Turning Adversity into Opportunity

During the 2008 financial crisis, wearing my business-consulting hat, I wrote a paper and gave a number of talks entitled “Surviving and Thriving in a Downturn.” I focused on specific operational steps that could be taken to strengthen a business in a downturn in order not only to survive but to come out of the downturn as a better and stronger organisation.

Recently, with all the events of 2019 in Hong Kong as well as the issues around the current coronavirus, I have been inundated with enquiries about how to deal with the wide-scale business disruptions that have resulted. So here is a little insight on how to go about it, and possibly leave your business better off for the changes.

Today a myriad of technologies have matured to a point where almost any organisation can easily adopt and reap the benefits of their offerings in order to streamline and strengthen their businesses.

Business Continuity Plans

As always in disruptive situations, those businesses that had good business continuity plans (BCPs) and adopted them or adapted first, now have a tremendous advantage over their competitors by being able to operate effectively within the situational constraints, while many latecomers are struggling to stay alive and maintain their services whilst playing catch up.

Mission: Adversity into Opportunity

I don’t want to dwell on the negatives but rather to talk about how in this very difficult business environment, organisations can turn adversity into opportunity. Obviously “office-based” industries are the ones that will benefit the most; nevertheless, almost all industries have a lot to gain.

More than Cloud Computing

There has been much talk in the media about cloud computing. If it’s appropriate for you and done right, this can be a real boon; done badly it can be your worst nightmare. Also there are many misconceptions about what “the cloud” is and how it can be used. There is no doubt that traditional public cloud computing offers advantages, but it also brings with it considerable risk to an organisation by centralising its data off-site – therefore opening it up to all kinds of of public attacks.

Some Cloud Flavours!

There are many variations on public cloud computing that can be very cost-effective and provide similar benefits without the public exposure – or at least not to the same extent. Here is a comparison:

Public cloud

• Data and apps are located in public data centres.

Private cloud

• Data and apps are located on business premises and available over the internet.

Hybrid Cloud

• A mixture of public and private cloud strategies.

Edge Computing

• More emphasis is placed on the storage of data at the site at which it is used and less transmission across the internet.
• Often uses components of public and private cloud, and traditional office IT systems.
• If this is suitable to you it can bring many benefits in terms of reducing your online exposure as well as giving your users a much more responsive system experience.

For some smaller SMEs who just need one of the above flavours with a little topping, setups can be done in as little as a day. The trick is choosing the right flavour, and then doing the right training thereafter.

Make the Correct Choice for Your Business

Making the correct choice is not easy. The decision involves not only what is appropriate for your industry; it must also be right for your business. You must consider matters such as:

• Who needs to access your data, and from which locations?
• What level of responsiveness do you need from your data?
• How reliable is the internet connection, and what would happen to the chain if that connection were temporarily lost?
• What are your industry’s data privacy requirements, and what are the regulations around that?
• Be especially careful about security and associated regulations if you are in or highly involved with such fields as legal, accounting, finance, healthcare, regulatory, government, or organisations in similar areas.
• There may be legal restrictions on where and how you keep your data. So steer well clear of anyone who comes to you with a “one size fits all” solution to your needs.
• Don’t forget to take into consideration your business and your clients’ cultures. Getting this wrong could be devastating!

Your Data Is Your Most Valuable Asset

When it comes to your data, it is critical that you understand the value of what you are handing over to your service provider. After all, in the wrong hands, that data is only as safe as the weakest-willed individual in that organisation.

• The probability of a bad egg increases proportionately with the size of the service provider you choose to work with.
• Likewise the larger the service provider, the larger the target from outside attacks.
• Why would you want to walk around with a big target on your back?
• I often hear, “Well, the big guys use this company, so why shouldn’t I?”
• First of all, the big guys have big budgets.
• Big IT departments can handle the nitty-gritty of getting the job done and securing their assets online. But even then there are always data breaches,

I ask you to think about the number of breaches you can remember. No industry is immune – from banks to airlines, internet service providers (ISPs), email providers, social media: the list goes on and on.

The Right Choice Need Not Be Difficult or Expensive

The good news is that doing it right does not need not be hard to implement, or expensive. There are a number of strategies that one can adopt, depending on your industry and your particular needs.

When it comes to choosing a service provider for data storage, it is essential that you work with someone who has the ability to understand not only the technology, but also your business and its workflow. This makes sense from the point of view of getting the right solution, but it also enables you to do a review of your business processes at the same time, folding in a lot of streamlining at no extra cost. Done right, the benefits in terms of efficiency and cost can be really dramatic, especially regarding rent, staff and all manner of associated resources.

The Biggest Obstacle

Very often the biggest obstacle to moving forward comes from “vendor lock-in” from the purchasing organization’s existing information systems vendors, or unbelievably from their own IT staff, who are cosy with the status quo.

Avoiding Lock-in:

When you adopt systems for the future, ensure that as the work environment evolves, you don’t get stuck with a product that is going to lock you in.

Watch out for:

• Unscrupulous vendors who have complicated terms and conditions with the “gotcha’s” deeply buried in in veiled language, or even worse…
• Master keys whereby they can control your very assets (indeed I’m dealing with such a case at the moment).

Most large vendors will lease you a system that has a lock-in without your even realising it until you try to make changes.

Beware: A Little Knowledge is a Dangerous Thing. Ransomware and Malware risks abound!

Interestingly I have also received enquires to see if I could help a number of organisations that have been caught with malware or ransomware, as they have tried to go about working remotely by adopting a DIY approach without taking advice and appropriate protection in advance.

Unfortunately, this is like closing the barn door after the horse has bolted. Sadly for those who are not properly protected, there is really very little one can do to get one’s data back once it has been encrypted by ransomware, or to delete it from the public domain once it has been compromised by malware. After such an attack you are almost entirely at the mercy of your attacker.

*This article first appeared in a slightly different form on LinkedIn. Reprinted with permission of the author