With a growing number of connected devices and changes to the way we work and communicate, connectivity resilience is, today, a vital part of risk management and business continuity planning.
Every organisation is different, so the types of connectivity required and the best ways to plan for and manage connectivity resilience will be different in every case.
However, broadly, we can say that there are four different types of connectivity that need to be considered:
• Connectivity to your business site(s)
• Connectivity between business sites
• Connectivity onsite
• Connectivity for remote and hybrid workers
For most of us, the importance attached to each of these types of connectivity has changed in recent years.
For example, in the last decade and, especially, since the start of the pandemic lockdowns, remote and hybrid working has become normalised in many organisations. This means that ensuring connectivity for remote and hybrid workers has increased in importance for most businesses.
Similarly, changes to IT architecture and cloud migration have meant that connectivity between business locations has waned in importance. Connectivity to public cloud providers and the public Internet is now more important to most businesses’ continuity planning that secure WAN connections between regional offices and their main server room.
It is, therefore, important to review your connectivity resilience on a regular basis (at least as frequently as you update and test your business continuity plans), so that you know that your connectivity resilience reflects your current business requirements.
For most businesses, the line into your building will be the biggest single point of failure. If it was disrupted for any reason – for example, if roadworks outside the building cut through the fibre – your access to cloud services, the public Internet and VoIP services would be lost.
While the loss of service might grind your operations to a halt, it probably won’t be a priority for your fibre provider. Typical SLAs work to six-hour fix times – if you’re lucky. Could your business really afford to be offline that long?
For this reason, the gold standard for connectivity into your building will include:
• At least two different access points into the building, with fibre entering the building from different directions and at different entry points.
• At least two different providers into the building.
• Dual exchanges and separate termination equipment.
• Automated failover.
However, for small businesses, your smaller sites, or rural locations without numerous fibre providers in the area, ensuring this level of connectivity resilience simply isn’t possible and/or cost effective. In these cases, adding in a second connection via satellite or 4G/5G mobile connectivity might be the only practical way to ensure the necessary resilience.
Dedicated secure lines between your business locations used to be a staple of any business connectivity resilience. Ensuring secure connections between your various business locations and your main IT server room(s) was vital for business continuity and this usually meant dedicated private lines and/or VPNs.
As the UK’s National Cyber Security Centre (NCSC) acknowledges, “In a typical organisation, data-in-transit protection for remote clients is achieved using an Always-On VPN across an untrusted network.”
Of course, this type of connectivity is expensive. So, as businesses move towards hosted cloud infrastructures with minimal IT infrastructure hosted on-premises, these expensive fixed lines and VPNs can be retired.
However, it is important that your VPN is only retired when you are sure you have adequate alternative measures in place to replicate the security advantages of your VPN. This will mean moving to a “zero trust” approach. However, the NCSC warns that, “If your network is large, complex or contains many legacy systems, you may find that it’s not possible to achieve the same level of security in a zero-trust architecture with current technology.”
If you aren’t sure that you have appropriate measures in place, we recommend that you reach out to third-party cyber security experts – like the Grant McGregor team – for guidance.
As well as ensuring connectivity to the public Internet and the cloud services you use, you must also think about securing the connectivity on site. This is especially true for large sites or sites with a lot of connected devices, such as automated warehouse facilities or production halls.
There have been changes to the way we work and technological advances which are driving change in this regard too.
One way to build greater connectivity resilience for large or complex sites is to move from traditional Wi-Fi connectivity to a mesh networking approach. This changes the model from the hub-and-spoke approach of traditional Wi-Fi to a more resilient architecture with a mesh fabric.
As well as ensuring greater resilience, a mesh networking approach is better suited to serving mobile devices (whether user devices or autonomous vehicles) and avoiding the problems of blank spots when trying to cover large geographic areas.
Perhaps the most difficult element of connectivity in the modern workplace for which to build resilience is the connectivity of remote and hybrid workers.
These workers are connecting via public Internet or their home Internet connections, which poses problems in terms of bandwidth, security and failover possibilities. For these users, the second connectivity option will, more often that not, have to be mobile data via a company mobile device.
To boost connectivity performance and resilience for these workers, some businesses are offering enhanced connectivity as part of a benefits package. For example, when hybrid and remote workers have been at the company for six months, the company pays for the broadband connection to be installed/upgraded. The cost of the line is paid for as a business expense until that worker ends their contract.
High-performance broadband isn’t available everywhere, however. This means the ability of organisations to build this type of connectivity resilience varies greatly by geography – as well as user willingness.
When it comes to planning connectivity resilience two questions are most pertinent:
• Where are your business-critical systems hosted?
• Where are the consumers (i.e. devices, services, people) of those business-critical systems located?
Connectivity between those two groups of entities must be protected in the best way possible according to the constraints of practicality and cost appropriateness.
This answer will vary by organisation and by location, but careful planning can create an optimal solution that meets your organisation’s connectivity resilience needs.
If you’d like to know more about any of the topics discussed in this article – including planning or scoping out your connectivity resilience needs or how to ensure greater resilience for any aspect of your business connectivity – please get in touch with the Grant McGregor team.
Call us: 0808 164 4142
Message us: https://www.grantmcgregor.co.uk/contact-us
Further reading
You can find more ideas and information about business continuity planning, networking and connectivity topics elsewhere on our blog:
• What's the Difference between Disaster Recovery & Business Continuity?
• How to ensure the success of your disaster recovery and business continuity plans
• Do your backups include this important information?
• The Importance of Online Backup for SMEs
• You should be getting more from your IT partner
• Tips for successfully implementing a zero-trust approach to cyber security