Respond, recover, and thrive has been saved
Respond, recover, and thrive
Deloitte on Cloud Blog
Four things you can do today to enable a successful post-COVID recovery and enhancement of enterprise IT.
While the current COVID-19 pandemic has brought heartache to many—and misfortune to many businesses—there are nevertheless lessons for the business community to apply to its response and recovery. For those business leaders struggling to make sense of what’s happening to their organizations and how to quell the damage—it’s not too late to start making plans to facilitate your enterprise’s move forward into a full recovery, all while vastly improving your IT operations.
There are four steps you can take today to help weather the next crisis. The success you have in completing those steps will go a long way in helping you survive and thrive post-crisis.
Conducting a post-crisis assessment
The first step to take, post-crisis, is to honestly assess what worked, and what didn’t, during the crisis, to help prepare for, or even help eliminate, catastrophic damage from the next crisis that might befall you. Two key questions frame this assessment: what didn’t work, and what did.
What likely did not work
Most business leaders probably grossly underestimated the immediate severity of the crisis and the required response to it. Now it’s time to retrench and understand what the initial problems were and how they affected your company—and still may be. For example, in many organizations, staff were denied access to their office buildings. As a result, system components in data centers may have been forcibly neglected, resulting in a loss of critical processing capabilities.
Many companies were also likely unprepared to support a predominantly-remote workforce, so they may have lacked the infrastructure—such as enough VPNs—to support a remote working model. There were also probably new security issues vis-à-vis so much data being distributed amongst so many remote workers.
What likely did work
Alternatively, companies that have thus far weathered the pandemic relatively unscathed likely had enough VPNs to support a mass remote-work model, as well as a distributed security setup. These companies also most likely made investments in public clouds, which made them much less dependent upon those physical data centers, an advantage during shelter-in-place orders.
Creating a future-state vision
The next step is to create a vision of your future state in preparation for handling the next crisis more effectively. There are several activities necessary to define your future state. These include:
- Determine the business priorities. Agree on what issues are most important for the business and rank them. Keep in mind that everything can’t be important. Make hard decisions between what is really needed, as opposed to what is merely wanted. These priorities translate into a roadmap for any required transformation.
- Determine the enabling technology. Define transformation technologies. These could include cloud-based systems, networking upgrades, and other things needed to make your systems more resilient during a crisis. Learning from experience is key here.
- Define success. Create new metrics that will define a solution that meets the needs of the business. Define what success means to the business, what it looks like, and what changes will reflect this success. Perform stress-testing to understand how well your new technology configuration will perform under crisis conditions.
- Evaluate risk. Evaluate how particular changes in technology will reduce or increase your risk. Do a cost-benefit analysis on any required changes. Predicate this analysis on understanding the business case and on placing a dollar amount of risk itself.
Planning to move
The next step is to begin the migration/transformation process for technology components such as storage, compute, security, governance, applications, data, etc. This is where you’ll also determine how to move those components from a platform of higher risk to a platform of lower risk.
Surprisingly, the answer is not always, “the cloud.” The purpose here is to develop a migration strategy that meets business requirements. And, have a rollover plan. It won’t be good if critical systems crash while you’re migrating to more resilient systems.
Next up is determining future-state resources. Here you’ll look at the people, tooling, platforms, funding, and outside assistance you’ll need going forward. Be careful not to over or under-estimate resources!
Once you’ve determined what migration resources you’ll need, you can develop a timeline for migration. One way to help make sure critical tasks are completed on time is to establish a Project Management Office to look for, and resolve, dependencies that could hinder progress.
The final task in planning your migration is to develop success metrics and monitor them to assure stakeholders that you’re meeting expectations. Because technology migrations are major investments, stakeholders typically require these assurances in writing.
Defining operational excellence
As you move to the operational stage of the migration, you’ll need to think differently about operational processes and tooling. Building a cloud operations team is key here, along with automating networking operations runbooks and implementing security operations (SecOps), as well as determining what other, additive processes are needed to support the new technologies you’ve put in place.
These new Ops processes and the tooling should carry their weight by providing additional agility to existing systems. This includes the ability to:
- Move processing and storage from one geographical region to another
- Provide proactive security monitoring and automated responses
- Auto scale to more effectively utilize resources
- Provide self-healing capabilities, as well as links with management and monitoring systems for cloud and non-cloud systems
To optimize cloud and non-cloud operations, it’s essential to strive for continuous improvement of operational systems. You can improve by constantly evaluating whether systems are optimized. If the answer is “no,” then develop a plan to facilitate improvement.
All of this might sound overwhelming, but overall it’s a simple pattern. As the COVID-19 crisis continues to evolve, understanding what went wrong and what went right, and what needs to change, is key to being able to prevent the same things from going wrong again during a future crisis. Then, learn from the mistakes you made. Remember: future success isn’t necessarily about the things that went wrong; things always go wrong. It’s about learning lessons from mistakes so you can recover and thrive.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the “Deloitte” name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.
This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this publication.
Interested in exploring more on cloud?