Building with a Critical Infrastructure Mindset

When you think of the term ‘critical infrastructure’, what comes to mind?

Well, typically, it’s things that are required for our modern lives to function with some degree of normalcy. Water, power, transportation, food, healthcare, communications, for example. In other words, very important, highly complex systems that are generally someone else’s problem to manage.

But think about what that means for a second. If you’re building critical infrastructure — you are building something that is considered so important to society, that a lack of it would adversely impact what we consider ‘normal life’ today.

Some of you are building critical infrastructure, and you don’t know it yet.

You see, it might not be critical infrastructure today, but tomorrow, it could be a very different story. For someone who is relying on your product or service to run their own business, you can rest assured that you’re critical infrastructure.

That may sound intimidating, but, it’s never been easier to build for resiliency — you just have to consciously and deliberately take the time to do it.

Think of an airliner, which I know is not the best example of an easily accessible product market to break into, but it’s a great example of something built for resiliency. At 40,000ft, you’re pretty much on your own. You bring your own power, comms, water, medical equipment — and then you double or triple it up, because the lack of any of those for any reason is going to result in a sub-optimal user experience. Now, imagine that your product is an airliner, and in normal use, you’re flying along at 40,000ft — what is needed to keep it running, and how can you double or triple it up?

Perhaps you’ve built a connected hardware product. Connectivity isn’t guaranteed. What’s the disconnected experience like? It should be just as good as the connected one.

Perhaps you’ve built a SaaS product hosted in AWS US-EAST-1 along with the rest of the Internet — what happens if that region is unavailable for a prolonged period of time? Can you move over to another region seamlessly, or at least within a period of time that doesn’t adversely impact the normal user experience for your product?

How can you keep your employees connected through power and communications outages, so they can continue to serve your customers?

There are answers to all these questions. You just have to take the time to ask them, and the earlier on you ask them the better. Yes, features are important, but they become a whole lot less important if they can’t be used for any reason.

Availability and resiliency have long been topics that many organizations have loosely assigned to the security or IT teams to sort out after the fact. That doesn’t work when adopting that critical infrastructure mindset. Availability and resiliency are the product.

As you go forward — think to yourself, “I’m building critical infrastructure,” and let that guide your decision making. Suddenly, it’s not someone else’s problem anymore. It’s yours. That sounds intimidating, and it can be — but ultimately, you’ll build better products for it.