This experience has brought into stark relief the gaps we’ve neglected in our data centers. While I have hopes for lessons learned, particularly around what I’ve perceived as an accelerating lack of kindness being displayed. My first hope is that we discover that we’re all on this rock together, and we should all respect that.
That being said, we’ve discovered that our data centers are poorly lacking in key technologies, in many areas. My belief is that we need to concern ourselves in these spaces with thoughts toward continuity, remote access, security and border protections, and remote/video conferencing.
For example, our backup and recovery processes are way too manual. Any system that requires on-site intervention should be minimized. Leveraging of the cloud as a target for backups, with access to a console to be operated for these processes available from remote, even portable devices should be part and parcel to the equation. This would include protection and restoration from ransomware attacks, with the ability to roll-back to a point in time, as well as other mitigating steps, also from remote would be vital.
VDI and remote access to internal systems for users confined to remote locales is a critical aspect of how things fell apart in the early days of this experience. Organizations quickly responded with solutions that have been retroactive, yet in many cases insufficient. A robust end-user computing solution should be established such that as many employees as might require it should have access to it. This should be taken into account with an eye toward capacity, and security. Limiting access into the network to only authorized users, deploying full desktops or individual applications should be considered as the key piece of the equation. Ensuring that the endpoint to be used, even by authorized users does not nor will not compromise the network is, in my estimation, the most critical part.
Security and Border Protection
While security teams have long placed emphasis on how best to protect the border against intrusions, and malware, denial of service attacks, etc. If there’s one thing this experience has taught us, it’s that we must step up our efforts in these areas. In this new paradigm, as we allow for users to remote into our networks, a larger emphasis must be placed in this area. The potential for impact from VDI, from unauthorized attacks, etc., is an even more significant pain-point for many of our networks. Add to that, the necessity of controlling these aspects from a remote locale, inherently could create a vulnerability we must emphasize as our plan moves forward.
Remote and Video Conferencing
If the Zoom potential security breaches we’ve heard about recently create any panic in our security personnel are any indication, our remote/video conferencing capacities should be evaluated not just for picture and audio quality but for the inherent security vulnerabilities therein. Some systems, like WebEx and Teams (Cisco and Microsoft respectively) which are SAAS based should be evaluated for integration into the infrastructure, while others require an on-premises infrastructure. Those that are web-based could protect the internal data center infrastructure, at least directly, but could still be causing vulnerability toward the endpoints. To whit, the endpoint could cause vulnerabilities to be initiated once that endpoint does connect to the infrastructure remotely. Our best efforts to protect our data center assets should be considered when implementing such platforms.
On a more global perspective, our corporate populations could change drastically, to a more remotely based workforce. We may find our reliance on desks, and end-user supporting infrastructures could diminish. We should prepare ourselves for this new dynamic, ensure that remote applications are secure, and our infrastructures support such a diverse workforce.
Remember: Those who do not learn from their histories are doomed to repeat them. Let us all take our lessons from this experience and learn more appropriately how to work better. It’s clear that this is unlikely our last experience with this kind of pandemic experience. Will we face this next time with the same disruptions to our businesses? I hope not.