Don’t Let Complexity Make Your Network a Liability

We’ve all experienced a blurring of the lines between the workplace and our personal lives, as we answer work emails at home, shop for personal products during lunch at the office and place work calls on whatever device is in our pockets. A company’s networks are no exception: The proliferation of third-party cloud applications; a vast increase in the number of devices accessing networking resources; and an increasingly mobile workforce using cloud networks off-premise mean that there is no longer always a clear separation between internal and external networks — or even a clear understanding of which network is being used.

It’s no wonder CIOs are feeling the pressure: After all, the performance, availability and security of internal networks is critical: the business itself is at stake.

“It’s the biggest challenge in the network space right now,” says Tim Williams, a managing director at KPMG. “The CIO and network directors need to figure out how to create a seamless and secure experience for employees and guests accessing the network.” In the “old” days employees might only have had access to network resources during the business day, in the office, or remotely on a very limited basis, or only for email. But that’s far different now, when there are ever-higher expectations to make networks available through smartphones, on email, on airplanes, from anywhere, at any time. 

The more control an organization has over the network, the better, says Williams, but that doesn’t make the issues related to availability, performance and security go away — instead, it’s critical that these issues are thought through properly upfront to manage and deliver services in a complex environment with many more moving parts.

“For example, if you want to implement a new capability on the network, it’s a lot harder today because you may have four people who own components of the infrastructure that provide the capability,” he says. And if you need to implement new security mechanisms on the network, parts of the network could be run by the company, as well as several third-party vendors, he points out:  “There are many more people responsible for part of the end-to-end the network service.” 

CIO as Manager of Network Capabilities

As a result, it is hard for the CIO to manage and deliver services, since so many components are no longer under the end-to-end, direct control of the IT organization. To meet the needs of today’s business, says Williams, good CIOs are now spending more of their time educating the business about the state of today’s networks, brokering services, as well as managing vendors and network capabilities. The CIO needs to think through how services are provided to the business, particularly for growing organizations that are dealing with increasing complexities in operations management and network capabilities.

“Many clients need to figure out how to better manage what they have,” says Williams. “How can they go back and alter the way the architecture was implemented, or how do they better integrate with service vendors or other partners? Or even, what do they do if they moved too fast — how do they fix the things that they didn’t do properly?”

What’s at Stake: And, Steps to Take 

There is plenty at stake for the CIO in this new world of networking, warns Williams: “CIOs are on the hook for performance, availability and security every day,” he says. “The business wants IT to work — and when things break, it’s on the CIO’s head.”

What may seem to be a networking problem is, ultimately, often an IT strategy problem, he continues. But CIOs may not have had the time, people or capabilities within the organization to deal with it, “especially when they’re working on keeping the lights on.” However, while every organization is different, there are several important steps the CIO and networking organization should take to engage the business and keep networks running smoothly:

1.     Step back and decide what is most important. Look at the broadpicture to determine your biggest gaps, says Williams. “For instance, if security is most important, don’t spend cycles fixing vendor management,” he explains. “Most companies are lean in IT, so they have to be very strategic about what they focus on and where they put their people. So, take the time to figure out what’s most important and plan to execute against it.” 

2.     Get your strategy back. According to Williams, many clients with IT strategy and enterprise architecture functions shed those resources during one of the last two financial downturns, because they were not critical to keeping the lights on or rolling out new capabilities and services. “But they didn’t stop building out the company’s infrastructure, and now that proliferation of devices without a strategy makes the management of the network environment even more complex,” he says.  On top of that, the migration of solutions to the cloud have put even more demands on network services.  Now that organizations have stabilized and increased spending, IT organizations may not have an IT or a network strategy to support all of this change. “They have to think about how they pull this all together, integrate services, or change directions”

3.     Be diligent about strategy alignment. Companies need to look at their strategy and structure, their network architecture, and make sure they are diligent in aligning to those strategies, says Williams. For instance, a strong vision for network security is essential, so making sure the CISO has seat at the table is a critical factor in ensuring network and security groups are aligned with and support the goals and requirements of the rest of the business.  And, with more and more applications moving to the cloud, the CIO needs to be aware of both the network and security implications of that, and how to support a strategy that include cloud and its security implications.  “There is such a heightened attention on security that it has to be an integral component of the IT strategy and the business needs to be aligned with what the network and security teams are doing,” he says. 

For more on how KPMG can assist with your organization’s network strategy, view our recent case study Evolving IT infrastructure to protect healthcare records.