When the technology becomes morbidly obese
Last week’s massive ransomware cyber attack (WannaCry) is the consequence of technology becoming morbidly obese. Not different from its cousin, human morbid obesity, it happens because people decide to postpone things they know they should do in the short-term because it’s costly, time-consuming or might affect their current routine and they’ll deal with it later; until they can’t.
The NHS in the UK got the worldwide headlines because it’s probably one of the most morbidly obese technology deployments in the world. According to some news source, up to 60% of computers in the NHS are still running Windows XP, an operating system that’s 16 years old and not supported by Microsoft since 2014. To make matters worse, a significant portion of those are running IE 8, an incredibly old, outdated, and security vulnerability prone browser.
The world of software is a constant balancing act of maintaining existing infrastructure and software and adding new functionality and services.
Just like that person that stops worrying (or never did worry) about exercising and eating health, the problems start to compound, and a symptom of one condition becomes the cause of the next. At one point, it’s hard to unweave it all without significant effort. It’s the epiphany moment when the doctor tells you might not live another two years in your current state. The NHS got this call this weekend. It must update itself.
Technology infrastructure used to be very brittle. One upgrade in the OS, Network Router or a desktop application could cause havoc, and often did. IT managers grew up more and more skeptical of upgrades — in a B.F. Skinner kind-of-way if you get slapped in the face each time you upgrade a piece of software you’ll believe changes are bad for you.
It’s a different world
In modeling risk and uptime, you learn that each new component that you add to the architecture increases the chance of failure of the entire system. At first sight, using cloud providers for each different piece of your system sounds like an awful idea. What if AWS S3 goes down; or Twilio, Sendgrid, Facebook login, Auth0, Akamai, DNSimple, Gmail, etc.? What’s missing in this equation is the fact these systems are built in distributed, redundant, and fault-tolerant ways. Even the added complexity of more providers will reduce the risk of a complete downtime.
If the NHS had modernized, it’s infrastructure and software, this week’s event would either not have happened, to begin with (it’s much easier to patch a Windows 10 than a Windows XP, and Windows 10 was not vulnerable). Or, if it did happen, if a computer was locked down by ransomware, you can just reformat the computer, use a different computer, or use a phone or tablet to access the same information since it’s all cloud-based.
Sure, you can argue the cloud has its set of security and privacy problems, but the benefits of this modern approach far outweigh the downsides. And, all the innovation is happening int the SaaS cloud providers. This set of products will only improve over time delivering more functionality, for a lower price, in a more secure and reliable way, while the technology of yesteryears will dwindle.
You can bite the bullet now and make the investment into the feature, or keep using duct tape to keep your existing “stable” systems in place. Just like an obese person that’s been told many times their weight will affect their blood pressure and could lead to a stroke: do something now.
You might like…
Follow me on Twitter: @calbucci
