Campaign: Netsurit Partner Content – November 2020

Headline: Improve remote working productivity with Netsurit Managed Windows Virtual Desktop

Excerpt: Netsurit Managed Windows Virtual Desktop is the perfect solution for businesses who are looking to optimise operational productivity and security while their employees work remotely.

The unstoppable surge in remote working calls for businesses to acquire software solutions that allow for secure and effective access to office-bound workstations from any location or device.

This is because employees need to use systems or tools installed on these workstations, or access files stored on them, to remain productive.

With conventional server-based virtualisations limited and not supporting the capabilities of a true modern workstation, businesses need a Windows Virtual Desktop (WVD) solution.

How WVD works

WVD is hosted and managed in Microsoft’s Azure cloud platform, which provides high performance while reducing on-premise assets.

This allows your employees to access any Windows 10 app or files located on a central workstation remotely from any authorised device via the WVD app or web portal.

Unlike Windows Server solutions, it runs directly on the OS, which ensures faster and more reliable performance.

Netsurit Managed WVD

Netsurit’s Managed WVD is a comprehensive desktop and app virtualisation service that allows you to manage WVD users and security via a unified administrative interface

in the Azure Portal.

Netsurit’s service arm – Inobits – handles the overarching service, which means there is a reduced burden on your IT teams’ workloads.

Network administrators do not have to worry about any complexity that comes with managing brokers, gateways, and web servers, for example.

This solution is the only virtual desktop channel that offers the following features:

  • Simplified management
  • Multi-session Windows 10
  • Optimisations for Microsoft Office
  • Support for Remote Desktop Services (RDS) environments

Who stands to benefit

This solution is ideal for businesses that use Remote Desktop Services, but want to simplify licencing and reduce costs.

Likewise, it can also be great for seasonal workforces who need access to a secure, modern, up-to-date Windows 10 experience in the cloud.

Key benefits of Netsurit’s Managed WVD include:

  • Secure and reliable – Includes Office 365 and support for custom applications, with easy access from any place and device at infinite scalability.
  • Cost-effective – No upfront investment needed, with a simple monthly subscription that includes Azure, Microsoft 365, and support costs.
  • High performance – Reliable and highly available hosting on Azure, with a full set of security features and dedicated monitoring with remote support.

Get Netsurit Managed WVD today

Netsurit will work with you to assist in transitioning your workforce from a server-based desktop to a seamless multi-user Windows 10 experience that’s highly scalable and always up to date.

Its unified WVD service can be deployed and scaled in minutes and supports multiple end-user platforms – including Windows, Android, Mac, iOS, and HTML 5.

Click here to learn more about the Netsurit Managed Windows Virtual Desktop or email solutions@netsurit.com.

Many businesses learned during the COVID-19 crisis – when we were scrambling to allow our people to remain productive and connect with customers digitally – that we could do things much faster and with a lot less red-tape than we thought. We introduced work from home (WFH) in record time and digitised products at an unprecedented rate. The crisis showed us that people can work harder and that things can get done fast.

But there are a few problems with the increased productivity and rapid implementations that we saw during the crisis – we just can’t do it in a normal business environment. When faced with an existential crisis, managers and bureaucrats had to step out of the way. Post-crisis, when things get back to normal, managers and bureaucrats will, no doubt, flow seamlessly back into the system.

Many companies have reviewed their actions during the crisis and resolved to keep the good and remove the bad. The “good” involved faster implementations, rapid innovations, reduced bureaucracy, more esprit de corps, and a clear focus on what needed to be done. The “bad” called for rapid and often patchy governance, inadequate paperwork and documentation, and people doing work that was not in their job description or outside the hierarchy.

People’s productivity went up during the crisis, and that’s good. Many executives ascribe this to the need to pull together and to people working from home. But I think that it’s more about the imposed empowerment that was forced into the organisation. Without the usual chain of command, people were required to make decisions on the company’s behalf. They had a clear set of goals (survive!) and got on with it. They made changes and introduced innovations without going through the proposal-presentation-justification-approval-allocation of funds process.

People worked hard, but that rate of work came at a cost. On average, people worked an extra two to four hours a day. And because they were working from home, they had to deal with home-schooling, making meals, taking granny to the shops, and calming down the partner who had just lost their job. It’s unsustainable. No wonder 84% of South Africans say they want to get back to the office.

Let’s come back to the “normal business environment” I mentioned earlier. The vast majority of organisations have a clear hierarchy, well-documented policies and processes, clean-cut delegation of authority, and on average, one manager per ten workers. None of that was manifest during the COVID-19 crisis. And yet productivity shot through the roof, decisions were taken quickly, and ideas were implemented with astonishing speed. So perhaps it’s not about working from home. Perhaps it’s about removing the managers.

There are many examples of organisations that work in “abnormal” ways:

  • Where there are no managers – not one
  • Where employees take all the decisions – including budgeting and purchase of equipment
  • Where it is forbidden to give anyone orders
  • Where change happens on the ground, without an approval process
  • And in many instances, where people set their own salaries.

Oh, and these companies are between 20 and 30% more profitable than their competitors.

Some examples of these types of companies are Buurtzorg (a home-nursing company with 12 000 staff and no managers), Morning Star (a tomato processing and packaging company that handles one-third of the USA’s tomatoes), and FAVI (a precision motor parts factory with 500 employees). Other examples are Haier (50 000 employees), Zappos, Palfinger, RedHat, and many more.

They are not operating in crisis mode, yet they operate without the strictures that were put aside by most organisations during the first few months of the pandemic, and which “normal” companies will reintroduce as soon as they can.

These “abnormal” companies have made fundamental changes to their operating model. They use self-management and self-managed teams, with perhaps, a few leaders. The leaders’ job is to interpret the environment and offer suggestions on where the company might want to go. (These are suggestions, and definitely not orders – whether they are implemented depends on whether the leader can sell the vision). The decision on what to do and how to do it is left to the teams. Leaders treat employees as if they are autonomous adults who can decide what’s best for the company.

I submit that WFH worked so well not because people were at home, but because they were allowed to manage themselves. And I predict that if WFH becomes a norm, then the way companies are managed will have to change dramatically.

Terry White, Executive Consultant at Netsurit.

Leaders need to accept that business agility will be critical in the
post-pandemic world

Forget deep technical competencies for the moment. The new essential organisational capabilities – at least until the pandemic is over – are flexibility (to be able to switch direction), innovation (to meet fresh challenges in new ways), agility (to rapidly respond to changing requirements), and resilience (to sustain the organisation through difficult times).

Let’s focus on agility. Agility involves more than setting up a few teams and telling them to do things quickly. There are skills to develop and tools to prepare, of course, but agility is not about tools, techniques, and teams. Instead, it is about the leaders and managers of the organisation – that’s where agile initiatives succeed or fail.

However, the apparent success of agility in many organisations may be a negative thing: it looks easy and logical and is such an obvious choice that many executives miss its downsides.

Let’s look at the upsides first. The benefits of an agile approach are clear:

  • Rapid response to changing customer requirements – better product quality
  • Customer intimacy – high customer satisfaction
  • High team morale – self-managed teams
  • Increased collaboration – cross-functional teams
  • Fit for purpose teams – focused on results, not outputs
  • Performance visibility – short feedback and measurement cycles
  • Reduced risk – Incremental successes and failures provide risk-reducing options
  • Reduced investment – Incremental investment in what works

This list could prompt executives to rush to agile at scale, but there are downsides too:

  • “Indefinite projects” where the outcome is, as yet, unknown – time and costs are also unpredictable
  • Skill-dependent teams – agile requires a higher level of skills and decision-making from individuals
  • Neglect of documentation – self-documenting processes must be implemented
  • Financing in increments is not easy – most GAAP practices are based on annual cycles

Nevertheless, executives may suggest that the pros outweigh the cons, but the Project Management Institute (PMI) reports that 44% of projects are predictive (waterfall) in nature, and only 30% are agile, while the rest are hybrid. This suggests that there are many projects, indeed many functions, within an organisation that would not benefit from a purely agile approach.

Predictive projects (and functions) are appropriate where:

  • There is a sequential workflow, and where a specific outcome is needed
  • The expected results are predictable and well-defined
  • Processes and results are highly regulated, such as in pharmaceuticals, engineering, and some manufacturing
  • Customers play a limited role in the outcome
  • Intensive documentation is needed

Most organisations have predictive and regulated operations, but there will be some functions and projects that can benefit from an agile approach – the trick is to separate them. Neither will the predictive/agile split be a clean one – there will be flavours of each in all departments.

Perhaps the approach to adopt is a “test and refine” route, as a way of analysing which functions could be moved to agile, and which should remain within the traditional sequential and linear command structure. The test and refine approach is an agile technique, and the first step is to adopt agile thinking in the leadership team.

A quick review:

  • An agile team works closely with customers.
  • The teams break large and complex problems into separate components.
  • They devise solutions for each component by rapidly prototyping and testing and refining their solution with customers.
  • The feedback from their customers is included in the next cycle, and eventually, the separate solutions are combined into a logical outcome.

When leaders adopt agile thinking, they regard various parts of the organisation as their customer. Organisations are more successful where their agile leadership team takes a hands-on and collaborative approach to organisational change. They consult with their internal customers, develop prototype solutions, test them, and solicit feedback – all in short cycles. They concentrate on removing constraints rather than delegating tasks. They focus on staff satisfaction and on results rather than controls and bureaucracy. Finally, they become agile advocates, rather than micro-managers.

A leadership team that has adopted agile thinking will be first to recognise that the final outcome cannot be predicted. They don’t know how many agile teams will result from their efforts, nor do they know which department will be fully agile, and which will adopt a hybrid approach. Neither will they know what bureaucratic and governance roadblocks will be thrown up or uncovered. But because this team has the power to make decisions and change things, their potential to implement agility successfully is much greater than ordinary agile teams.

In World War 2, only a quarter of British bomber crewmembers completed their tour of duty of 25 or 30 missions. Bomber command wanted to improve the protection on their planes, but because armor-plating was too heavy to fit over the entire plane, they came up with a plan to fortify the worst-hit parts only. They mapped and measured the areas on returned planes that had the most shrapnel and bullet-holes – the fuselage, wingtips, and tail, and resolved to strengthen these. But Abraham Wald, a statistician, pointed out that they only had measures of planes that had returned to base. These measures indicated that planes could sustain damage to the mapped areas, keep flying, and return to base. So the bombers should be reinforced where there was no evident damage. As a result of Wald’s observation of what was not measured, they reinforced the engines, fuel tanks, and cockpit, and the survival rate increased dramatically. The message here is that, often, it is what we don’t measure that provides the answers.

Robert McNamara was the US Secretary of Defense during the Vietnam war, and he said that one would win the war by maximizing the enemy’s deaths and minimizing American deaths. This approach became known as the McNamara Fallacy, and it has four steps to it:

Step 1 – Measure whatever can easily be measured.
Step 2 – Disregard that which can’t be easily measured or give it an arbitrary quantitative value.
Step 3 – Presume that what can’t be measured easily is unimportant.
Step 4 – Believe that what can’t be measured easily doesn’t exist.


Just because we measure something doesn’t make it important or useful.
Another take on measurement silliness is made by this logic: We evaluate the success of a strategy by deriving and measuring a set of strategic metrics. All good so far. Then if we track these measures, and we show that we have achieved them, then the strategy is a success. However, this argument is prone to a phenomenon called surrogation, which is where the measure becomes the replacement of the strategy. Essentially, this means that managers tend to take measures of success as the actual strategy. Managers who surrogate think that if they achieve the measurement targets, they achieve the strategic objectives. But more than anyone, CIOs know that this is a fallacy, as exhibited in having an across-the-board green SLA scorecard, yet having users unhappy with the services delivered by the IT department.
Yet in our rush to measure customer satisfaction scores, MTTR, open tickets, projects completed on time and budget, and an extensive list of quantitative measures, how sure are we that customers actually care about how fast we fixed something? And do these measures tell us, for instance, whether projects achieved the benefits they promised, or even if those benefits are still appropriate? Do we have measures for how much a non-IT (LoB) executive trusts and relies on the CIO’s opinion? Is the IT department actually delivering what CEOs really want, or are they delivering what they think CEOs need?

So here’s the thing. Three phenomena introduce a bias to what and how we measure IT success: The Wald observation that sometimes what we don’t measure is more meaningful than what we do measure; The McNamara Fallacy which believes that if it is easy to measure, it is useful and important; and the Surrogation shift which causes managers to think that the measure is the objective.

CIOs have it stacked against them when it comes to measurement, but there is a way forward. We need to reexamine all our IT measures of success and reduce the number of measures we take. We should measure only those metrics that are pervasive and predictive. Pervasive metrics are those that have significance elsewhere in the organization (usually they are business measures) and that endure for a meaningful period (allowing trend analyses.) And predictive metrics are those that directly lead to a business outcome. For example, MTTR might indirectly lead to some business outcome (stability?), but what is it’s predictive value? User satisfaction may indicate happy users, but what is the business impact? These measures may be sub-metrics to more pervasive and predictive metrics, but they should be kept inside the IT department.

The message is clear: Publish metrics that mean something and contribute to business results. Or don’t publish at all.

Important definitions

Personal information – any data relating to a natural person or juristic person (company) that can lead to the identification of that person, or data that belongs to that person. Examples are email address, telephone number, street address, static IP address, religious belief, work performance review, criminal record.

Processing – there is a very broad definition in the Act. Processing includes actions like gathering, storing, backing up, reading, transferring, consulting on and destroying data. As an IT company, our core function is processing of personal information, whether we can physically read it or not. A common misconception is that we are not processing personal information if we cannot read/access the records. Examples are backing up data, updating a database, managing an O365 tenant, managing server hardware.

Responsible party – the company or person who decides that there is a need and purpose to process personal information. Note that there is no requirement for the responsible party to do the actual processing, as it could outsource that function. The responsible party is held accountable and liable for the security of personal information that it requires to be processed, whether it does the processing itself, or outsources it.

Operator – the company or person that performs the processing of personal information. This can be the responsible party (HR processing data of employees), outsourced vendors (medical aid company processing data of employees, marketing companies who does lead generation for us, outsourced IT company) or partners (helping us with work on our client’s O365 tenant). POPI requires that an operator agreement is concluded between the responsible party and the operator. This agreement specifies the operator’s obligations for safe processing, the information security safeguards that will be used and indemnifies the responsible party for damages (financial) that is caused by the operator.

POPI stipulates how the personal information of persons (including juristic persons, i.e. companies) should be processed in order to secure it from being used for harmful purposes, and to respect the right to privacy guaranteed by the Constitution of South Africa. The Act prescribes eight conditions for the lawful and safe processing of personal information. The Act also makes it clear that all companies who process personal information should take reasonable steps to keep that information secure, in other words implement some kind of information security framework.

Greater care must be taken to safely process the personal information of children, and special (sensitive) personal information which includes categories like health, union membership, religious belief and biometric data.

Where a company outsources the processing of information, the company must enforce its POPI obligations with the outsourcing partner by concluding an operator agreement. This agreement should also include an indemnity clause whereby the outsourcing partner assumes financial responsibility for damages caused by its actions that leads to a breach. Legally, the responsible party will be held accountable for the security of the processing, whether it does the processing itself or outsources it. The accountability can never be shifted to an outsourcing partner.

Marketing is addressed specifically in the Act, with a number of requirements that should be met.

Why do we care about complying with the Act?
The penalties can be severe, with up to R10 million and/or 10 years jail time of major infractions, and R1 million and/or 1 year of jail time for minor infractions.

A greater concern for companies would be the reputational damage that could result from a breach, or mishandling of personal information that becomes public.

Breaches have to be disclosed under certain circumstances, and the Information Regulator could instruct a company to disclose the breach in news media or via a prominent display on its web site if it is not able to identify all those affected by a breach.
A company that is able to demonstrate early adoption and compliance with the Act should enjoy a competitive advantage, and greater consumer trust.

And you never know, the Information Regulator might follow guidance from the GDPR, which advises a company not to use a processor that cannot demonstrate compliance.

National reading campaign for children gets Pastel in the cloud powered by Netsurit and Windows Virtual Desktop.

Traditional businesses have had to adapt to new realities of a post-virus world and the implications for CIOs will be profound

COVID-19 is not only a health crisis. The global reaction to this pandemic continues to affect government, society and communities, commerce, the running of organisations, the nature of work, technological innovation and rollouts, education, and more. While we may resolve the health crisis with vaccines, herd-immunity, and treatments, the effects on non-health factors will endure for a while, and possibly forever. That’s what CIOs have to think about.

But in the meantime, they need to plan for an “in-crisis” period. The health crisis may take a year or more to resolve. In that time, CIOs will have to face other challenges thrown up by the crisis itself, by the activities of governments and regulatory bodies, by competitors, and indeed, by themselves and their own organisation’s actions.

The immediate CIO action in response to COVID-19 has been discussed at length and largely enacted: remote work, remote meetings, no travel, increased use of collaborative tools, more video, more emails, and so on. Equally, the platforms on which these digital enablers rely have been beefed up. And many organisations with digital products have required their CIOs to provision for additional product sales.

Now, our initial reaction to the crisis requires CIOs to step back and re-examine what they’ve done, whether they want to keep doing it, and if so, how?

The future of remote work

Let’s take remote work as an example. It may not be permanent. On 31 March, Neil Webb, the Director of the British Council of Theatre and Dance, tweeted: “You are not working from home; you are at your home during a crisis trying to work.” Most South Africans agree, with 86% wanting to go back to work according to a survey by Giant Leap, a local workplace consultancy. What’s more, only 43% of South Africans have jobs which allow them to work from home, at least some of the time anyway.

So, working from home is not the next big thing that CIOs need to convert into policies and procedures – they have to realise that it’s temporary, but not too temporary. CIOs need to beef up security for home-workers who are outside firewalls, and who are often working from home for the first time. They have to run sensitisation and information campaigns for staff working with company data outside the organisation’s domain. They have to provide remote “on-site” support at people’s homes. And they have to give some serious thought to financing the remote worker’s infrastructure – internet, and web-based meeting and collaboration software. But less than 10% of this will stick for more than a year.

Also, now that the initial rush is over, CIOs will need to give some thought to digitally wrapping the organisation’s physical products. They need to make as much of the product digitally visible and accessible as possible. They have to examine the customer journey in detail and remove as many physical touchpoints as possible – AI has proven useful here. They must make website searches way better than they are now. They should also re-examine their often-sloppy digital customer experience and interactions.

“Contact us” is not the first point in your email spam campaign. When a customer contacts you, they want to – you guessed it – actually contact you. CIOs need to look at how much of the browse, examine, and buy process can be digital. VR, or near VR, is useful in allowing customers to experience the product from a distance. Finally, CIOs need to rework the delivery pipeline so that the last mile is the only physical part of the product.

Embracing the new normal

Then CIOs need to look at the in-pandemic new normal. They must consider social and real distance factors, digitalisation, delivery ecosystems, localisation where appropriate, renegotiating, and re-contracting the supply chain. There are several changes – some permanent, some not – that CIOs need to consider.

Finally, the post-pandemic new normal needs thinking about. There will be changes to global trade, supply chains, the digital/physical mix, how we get work done, and many other corporate areas. Perhaps more importantly, societies will change, buying patterns will be permanently altered, social contracts will be questioned and possibly overthrown, governments may fall, and even fundamental economic principles may change.

Some industries, like sports, hospitality, conferencing will be deeply affected, and some will thrive – technology being the most obvious. However, these successes and failures all have implications. This is the post-crisis new normal that CIOs need to accommodate.

As the COVID-19 pandemic ravages our people and our economy, businesses are discovering that it is not enough to be efficient and effective.

This is because the new normal for the pandemic means constant changes in business and market conditions, and rapid (sometimes overnight) shifts in operating rules. Today you may be able to sell a product, and tomorrow you may not, and vice versa. Today your staff may have to work from home or not work at all. Tomorrow you may be setting up your factory and offices for socially distanced and sanitized work. Being efficient at something that is no longer useful or even required is a waste of energy. And being effective at producing products that you cannot sell turns our concept of competence on its head.

The pandemic new normal requires new competencies. So far, I think there are four of them, but remember that this is likely to change too. Organizations need flexibility, innovation, agility, and resilience if they are to survive or even thrive during the pandemic. These new competencies are not trivial to develop and nurture, neither are they just buzzwords that have little real meaning. And here’s why:

Flexibility means bending without breaking: This ability has long been known in the natural world, of course, but now it must move to the business world. Yeah, yeah, you might say, heard it before. But if you think about it, being flexible means undoing many of the ways of work that administrators, managers, and executives hold dear. It means that decision-making centers must shift to people who do not usually make decisions. It means that the time to make decisions must be dramatically shortened. It means that the executive team must lead and not manage. (They must do more thinking, analyzing, deciding, and communicating, and less doing, implementing, controlling, and correcting.) And if decisions must be taken far from the center of power, it means that the culture of the organization is one of the most important flexibility and competitive tools they have.

Innovation means doing something that has never been done before. The creation of something new, either for customers or inside the organization, will inevitably cause problems and upset applecarts. Either the new idea does not fit with our current way of doing things or with our current products, or it upsets the status quo and power structures. People with something to lose will hate it and will undermine it. (Organizations have a wonderful immune system – but it kills new ideas as if they were a virus.) True innovation requires organizational tolerance, which has cultural, governance, leadership, and command and control implications. True innovation cannot be instructed to happen. Ask yourself how many innovations have been implemented in your organization recently. Then ask how long they took. Then ask if it was only the COVID-19 crisis that allowed them to happen. If the answer is that you need a crisis before you can innovate, then perhaps innovation is not a cultural norm.

Agility means doing it quickly. We’re not talking about the Agile development method here – we’re talking about organizational agility. Most organizations are not agile. They require the strategy to identify the need for something, a plan to formalize the idea, the budget to allow that idea to happen, and quality control, and marketing departments to approve the idea, the resources to be made available to develop and implement the idea. Finally, they need on-site people to change so that the idea can succeed. This is a cynical view certainly, but look at your organization and ask if it is true or false. So to be agile needs organizations to change their strategy, planning, funding, marketing, and many other departments. Each of these departments may resist this change.

Resilience is the ability to absorb disruptions and changes and carry on. It is a complex-adaptive concept. A complex-adaptive system is comprised of many independent parts that can identify a change or need and respond independently to accommodate the change or need. This, in turn, will cause other independent parts to change as well. There is no central control – it is a self-organizing system. This is the modern definition of organizational resilience, and some organizations call these independent parts self-managed teams. Resilience is not about having rigid processes and controls or having a heavy bureaucracy – these are the things that kill resilience by reducing the ability to respond independently and quickly.If you’re a skilled thinker, you will realize that the competencies of flexibility, innovation, agility, and resilience mean deep changes to the organization.

How do you keep company culture thriving even though everyone is working from home?

The coronavirus pandemic has caught us all unaware. To get everyone working from home has been a challenge, but the main concern is the potential longevity of the coronavirus pandemic and what that means for a company with a strong culture, like the one Netsurit has strived to create.

Any move to the Cloud requires careful planning to get the best fit for the business need. Not all servers, services or systems are assumed to be cloud compatible and ready to move. Therefor step one to a cloud adoption strategy starts with a Cloud Readiness Assessment.

Technology and the management of technology have moved on since the ’90s and ’00s: Architecture, agile, digital transformation, IT services and operations, new and improved IT management tools, and emergent technologies. Overlaid on these developments is the attitude of business towards IT and its value in the organization. In the digital era, technology and the IT department has become central to organizational success and customer-led strategies.