Jul 18 2022

Why the Right End-User Hardware Is a Key Part of Business Continuity Plans

Business continuity is critical for companies to limit operational downtime and reduce monetary losses. The right endpoints play a key role in this process.

Network downtime is costly for businesses. While recent survey data found that the total number of downtime incidents is declining, costs are coming up: In 2021, 69 percent of data center owners said they experienced some type of outage, down from 78 percent the year before. But 62 percent of outages were classified as significant or worse, up from 56 percent in 2020, leading to costs exceeding $100,000. What’s more, 15 percent of outages in 2021 cost more than $1 million.

To help mitigate the impact of unexpected downtime, a comprehensive business continuity plan is essential. In a world where hybrid and remote work are standard operating procedures, however, continuity must extend beyond digital infrastructure and software to include end-user hardware, no matter when, where or how it’s being used.

Learn about Lenovo's products and how they can ensure network reliability.

The Evolving Nature of Business Continuity

“Teleworking has changed the business continuity game,” notes Neil Lappage, a security adviser with the IT trade group ISACA. “If you’ve got users working remotely and laptops die, teleworking has resiliency built in. Organizations no longer have a dependency on the physical building.”

Lappage recalls a previous role managing a large data recovery center in Australia. In the event of unexpected downtime, company infrastructure would be replicated to the recovery center, and businesses would move operations to the center until their IT environment could be restored.

“Now,” says Lappage, “we’ve decoupled business continuity from the hardware. Instead, we connect to a virtual desktop infrastructure that supports continuity by connecting to a session that never changes. That allows us to connect from any device using multifactor authentication.”

While this approach offers a way for organizations to minimize downtime in the event of a disaster or security breach, there’s a case to be made for stopping downtime before it occurs. Although disaster-driven downtime can’t be controlled, new frameworks can help empower end-user devices to proactively detect and address potential security issues.

Neil Lappage
If you’ve got users working remotely and laptops die, teleworking has resiliency built in. Organizations no longer have a dependency on the physical building.”

Neil Lappage Security Adviser, ISACA

Thinking Outside the Business Continuity Box

The goal of business continuity is to minimize disruptions. When it comes to end-user hardware, however, security and continuity are often at cross-purposes. Where continuity looks to streamline operations, security focuses on controlling risk. The result is a push-pull dynamic in which security impacts performance and continuity potentially limits protection.

Solutions such as the ThinkShield security portfolio from Lenovo, powered by the built-in hardware-enhanced security features of the Intel Evo vPro platform, can help companies break out of this business continuity box.

From the Intel Hardware Shield (which layers additional security onto the desktop or laptop BIOS) to smart port protection (which allows only the connection of nonstorage devices to a custom, embedded security chip that performs security functions completely isolated from software), ThinkShield lets users maximize performance without compromising protection.

EXPLORE: See how businesses can build secure, resilient networks and minimize downtime.

Making Business Continuity Work: Test, Test and Test

While both cloud-based and physical devices have a role to play in effective business continuity, Lappage notes that it’s not enough to simply implement these frameworks. Companies need to create robust continuity plans that lay out what happens, when and why in the event of a potential compromise.

“The most important thing is the testing phase,” he says. “Without testing, people don’t have assurance that the plan is going to work. You need to know at what point your incident response plan triggers your business continuity plan. What type of event necessitates its activation? You don’t want people going in cold.”

Effective hardware security is part of this larger testing paradigm: By simulating potential attacks, businesses can ensure that end-user devices are equipped to guard against threats and take action to prevent compromise, in turn derailing potential downtime and minimizing the need for full activation of their continuity action plans.

Bottom line? Effective business continuity depends on an end-to-end approach. While this includes both resilient hybrid networks and solutions such as cloud-based VDI, it also depends on end-user devices equipped with built-in security to reduce the risk of unexpected operational downtime, says Lappage.

“It comes down to one word: preparedness.”

Brought to you by:

Marco VDM/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.