth processes in the recovery stage.
In addition to infrastructure being stressed by the dramatic increase in demand, there is also the continued threat of malicious actors seeking to take advantage of weaknesses in new, swiftly erected and/or heavily loaded infrastructures. Recommendations for this challenge include:
- Ensure that cybersecurity alerts and audit logs of critical systems — for example, VPNs, firewalls, endpoint security tools, and critical business applications — are centrally collected and analyzed to detect and respond to suspicious/malicious activity.
- Review/update VPN profiles and firewall rules to ensure employees are assigned appropriate privileges based on their roles.
- Implement procedures requiring approval from data/system owners for provisioning and de-provisioning of remote VPN and other accounts related to critical business applications.
- Enable multi-factor authentication for VPN and critical information systems.
- Disable split tunneling for VPN profiles to ensure that remote employees cannot access the internet directly from their laptops while using VPNs to access corporate information systems.
- Create a shared channel — for example, #phishing-attacks — or an email address where employees can report suspicious emails.
Equipping Staff for Work-From-Home
Staff may not have been sufficiently provisioned to support work from home situations of a lasting nature. Makeshift equipment may not provide neither a productive working environment nor the most secure and intentional choices. IT leaders need to develop a systematic approach to ensure that staff is adequately equipped moving forward and understand its cost implications. Key areas to consider include:
- Devices should meet minimum specifications that include i5 processors, 8 GB RAM and 256 GB HD. In addition to new devices, refurbished equipment may support your needs effectively at a lower price point
- Connectivity is crucial for those who need to access a variety of applications and cloud platforms. User will require a minimum of 25 Mbps download at home although 100 Mbps is recommended.
- Critical applications with protected data should be used with a secure VPN or firewall solution.
- Staff should be encouraged to connect directly to their router with a network cable to ensure best performance.
- Firms using VoIP may be able to access phone service through the provider’s app or by having the IP-based phone set up at the employees’ homes.
- Document and formalize arrangements if they will be in place during and beyond the recovery.
- Ensures policies on network access, data protection and any provided equipment are clear and understood by each impacted employee.
Data Center Management
The increased demand for virtual work can place the typical data center operation under stress. The Uptime Institute has created a useful report for data centers that covers general considerations along with guidelines for work with third parties and contractors.
Baseline for a comprehensive understanding of current IT costs and their drivers. Take time to create scenarios allowing for different timelines. For example, which costs can be managed most easily with the least impact on day-to-day operations to provide short-term relief, and how do these differ from long-term opportunities that may be necessary if a slowdown persists for anywhere from three to twelve months?
The initial impact of the shutdown has profoundly accelerated the incidence of staff working from home. As IT departments have moved swiftly to support this change, there may be elements that were not given sufficient attention due to the abruptness of the change. This also implies opportunities to rethink what the new IT footprint may look like in your organization. For example, Nationwide Insurance has announced plans to permanently transition to a hybrid operating model comprising primarily work-from-office on four corporate campuses and work-from-home for most other locations.
Less obvious are downstream impacts of a shift in IT spend. IDC estimates worldwide IT spending to decline by 2.7% in 2020. This is projected to be the result of companies delaying spend across most sectors, with the exception of Infrastructure and Software spending, which will still grow at much reduced rates from 2019. Cloud computing was much less prevalent in previous downturns (SARS in 2003 and the Great Recession) and this trend will continue to accelerate. There may be a two speed IT sector. On the one hand, hardware and physical peripherals face supply chain disruption and diminished supply due to decreased demand. On the other, cloud computing services and SaaS will continue to grow, potentially at stronger rates than currently predicted. Leaders should keep these trends to decide if digital transformation efforts should be increased, the benefits of which are congruent to a “new normal”, where productivity, rapid communication and virtual collaboration continue to increase in importance.
The Greater Des Moines Partnership's DSM Forward playbook is not intended to constitute legal advice or provide specific direction
. The preparation of a business continuity or preparations plan should be undertaken with the advice and direction of appropriate specialists and personnel, in consideration of the unique circumstances impacting each business. Third-party websites or material linked to or referenced in DSM Forward are for informational purposes only and do not constitute a recommendation of The Partnership of that material or its authors.
Last updated: 5/8/2020