We wrote this article following the global IT trends with the current almost globalized lockdown and following our direct observation of the impact of the massive shift to telework on the IS and IT teams of our customers.

A few data to introduce the IT context in April 2020

 

 

It seems that COVID 19 may do what years have advocacy have failed to: make telework a benefit available to everyone.
Long considered as a luxury benefit and a sign of agility, in a time of lockdown it appears as a sign of survival.

 

 

 

 

 

 

The network is an infrastructure core component.
Last 10 March the biggest network exchange point has recorded the most important peak with 9.1 terabits per second consumption, which is 12% higher compared to the last biggest peak recorded.

 

 

 

 

 

In Asia pacific, cyber-attacks have tripled during January and March 2020.
CIO teams have to maintain the highest level of security for their corporate infrastructure but also for their end-users working from home.
End-users are becoming easy prey in these so disrupted time, one-click on one link (always containing a piece of reassuring information) could entail a virus, getting hold or personal data or breaking into the corporate network.
More than ever we can observe the urgency for CIO to be properly equipped and for employees to be trained and on cybersecurity and hygiene.

 

 

The impact of the crisis has been brutal for some sectors and companies as well as the massive shift to telework worldwide for CIO and IT teams. 
Several issues are arising and maintaining an optimal level of IT service deliveries and security can entail chaos when companies didn’t anticipate this massive shift to telework.  Data management and sovereignty has to be reconsidered within the globalized telework approach to meet their initial requirements even during a lockdown and also to anticipate tomorrow’s challenges

We will introduce 5 keys for a performant and reliable data management in the telework model.

1) Type of IT infrastructure  
2) Access your information system through desktops and manage virtual desktops
3) About the BASTION solution 
4) How to remotely monitor your IT infrastructure
5) Keep the link with your team with unified communication tools

1) Type of IT infrastructure

The IT infrastructure is the first technical brick to mention when we are raising the issue of data management in telework model. 

Existing model limited to a few configurations: 

  • Onsite server room
  • Wet hosting (customer machine hosted on racks within specialized datacenter provider)
  • Cloud: IaaS, SaaS, private, public, hybrid cloud.

 

Recommendation 

  • Migrate onsite server room: Onsite server room is a declining model, global trend and customer project show us that a majority of companies worldwide are migrating their assets to datacenter specialized provider or cloud infrastructure (at the exception of sectors submitted to particular security requirements such as banking or defense sector).
    We advocate for years to delete onsite server room and to entrust a specialized provider, at least with the required basics facilities to keep a server room alive: security, electricity, AC. With the lockdown, keeping onsite server room alive brought several issues to IT teams.
  • Favor hybrid cloud: We encourage a hybrid cloud approach to benefits from the best value of each model, as we say it offers ” the best of both worlds”. A 2013 Gartner survey was predicting than most of half of the companies worldwide will use hybrid cloud by 2018.
    Public cloud (Microsoft AZURE, AWS, OVH) offers you a great panel of resources with the possibility to increase your computing and network resources in an instant, providing your infrastructure with huge elasticity and scalability.
    A private cloud configuration allows you more control and security on your infrastructure and chain of command.
    Finally, SAAS applications offer simplicity and turnkey solution (ex: messaging applications).
  • Outsource your back up: Managing back up is usually time-consuming tasks with limited business value. Moreover, managing back up on tape library has its share of constraint exacerbated with the lockdown with the need to go onsite only to change the tape library.* Find our 4 hybrid cloud uses cases for future-ready organizations 

 

 

2) a) Access your information system through desktops 

Another raising issue is to access the information system with the desktop in a telework model.
A lot of companies didn’t equip their employees with personal laptop, because they didn’t anticipate the switch to remote work or because they cannot afford to do so.
For those who didn’t anticipate it, employees have to access the IS through their personal laptop and you can see the issues arising: security.

Employees equipped with laptop 

Access the IS with VPN SSL ensuring that VPN Gateway and bandwiths has been sized well enough

 

 



ACCESS THE IS with personal devices (BYOD). 

Set up the required security measures to validate end users’ devices conformity (antivirus updated, patch updated).

Favor SaaS services (0365 for messaging services)

Favor IaaS services to publish application without adding unknown devices into your corporate information system

Increase your security with multi-factor authentification tools (DUO, INWEBO)  to add a third source of security with a unique verification code

 A few observation : 

  • Customers that have already massively invested in virtual desktops solutions have seen a limited impact on the shift to telework – with a flawless shift and limited change in technical environments. VDI infrastructure has minimized the impact of the change

 

 

  • Investment in TOIP cloud solution allows to manage your telephony with serenity (free yourself of physical constraint and forwarding calls issue)

  • Lockdown has entailed a massive adoption of SaaS collaborative solution (O365, zoom, Webex …)

 

2) b) How to manage desktops 

Issues with application updates :  

  • How do I deploy OnPremise application updates with limited bandwidths?
  • Does deployment architecture has been sized for those needs? We can see solutions like IVANTI, SCCM, KACE have been dimensioned and quite efficient for an agency’s network, not for a massive shift to the teleworks model.

Issues with security and patching management :

  • Cyber attacks are increasingly growing and stronger.
  • How to apply a zero-day patch when all the laptops are connected with VPN?
  • How to ensure laptops are still updated with antivirus?
  • What strategy to adopt when all the laptops are switch off within your office?

Which solution?

  • The choice of a Cloud fleet management solution makes it possible to limit the impacts during and after the lockdown. The market-leading solution: Microsoft Intunes
  • Antivirus protection for end-user must be managed within the cloud (Sophos Central, Cynet 360).

 

3) About the Bastion solution  

An information system is composed of networks, compute, storage, applications.
All these elements have to been updated, maintained, and operated.
How to give access to the right people at the right time for a limited perimeter when everybody is working from home? 
The BASTION answers this need by giving unique and controlled access to third parties.


Definition

  • A security system that isolates, controls and secures access to privileged accounts (admin account)
  • Privileged accounts connect to a secure network area isolated from the IS. From this area the bastion solution will only allow the necessary access.

Added value

  • Control and traceability of access to privileged accounts: admin, third parties, editor.
  • Partition network access.
  • Monitoring and recording of RDP session.

Which solution? 

 

4) How to remotely monitor your IT infrastructure  

Monitoring is a well-known process that can be done through many tools to ensure that we have a view on our IS and the availability of its several components.
Internet bandwidth, as well as resources for VPN gateway and firewall, has exploded during the lockdown. All these elements need to be monitored and IT teams have to control that VPN gateway and bandwidths as been sized well enough.

Most importantly, issues of performance have been deported from core corporate networks to end-users’ (working from home) devices. Thus, IT teams have to ensure than all the applicative chain from the data center to the end-user point is working correctly using application monitoring to analyze all control points and connection time in order to define where are the congestion points in the information system.

The challenges for CIO teams is to ensure the availability of the IS for :

  • For the whole IT teams in telework
  • Company employees working in telework and external access (VDI, VPN, internet…)
  • Control and remediate intrusion and cyberattacks
  • Central application for general management which are essentials and has to be 100 % available (RH, accountability, BI …)

Technical and applicative monitoring

  • A global view of the infrastructure availability
  • Availability of IaaS and SaaS services
  • Monitoring the access point to the IS (available bandwidth, VPN gateway, firewalls …)
  • Define the congestion points in your applicative chain.
  • Furnish performance report and generate dashboard to your managers and CIO.
  • Help for IT SUPPORT to determine end-user problems and incidents.

Which solution?

 

5) Keep the link with your team with unified communication tools

Finally, the lockdown shouldn’t be an issue to keep communicating within your team.
There are a very large number of solution and free tools available to keep the link with your team even from a distance

 

Communicate during the lockdown

  • Keep the link with your team, your customers and partners.
  • Manage online meetings
  • Coordinate your teams (project, operation, study, audit …).
  • The lockdown has generated a massive adoption of teleconference services (ZOOM, TEAMS, WEBEW => x20).

Our recommendations 

  • Keep your physical meeting and do it with an online meeting
  • Show webcams (if your bandwidth allows it)
  • Round table to check collaborators state of mind
  • Bring something new or a new topic to recurring meetings (for example a guest from another department or a VIP).

Which solution?

  • Microsoft TEAMS.
  • @Visio by Ozitem
  • Téléphony : Migration through TOIP cloud solution (8×8).
  • Google hang out
  • Jitsi

 

 

A few words about Ozitem :
Ozitem Group brings together two sets of infrastructure experts: Ozitem for in situ infrastructure and Owentis for cloud infrastructure. Our goal is to add value to your IT ecosystem and daily operations.
With a large panel of services, resources, solutions, and a strong taste for innovation, Ozitem is your trusted digital transformation partner.
We support SME and large corporations worldwide in various types of projects around IT infrastructure matters, thanks to our experts available 24/7, our strong international technical mesh, and our operations center in Asia and Europe.

 

 

 



Find more information about Ozitem
on our website.
Don’t hesitate to get in touch with us directly here.

Simon BRYARD
Business Developer APAC

SBRYARD@owentis.com
Vietnam :+84374055104
Singapore : +6531590011

 

parallax img