The Risk of IT Business as Usual
IT teams within mid-sized organisations are over-stretched. Resources are scarce, with sometimes skeleton teams responsible for all aspects of IT delivery across large numbers of users. With up to 90% of the team’s time being spent ‘keeping the lights on’, there is minimal scope for the strategic thinking and infrastructure optimisation that business leaders increasingly demand. Yet without IT, businesses cannot function. And in many cases, there will be compliance or regulatory consequences in the event of a data breach.
With cyber security threats rising daily, businesses cannot afford to focus only on Business as Usual (BAU). But without the in-house expertise in security, backup and recovery, or the time to keep existing skills and knowledge at the cutting edge, IT teams are in a high-risk catch-22. Steve Hollingsworth, Director, Covenco and Gurdip Sohal, Sales Director, Covenco explain why a trusted IT partner with dedicated expertise in key areas such as infrastructure, backup and security to the existing IT team, is now a vital component of supporting and safeguarding business.
Unattainable Objectives
Prioritising IT activity and investment is incredibly challenging. While IT teams are being pulled from pillar to post simply to maintain essential services, there is an urgent need to make critical upgrades to both infrastructure and strategy. The challenges are those IT teams will recognise well: cyber security threats continue to increase, creating new risks that cannot be ignored. Business goals – and the reliance on IT – are evolving, demanding more resilience, higher availability and a robust data recovery strategy. Plus, of course, any changes must be achieved with sustainability in mind: a recent Gartner survey revealed that 87% of business leaders expect to increase their investment in sustainability over the next two years to support organisation-wide Environmental, Social and Governance (ESG) goals.
But how can IT Operations meet these essential goals while also responding to network glitches, managing databases and, of course, dealing with the additional demands created by Working from Home (WFH)? Especially when skills and resources are so thin on the ground. While there are some indications that the continued shortage of IT staff may abate by the end of 2023, that doesn’t help any business today.
Right now, there is simply no time to upskill or reskill existing staff. Indeed, many companies are struggling to keep hold of valuable individuals who are being tempted elsewhere by ever rising salaries. Yet the business risk created by understaffed and overstretched IT teams is very significant: in the most recent fine imposed by the Information Commissioner’s Office (ICO), for example, companies are being warned of complacency and failing to take the essential steps of upgrading software and training staff.
Differing Demands
With four out of five CEOs increasing digital technology investments to counter current economic pressures, including inflation, scarce talent, and supply constraints, according to Gartner, something has to give if resources remain so stretched. And most IT people will point immediately to the risk of cyber security breach. Few companies now expect to avoid a data breach. According to the 2022 IBM Data Breach survey, for 83% of companies, it’s not if a data breach will happen, but when. And they expect a breach to occur more than once.
The research confirms that faster is always better when detecting, responding to and recovering from threats. The quicker the resolution, the lower the business cost. But how many IT teams have the resources on tap to feel confident in the latest security postures or create relevant data backup and recovery strategies?
These issues place different demands on IT teams. While most organisations will need 24/7 monitoring against the threat of a cyber-attack, in contrast establishing and then maintaining data backup and recovery policies are not skills that are required full time. Most companies need only an annual or bi-annual review and upgrade. Which is where a trusted partner with the ability to deliver an end-to-end service covering infrastructure, backup, managed services and security – that can flex up and down as the business needs it – is now becoming a core resource within the IT Operations team.
Extended Expertise Resource
A partner with dedicated technical expertise can augment existing skills in such specialist areas. These are individuals who spend every day assessing the latest technologies and solutions, who understand business needs and know how to achieve a best practice deployment quickly and, crucially, right first time.
Taking the time to understand the entire IT environment and assessing the backup and recovery needs, for example, is something that an expert can confidently and quickly achieve without the Business-as-Usual distractions a member of the IT team faces. What is the company’s Recovery Point Objective (RPO) or Recovery Time Objective (RTO)? How long will it take to get back up and running in the event of an attack or server failure? What are the priority systems? How is the business going to deal with a cyber-attack?
By focusing exclusively on where risks may lie and then implementing the right solutions quickly and effectively, a partner can de-risk the operation. From a VEEAM backup vault in the cloud or instant database copies using IBM FlashSystem, a disaster recovery plan that includes relocation or high availability with a goal of achieving a local recovery within minutes, the entire process can be achieved while allowing the IT team to concentrate on their existing, demanding, roles.
Conclusion
Whether a company needs to expand its infrastructure to support the CEO’s digital agenda or radically improve cyber security, or both, very few IT teams have either the spare capacity or dedicated expertise to deliver. Focusing on Business as Usual is, of course, an imperative – but unfortunately just not enough in a constantly changing technology landscape.
Partnering with a trusted provider with the capability to deliver a flexible end-to-end service with dedicated skills as and when required to supplement and support the overstretched IT team, is, therefore key to not only keeping the lights on, but also ensuring the business’ current and future needs are effectively addressed.