Expect the unexpected. That’s the first rule of business continuity planning. If you want to minimize the impact of a disruptive incident, prepare for the known unknowns if not the unknown unknowns. Every shock – whether caused by flooding, fire, cyberattack, or, as now, a global virus – is different in character and execution, but good continuity planning is always adaptable. The goal is resilience. The watchword is flexibility.
Those best able to cope with the immediate and longer-term fallout of disruption will be the organizations that have a technology backbone that allows for adaptation and supports disparate – as well as centralized – teams, anytime application access and data flows.
Most business continuity plans anticipate redeploying people, processes, and technology from one central location to another, with pockets of remote working providing temporary cover. Most plans prepare, too, for a degradation of service – damaged or stolen physical equipment, compromised data, and services.
For financial services companies, in particular, mass workforce relocation is alien territory. Remote working may form part of the contracted week in some departments but it is far from the norm. Remote working at scale demands a huge change in culture. It demands process upheaval from – health and safety to security and compliance. And it demands the right kind of technology infrastructure.
The transition to remote work environments changes traffic and data patterns. It causes sudden bursts and unconventional flows. To stay ahead of the application performance and availability challenge, we advise a two-step approach: optimize and analyze.
Let’s take each in turn.
To optimize is to make your entire IT environment operates as one. Optimization rarely means migration from one dominant infrastructure to another. Rather, the most adaptable infrastructure is hybrid – public cloud, private cloud, on-premises, and edge – and, often, multivendor. If you need to move 20% of traffic from cloud to on-premises, or from one cloud provider to another, then you can. And if you need to move it back again tomorrow, that is possible, too.
Hybrid infrastructure is flexible and resilient – provided that there is a consistent thread of management that runs through it.
We provide the solutions to help you rationalize data and application infrastructure, move data between on-premises storage and cloud, and help guarantee data availability across the cloud. NetApp can empower you to deliver data protection, replication, and continuous availability on, Azure, Google Cloud and AWS in hybrid environments. We also have solutions that enable secure, automated replication and synchronization between on-premises and cloud object stores. Similar portability is available with Kubernetes and other containerized solutions.
To analyze is to understand performance in a business as usual scenario and under predicted stress. It also means ongoing measurement and monitoring during a crisis to better recognize the challenges you face today, tomorrow and over the coming period. Continuous risk assessments, predictive alerts, and automated case opening help uncover and prevent problems before they occur.
At NetApp, we have solutions that provide visibility across an entire multivendor, multicloud estate.
We deliver artificial intelligence-driven insights into the health of all your NetApp systems, including predictive risk models for systems that are reaching performance or capacity limits. Advanced insights uncover risk exposure, security gaps, and vulnerabilities. The same intelligence monitors public cloud, data center, and remote office environments in isolation and in concert.
The barrier for financial services firms, therefore, is not the availability of the right technology infrastructure but culture – the people and processes that might inadvertently inhibit the flexibility and resilience necessary to confront the unexpected.
For example, adaptable infrastructure rubs up against a pre-DevOps era understanding of development. Rapid transfer of data and applications from cloud to on-premises, or from one public cloud provider to another runs counter to internal compliance and security guidelines.
Such rigid constraints will be heavily tested by disruption with many organizations forced to look again at internal compliance in order to keep their business running. Such pragmatism makes sense. If expect the unexpected is the first rule of business continuity planning, the final rule is to learn from a disruptive shock. Organizations forced to adopt different behaviors in the short term, often end up adopting those new behaviors for the long term.
If financial services firms learn to apply internal compliance and security through a different lens and learn to embrace the true flexibility of hybrid infrastructure, then forced experimentation will prove to be one positive outcome during a difficult time.