Story image

Your business continuity plan may be costing you

10 Sep 15

An effective business continuity strategy can be challenging, due to an array of factors that have the potential to disrupt operations in a business.

According to CenturyLInk, it is important organisations have a business continuity plan in place because it mitigates the impact on a business when critical business functions are interrupted.

Business continuity encompasses three core elements: resilience in how business functions and infrastructure are designed, recovery to restore systems that fail, and contingency to cope with incidents and disasters that occur.

“Organisations that don’t have a business continuity plan in place are at enormous risk of failure,” Stuart Mills, regional director, ANZ, CenturyLink, says. “The strategy they choose affects their downtime, which in turn impacts the bottom line and whether or not they remain in business.”

By carefully identifying and implementing a mix of existing internally-managed infrastructure and outsourced technology with the help of a managed hybrid IT provider, Mills says enterprises can develop a company-wide business continuity strategy.

Mills says there are several ways business continuity can cost a business

Evaluating what service-level agreements (SLAs) really mean
“Many organisations assume that if they have 99.999% uptime they’re covered,” says Mills. “But in reality, true uptime is a little more complicated.

“Let’s say business requires a 100% SLA for its data centre. It assembles a variety of point-only SLA providers that guarantee the five 9s (99.999%) of expected availability for the server that sits in the data centre.

“However, there is other infrastructure associated with a server too, like the IT backbone that connects the server to end users, or the managed network routers and switches that support the backbone and delivery of services,” he says.

“Most organisations assume these don’t need the five 9s because the most mission-critical element is the actual data centre.

“However, if the data centre has five 9s, but the IT backbone has four 9s and the managed network routers and switches have three 9s, then the actual availability of an application called up by an end user is far less than the five 9s of the data centre. “

Redundancy in the data centre
Mills says the fundamental challenge of business continuity is that it’s all unknown. “How can you possibly foresee the outcome of an unidentified risk in a location you don’t know at a time you can’t predict,” he says.

“What you can do is put some hard thought into the planning behind your infrastructure.

“First, where is your data centre? It’s important to check whether it’s in a location that’s susceptible to natural disasters, such as a geological fault, cyclone zone, or flood plain.

“Next, make sure you have the right level of redundancy. The natural thinking is that the more you have, the safer you are.”

Mills says too many data centres lead to data centre sprawl, which can make it much harder to ensure that a business continuity plan is cohesive.

Refreshing and testing business continuity plans
Business continuity isn’t just about putting a plan in place; it’s about putting a plan in place and then making sure it still meets the organisation’s needs over time, Mills explains.

“If you're not thinking about business continuity as a continual process, then your strategy could be outdated,” he says.

“And if you're not building validation into your disaster recovery strategy, you're not nearly as protected as you think. “

Vendor assessment
Mills says conducting third-party vendor evaluations is a critical component of validating a business continuity plan.

“It starts when you sign up with a vendor, and it continues whenever you assess your strategy,” he says. “Ask questions and, every time you validate, ask these questions again.

“Conduct regular audits and pay special attention to the business continuity plans of your Software-as-a-Service (SaaS) and cloud providers,” Mills says. “If they’re running operations in a data centre that don’t conform to standards, you’re shouldering the risk.

Balancing cost
“It can be hard to make a case for business continuity because the only real way to measure return on investment is after your systems have gone down,” Mills says. “Everyone says they want the five 9s, but the reality is that it’s expensive.

“And at the end of the day, not every workload is absolutely mission-critical. An effective business continuity strategy balances cost and risk, and determines which workloads must operate continuously and which don’t need to.”

Human error
Humans make mistakes,” Mills says. “You may have a highly resilient data centre from a technical perspective but if the appropriate operating procedures aren’t in place, you may not meet your actual resiliency requirements.”

Mills says organisations need to always verify that their vendors follow correct procedures.

“Actively seek out service providers with a demonstrated commitment to quality, which can be shown through certification through organisations like the Uptime Institute, Six Sigma and ISO.

“But true business resiliency isn’t just about your data centres,” he says. “It also has to do with making sure your data isn’t compromised.

“Employees often open the doors wide to data breach, whether it’s a malicious act or because organisations either don’t have security policies in place or don’t enforce them,” Mills says.

Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Cisco dominates record-high Ethernet switch & router markets
While the market is flourishing, it’s tough-going as Cisco has increased its majority share of the pie.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
QNAP introduces new 10GbE and Thunderbolt 3 NAS series
The new series is supposedly an all-in-one NAS solution for file storage, backup, sharing, synchronisation and centralised management. 
HPE to supply tech to Formula E racing team
“At HPE, we believe the future belongs to the fast, and we’re focused on accelerating what’s next for enterprises, including in the world of auto racing."
Data Exchange Networks achieves world-first
After receiving a new Uptime Institute award, DXN is now the first modular data centre developer in the world equipped to blend different standards.