Need for Speed
It’s a New Year, and that means making some resolutions. You may have already given up on your marathon training or your pottery class. But when it comes to your organization’s IT priorities, it’s important to complete your to-do list. Yet we find that many organizations don’t know what their top priorities ought to be. So I asked our senior NetCraftsmen for their best recommendations, and below they offer several ideas for what you should be striving to accomplish this year.
Want to talk about how to meet some of these objectives? Have one of your own that you’d like to talk about? Reach out for a conversation.
Increase budget/staff/use of consultants (seriously). Most organizations are trying to do more with fewer people and less money. Things are getting stretched too thin, with increasing indirect costs. Shift the focus a bit towards the quality side, and reduce downtime.
Get design advice and second opinions, whether for your own team or vendor’s teams. Vendors generally do a good job but are incentivized to sell boxes and software. What’s best for you? In-house designs can be fine, but getting an outside opinion from those who have seen many more network designs might save you money, implementation complexity, and/or later downtime.
Look to the future. Networking is changing and organizations are going to have to adapt to stay competitive. We’ve investigated software-defined networking and network function virtualization with a few organizations who have not seen a compelling need for either of these technologies. We expect to see adoption grow, so organizations should expect a few senior network and IT staff to spend time learning about new technologies and how they can be best applied to the business. Track what similar businesses are doing with new technology so that your business doesn’t have to catch up to the competition.
Improve system management. Integrate network and system management into daily operations with an eye toward the processes and procedures that will be required as IT changes. (I’m including networking in ‘IT,’ as I see these merging as virtualization continues to grow.) Your IT organization (networking, server, storage, and apps) will need to operate in an environment where everything has virtual instances that are very dynamic. Manual configuration and management processes will not work in this new world.
Set budget aside for discretionary projects. There are always high-priority, well-funded projects. But we often find that there are also some things that desperately need doing, yet have no formally approved budget associated with them. Find a way, working within your organization’s guidelines, to preserve some discretionary budget to address these important, but otherwise unfunded, items – and then use those funds to address important issues and create the more agile business environment everyone else wishes they had.
Take a hard look at how you address security. Firewalls and antivirus solutions haven’t been enough for a very long time now. Adding web filtering and email filtering still isn’t enough. A little bit of IPS still isn’t enough.
Don’t let your teams get distracted by the noise of low-value threats. Focus on the important stuff, and create a threat-centric plan for how your organization addresses security. Articulate what you’re doing to harden your environment before an attack, to defend it and detect intrusions during an attack, and to scope/contain/remediate after the inevitable successful attack.
Remember that “security” can’t be achieved merely by deploying network security appliances – you need to also address process and employee education, and provide continual reinforcement. No matter how much due diligence you exercise, people will still be humans, and they will continue to fall victim to determined attackers. If you’re well prepared, you can minimize the costs of those problems by several orders of magnitude through quick response. Lastly, make sure you have an incident response contract in place with an expert security firm if you don’t maintain that high-level expertise internally.
Consider reducing your number of network and security management software tools. Most IT shops have more than they use effectively. Fix this for your shop. Figure out what tools are worth the investment, and then find a “tool-meister” (or more than one if necessary) who will make sure that your tools are kept in good working order (accurate device lists, recently patched, well-tuned alarms, etc.) and to evangelize their use throughout the appropriate teams. When you’ve found a tool that will dramatically improve some aspect of your environment if used, reinforce with your teams continually the need to use it.
Train your staff if they’re tool-averse, because the productivity gains to be had are simply too great to ignore. If you have employees who won’t adopt critical productivity-enhancing tools, explain to them that it’s no longer optional. This will take more than a mandate. It will take daily management interest and reinforcement until the staff is made up of true believers. Effectuating this kind of cultural change is effective leadership at its best, and it will be well-rewarded with organizational performance improvements.
Invest in soft skills and professional development training for your technical staff. They need more than just vendor-sponsored classes on specific products and technologies. Your success as a leader will, in the long run, be measured by the success of those who served under you. Grow them not only as technical specialists, but as effective team members for the organization at large. As they grow, they’ll become not only more valuable to the organization, but better people too.
Document the network and critical applications/systems. If your staff can’t or simply don’t document, find someone who can. You’ll need that documentation if critical staff become unavailable or leave the organization. Once you have it, maintain it. Make a point to regularly incorporate changes into design and operational documentation. This will help you not only when you need to bring in new staff but also if you reach out to a consultant. Accurate documentation can decrease upfront discovery costs associated with taking on a new project.
Find a consultant or partner you can trust to be your technical advisor. Even if your own staff does most of “the work,” outside and/or expert advice can help ensure that you balance both strategy and cost. As I said in my blog post from 2015, “The Value of Strategic Design,” doing things right the first time is always important, especially since, as Peter said, most organizations are trying to do more with less. A little extra time and money upfront can potentially save a lot later on down the line.
Now, more than ever, companies need to strike a balance between their business objectives and their technology initiatives. The industry is poised for rapid succession of market disruption and it is going to be really difficult to weed through the options and find solutions that actually have staying power.
We are seeing a lot of point solutions pop up with the promise of rapid development and lower total cost of ownership (TCO). The solutions available in the unified communications and collaboration space are numerous, and many of them are viable. However, not all of them will win out. So, it is wise for organizations to first get in tune with their business. They need to understand their core drivers, define their solution architecture, and then determine what is managed in their private cloud and what they “rent” from the public cloud. If they make a good choice then they will likely achieve that lower TCO. But if they make the wrong choice, they could find themselves locked into contracts with some real losers.
Need for Speed
Container-Based WAN Monitoring
What is NVMe and How Does It Impact My Network?
Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.
Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.
John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services. Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.
He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.