How to enable secure hybrid working when your IT is growing in age, not budget

Is your organisation running on ageing legacy infrastructure?

According to a survey by Cloud Industry Forum, 90% of organisations have experienced difficulties migrating to a cloud solution, with 43% citing complexity as a migration issue – the most-cited issue by far.

In the public sector especially, this issue became all too clear as the pandemic began to take hold in 2020.

67% of government IT leaders in Europe said legacy infrastructure was holding back digital progress as they tried to adapt in the wake of Covid-19, according to a Pure Storage survey last year, with 87% saying operational costs were increasing as a result. 

That latter point is critical here. Lack of budget is often cited as a barrier to digital investment, particularly in the public sector. And often decision-makers are stuck between a rock and a hard place. 

They know investing in the right technology could save them money in the long run. And this is especially true of cybersecurity, where not investing in the right approach brings with it the potential (enormous) added cost of a data breach. 

Equally, however, they don’t have money to burn on a large-scale transformation project. 

But when 66% of respondents in that same survey feel investment in infrastructure security is not keeping up with security threats, clearly something has to give. 

And that something doesn’t have to be the quality of the experience you give to employees, customers or citizens. Because while 57% of leaders said they would sacrifice technology performance in favour of enhanced security, that isn’t always necessary. 

There are ways you can have your cake and eat it, even if your infrastructure is as old as your budget is small. 

The phrase ‘digital transformation’ can sometimes be misleading. 

Aside from being overused to the point of entering buzzword bingo territory, it doesn’t accurately portray what the phrase actually means. 

The word ‘transformation’ feels enormous. It immediately makes the task sound scary, disruptive, too big to achieve.

But that’s not what digital transformation is about. 

It’s about making changes wherever you can, however small, in a way that has a real impact on the way your people work and serve your customers. And all those changes add up to a better-performing organisation. 

This is true of cybersecurity too. 

You don’t need to overhaul everything at once – every system, process and piece of technology.

It’s possible (in fact, advisable) to modernise your cybersecurity in incremental stages while unlocking some of the immediate benefits like the ability to enable secure hybrid working. 

One London council we worked with, facing the kind of infrastructure and budget challenges we highlighted earlier in this chapter, decided to take more of a half-and-half approach. 

The council adopted a cloud-based approach where it was possible and affordable to do so. And where it wasn’t, the team deployed a more traditional firewall to keep those elements protected. 

At some point, budget and resource allowing, the council may decide to move more of its infrastructure to the cloud, and its cybersecurity approach will adjust accordingly. 

For now, however, the council can enjoy the benefits of digital transformation in a way that works for its current situation – all while keeping critical data safe. 

This shift away from traditional thinking is allowing even public sector organisations to completely modernise the way they do things when it comes to connectivity and cybersecurity. If you can move something into the cloud, make it happen.

If you can’t, use a combination of traditional and cloud-based approaches until you can.

Achieving the above is no walk in the park, of course. 

The path to digital transformation doesn’t always have to be fast, but the journey can be complicated, especially when you’re trying to balance today’s technology needs with yesterday’s infrastructure. 

To navigate those complexities successfully, you need a roadmap: a solid picture of where you are today, a clear vision of where you want to be and a realistic plan to get from the former to the latter based on your current infrastructure and budget. 

This is where cybersecurity becomes less about technology and process and more about strategy. An outcome enabler rather than something you only do out of necessity. 

And while some organisations may have skills and resource to manage that roadmap in-house, many will choose to outsource much of the heavy lifting to a technology partner. 

If you are going to do that, make sure you look for a partner that doesn’t have a vested interest in one particular solution or approach. 

That partner will always say the answer to your cybersecurity challenge is the thing they happen to be selling.

If you work with a partner that has no vested interest one way or another, however, they’ll look at your situation objectively and help you plan a roadmap of digital change that actually reflects what you need today and in future. 

Want to learn more about staying secure in a hybrid working world?