Virtual solutions for a virtual workforce

Companies have based their business continuity and disaster recovery plans around a set of assumptions that have been turned upside down by the coronavirus pandemic, and the best made plans to protect data and achieve compliance have been severely challenged.

The problem is that a sudden and total switch to home working is not a scenario that businesses have prepared for, and the ability to do it without compromising regulatory requirements is proving hard for most organisations.

There is an ideal solution that will ensure data integrity and compliance, and it’s virtual desktop infrastructure (VDI) according to John O’Donoghue, solutions consultant for the data centre computer group in Dell Technologies.

“It can answer all of the challenges around remote workers connecting to applications in the data centre,” he said. “It’s the best and most secure approach because organisations can keep their data in their data centre, rather than worry about the data residing on the end user’s client device.”

VDI allows companies to run multiple instances of a desktop, the operating system and applications, from servers on their premises or in a data centre.

Security, storage, compliance and performance are all managed, monitored and maintained centrally by IT with users needing only thin client devices to log in and access their desktop tools virtually. It increases efficiency, supports better security and governance, and gives the end user a better experience.

Dell has many large customers that have switched to the VDI model – usually organisations under pressure to adhere to strict regulatory requirements around data protection, like law firms and government agencies that deal with people’s personal information. The solution’s appeal, however, has broadened considerably with lockdown.

“It’s not a cheap or quick fix,” said O’Donoghue. “But what previously looked prohibitively expensive makes more sense when you look at the total cost of ownership when it comes to remote working, especially for large organisations that have to buy laptops and then put security and data protection in place for thousands of employees.”

In the wake of Covid-19, ripples of even bigger change are coming, according to O’Donoghue, who has experienced the busiest six weeks of his career. He is seeing organisations look at IT in a new way.

“A lot of customers have looked at IT as a cost centre in the past, something that keeps the lights on, but that attitude has shifted over the last five years and is changing dramatically now. At a senior level, people are seeing the value of IT operations as much more than cost, and we’re seeing it drive innovation,” he said.

Virtualisation technology is at the heart of everything, even the network. “We’re seeing SD-WAN used to manage and secure network traffic in a more scalable manner than previously,” he said.

“Scale is becoming a major challenge for everyone, not just big companies, especially when you have to connect all your employees who are working from home.”

For businesses already struggling with compliance measures and growing volumes of data, Covid-19 brings added pressure. But backup and storage has never been so fast and effective, according to O’Donoghue.

Dell’s PowerProtect and Data Domain platforms bring down the cost by compressing data that needs to be retained but not accessed regularly, while at the same time providing index and search features for the data that does.

Not only do these solutions protect data, they provide better governance and control over business-critical workloads across both physical and virtual environments.

The last point is important, said O’Donoghue, because the future is hybrid. “What’s happening now will drive things more quickly in that direction, because not everything is right for the cloud. IT will still need to be able to build and distribute certain services to end users.

“The cloud also comes with compliance and cost challenges that can be avoided on-premise. We can give companies a fully automated data centre infrastructure that they will only need to touch when changing out disks. We can help them build on-premise, private clouds.”

Heading to a hybrid world

HP Enterprise (HPE) shares the view that hybrid should be the direction of travel for businesses.

“They need flexibility and scalability in the way they protect their mission-critical apps by combining cloud with on-premises data protection options,” said managing director Maeve Culloty.

“Our built-for-the-cloud data protection lets businesses efficiently leverage the economics and agility of cloud backup and DR [disaster recovery], while continuing to use on-premise infrastructure for fast, reliable operational recovery.”

HPE helps organisations achieve the agility and cost flexibility of the public cloud while maintaining the performance, availability and data integrity of mission-critical apps. A leader in hybrid storage solutions, the company’s product portfolio includes GreenLake, which delivers the cloud consumption experience on-premise.

“It allows businesses to preserve cash flow without compromise to mission-critical apps by moving from a traditional capital expense to a variable expense, deferring payment of capital expenses and leveraging artificial intelligence to drive higher utilisation safely,” explained Culloty.

Running distributed business operations with a remote workforce creates challenges in monitoring and troubleshooting that are best addressed by VDI environments, according to Culloty, that consist of multiple, distributed software and hardware components.

Right now, HPE claims its solutions have the capability to support remote operations and infrastructure while keeping employees safe, the business running, and data protected.

The centralised control of VDI is also better for security at a time when the threat level is raised.

“The work-from-home dynamic creates a very opportunistic situation for hackers and phishers. Every home device or wireless connection is a potential entry point,” Culloty said.

“We know customers want to deploy across cloud, virtual, and physical environments, ensure investment protection, and eliminate lock in. Our vision for data protection is to eliminate complexity, reduce risk and lower costs.”

In response to Covid-19, HPE has also introduced pre-configured VDI solutions to support small and medium-sized businesses. Designed for Citrix and VMware environments, it can scale from 80-2,000 remote workers.

“Our range of VDI solutions has been helping businesses quickly deliver virtual workspaces to their remote staff. By delivering more desktops on less hardware, we reduce capital expenditure without compromising performance or high availability,” said Culloty.

Avoiding a loss of control

The traditional approach to data backup and business continuity has proved woefully inadequate for Covid-19, according to Michael Conway, director of Renaissance, and old assumptions no longer hold true.

“Businesses have been putting things in place to manage and secure an environment and make it compliant, but now we are all working remotely so they find themselves protecting something that doesn’t currently exist,” he said.

Most business continuity plans are designed to keep 15-20 per cent of the business up and running, enabled by a separate recovery facility, explained Conway, but none of this works when all your employees have to work remotely and connect back into systems and data in the office.

“Your corporate firewall was never designed to take 100 per cent of the traffic coming from the outside into the office; it was designed to go the other way,” he said. “It’s almost like it’s been turned back to front, with all the traffic going back into the organisation rather than out of it.”

He has no doubt that one consequence of Covid-19 is that many organisations will be non-compliant in at least some of their activity. Certifications that covered a carefully controlled office environment might no longer be valid for home working scenarios.

“The longer this goes on, the more likely the need to recertify,” he warned. “There will be some flexibility for unusual circumstances but, when it’s going on for three months, that might change.”

Retrofitting security is going to be key as many first-time home workers find themselves in a place that’s very different to the office.

“They are working from sitting rooms, bedrooms, living rooms, and even kitchens, often on non-corporate devices with no endpoint security. They’re on a broadband connection that’s shared with other people in the home – partners, kids, flatmates – who are accessing a range of devices including smart TVs and game consoles. Basically, it’s an uncontrolled environment,” said Conway.

Businesses still have an obligation to protect data in a way that is GDPR compliant, which means encryption and authentication need to be put in place as quickly as possible. He said the absolute baseline must be a good corporate antivirus that provides patches for all known vulnerabilities.

“There are still a lot of Windows 7 devices out there, unsupported and unpatched, running free antivirus that simply isn’t good enough. I have yet to find a domestic home PC that is ever patched properly,” he said.

One of the vendors that Renaissance distributes is Bitdefender, which overlays its patching and encryption technology on to any desktop without having to uninstall any existing software. Another company, Veriato, makes employee monitoring and insider threat detection software.

Deployed as an agent on a user’s device, it brings some oversight to the activities of a remote workforce.

“You lose visibility of people outside the office, so it’s important to be able to drill down into their activity and make sure they are compliant in what they do. It carries out risk analysis and provides threat scores around individuals and their laptops,” explained Conway. “It’s a full employee monitoring solution, a CCTV of computer screens.”

Cloud advantage will drive more businesses online

Covid-19 continues to highlight the divide between the ‘haves and have nots’ in the business world when it comes to IT choices.

“Essentially, companies that use the cloud will be in a much better position than those that don’t,” said Michele Neylon, chief executive and founder of Blacknight.

“If you have been using OneDrive, Dropbox for Business, or similar tools, moving to a remote situation will not be that much of an issue. The companies that will have more of a challenge are the ones where a lot of their data is sitting inside the office.”

While there are tools and technologies like VPNs (virtual private networks) and remote desktop connections, which allow outside access to on-premise systems and data, the challenge will be scaling it up for a whole workforce rather than a few.

“In Blacknight we went from one or two staff working remotely to 50. It was a challenge, but our network setup was resilient enough to handle it. I don’t think everyone will be in that position,” he said.

The additional difficulty for many businesses is not about accessing data but protecting the integrity of it, according to Neylon.

“People involved in medical, legal or human resource roles will be dealing with sensitive data. You have to make sure the laptops and desktops they are using remotely are backed up if the hardware fails, or if a house is broken into and the data is stolen,” he said.

Blacknight offers a range of cloud hosting solutions and Neylon is seeing a lot of interest among Irish companies for backup-as-a-service products that he expects will accelerate as the lockdown continues.

“One of the few upsides of the pandemic is that it has forced companies of all shapes and sizes to embrace online,” he said. “The downside is that, because none of this was planned, there are going to be a lot of mistakes. But it’s like riding a bike – the only way you learn is by falling off and getting back on.”

He anticipates a lot of ‘retrofitting and fixing’ around solutions that are currently being bought in haste.

“There will be a lot of lessons to learn. For now, it’s survival mode and it’s okay to fail and fall off the bike. Going forward, companies will have to evolve their methodologies and change; everybody will have to switch gears and take their businesses online,” he said.