The new scope of mission-critical computing

Mission-critical computing has historically been defined as secure, reliable and scalable computing and process environments that support a company’s front office processes and operations. These are the processes and operations that directly support an organization’s end users and customers. The operations are mission-critical because they are core to the company’s mission and, if they fail, they can cause significant financial or reputational damage to the organization. In some cases, as with certain critical infrastructure, government and military systems, if they go down, they may also have an impact on national security. Mission-critical systems generally require high transaction volume capabilities such as those within banking or retail systems, border security, airline reservations or logistics.

Today, the scope of what is considered “mission-critical” within the enterprise has considerably expanded. A number of key factors have shaped today’s expanded scope for mission-critical systems. To understand these factors, it’s worth noting that mission-critical computing has evolved through three distinct eras of change from the pre-Web era (before 1995), to the Web era (1995 to 2010), and now to the consumerization era (2010 and beyond). I’ve defined these three eras specifically in the context of mission-critical computing, and for the purpose of this discussion, since each one has ushered in new forces of change that have added to those preceding it. 

In the pre-Web era, mission-critical systems were typically transactional applications such as airline reservation systems and vital enterprise-level applications such as ERP. These applications were utilized by a limited number of end users, typically employees, and were accessed via PCs and terminals in physically secure locations. The servers running these applications were highly-secured “silos” in that they were running on dedicated, proprietary systems within the data center.

In the Web era, the scope of mission-critical computing was expanded to include web applications and electronic commerce. These mission-critical applications were opened up to a far larger number of end users, customers and citizens with increasing expectations for 24×7 access and reliability. At the same time, business processes became increasingly delivered and conducted via the Internet, thus deepening our global reliance on cyberspace.

As an example of this reliance, in less than 15 years, between 1995 and 2010, the number of global web users exploded by more than a hundred-fold, from 16 million to more than 1.7 billion. Today’s “Internet of things” is also deepening our reliance on cyberspace, and by 2015, there will be more interconnected devices on the planet than humans.

In the consumerization era, the scope of mission-critical computing was expanded further to include a proliferation of customer-facing, mobile- and social-enabled applications, brought about by the consumerization of IT, as well as applications such as collaboration, web, portal, CRM, HR and finance. The sheer number of these applications increased as organizations expanded customer touch-points across multiple channels and devices. Typical applications included customer service, customer support, e-commerce and m-commerce, as well as social business.

As an example of the proliferation of applications, from the enterprise perspective, according to Gartner, by 2015, mobile application development projects will outnumber native PC projects by a ratio of four-to-one. From a consumer perspective, the total number of apps in the Apple App Store has risen from 50K in June 2009 to 900K in June 2013.

Today’s expanded scope of “mission-critical”, therefore, now encompasses all applications essential for customer interaction and commerce as well as employee productivity. The scope has expanded in terms of both the types of applications and the sheer number of these applications. The net result is that the notion of mission-critical computing has expanded to include mission-critical “interactions” as well as mission-critical “transactions”.

One final factor, that’s re-defining mission-critical, is that expectations for mission-critical service levels have increased to the point where there is little tolerance for downtime of any nature. As an example, when Amazon Web Services suffered their outage that “took down Vine, Instagram, and others with it”, it was estimated that “the company could have lost as much as $1,100 in net sales per second”. In addition, Google’s five minute outage a week before is said to “have cost the search giant more than $545,000”. Of course these are extreme examples, but they serve to show the high price of downtime in addition to reputational concerns that organizations need to consider.

In maintaining service levels, another costly area is remediation against a successful data breach. According to the Ponemon Institute, the average annual cost of remediating a successful data breach has generally risen over the last several years and is now at $5.40M per breach. I should note that the figure has come down slightly in recent years as companies implement better procedures to deal with data breaches, but the cost is still highly significant on top of the reputational issues involved. This impacts costs for maintaining mission-critical service levels because organizations now have to provide higher levels of overall cybersecurity, and corresponding event monitoring, across a broader number of applications.

Overall, the facts show a convergence of forces all bearing down to raise the stakes around mission-critical operations: more business processes online, an exploding number of apps, and high costs of downtime. 

The emerging requirements for mission-critical systems are that they can no longer be siloed, proprietary technology restricted to a few core applications – they have to be part of a mission-critical fabric that supports today’s highly consumerized applications.

Some of the essential attributes for today’s mission-critical systems are as follows:

• Seamless and un-interrupted customer experience – Ensuring end users and customers have continuous IT access across multiple channels and devices.
• Modernized data center to support increased mission-critical service levels – Modernized to take advantage of cloud technology and cost-effective Wintel and Lintel environments to elevate mission-critical service levels, reduce data footprint and increase virtualization.
• Application support for mission-critical “interactions” – Supporting high transaction and high volume applications, but also vital, mission-critical interactions among customers and employees.
• Zero-trust security across users, applications and data centers – Security is obviously a key attribute that must be pervasive across the entire environment. The zero-trust security approach, taking the “inside-out” view, should protect information and data across today’s highly diverse device types, virtualized applications, and distributed infrastructures.

One might think the increased scope for what needs mission-critical support will create ever-increasing costs for IT. Fortunately, as mission-critical application and workload requirements increase, CIOs are able to employ a number of disruptive trends to their advantage to expand their mission-critical footprint and elevate service levels, whilst carefully managing costs.

Data centers can be modernized to utilize cost-effective Wintel and Lintel platforms and take advantage of cloud technology to reduce data footprint and increase virtualization. In this manner, CIOs can deliver improved service levels, but at a more effective price point and with more flexibility to scale up and down on demand.

Of course, these are just a couple of simple steps, and supporting mission-critical operations is a complex and ongoing task. The main point, however, is to focus on creating a mission-critical infrastructure to serve as a foundation for future needs and to be aware of the new and constantly evolving definition of mission-critical computing.