With an abundance of factors that can disrupt operations, effective business continuity strategies are challenging…
Business continuity encompasses three core elements: resilience in how business functions and infrastructure are designed, recovery to restore systems that fail, and contingency to cope with incidents and disasters that occur.
Stuart Mills, regional director, ANZ, CenturyLink, said, “Organisations that don’t have a business continuity plan in place are at enormous risk of failure. The strategy they choose affects their downtime, which in turn impacts the bottom line and whether or not they remain in business.”
By carefully identifying and implementing a mix of existing internally-managed infrastructure and outsourced technology with the help of a managed hybrid IT provider, enterprises can develop a company-wide business continuity strategy. However, Mills draws attention six gaps which can appear in even the most sound business continuity measures:
1. What do service-level agreements (SLAs) really mean?
Many assume that if they have 99.999 percent uptime, they’re covered. But in reality, true uptime is more complicated. Let’s say business requires a 100 percent SLA for its data centre. It assembles a variety of point-only SLA providers that guarantee the five 9s (99.999 percent) of expected availability for the server that sits in the data centre. However, other infrastructure has a role to play: if the data centre has five 9s, but the IT backbone has four and the managed network routers and switches three, then the actual availability of an application called by a user is far less than the five 9s of the data centre.
2. Redundancy in the data centre
The fundamental challenge of business continuity is the unknown. It’s not possible to anticipate all risks. What can be done is hard thought into the planning behind infrastructure. First, where is the data centre? It should be outside of areas prone to natural disaster. Next, establish the right level of redundancy. The natural thinking is ‘the more, the better’. But too many data centres lead to data centre sprawl, which can itself present a risk to business continuity.
3. Refreshing and testing
Business continuity isn’t just about putting a plan in place; it’s also about making sure it meets the organisational needs over time. Business continuity is a continual process which requires continual validation.
4. Vendor assessments
Conducting third-party vendor evaluations is a critical component of validating a business continuity plan. Conduct regular audits and pay special attention to the business continuity plans of Software-as-a-Service (SaaS) and cloud providers. If they’re running operations in a data centre that don’t conform to standards, you’re shouldering the risk.
5. Balancing cost
It can be hard to make a case for business continuity because the only real way to measure return on investment is after systems have gone down. Everyone says they want the five 9s, but the reality is that it’s expensive. Not every workload is absolutely mission-critical, so look for a business continuity strategy which balances cost and risk.
6. Human error
People make mistakes. A highly resilient data centre which lacks appropriate operating procedures might not meet resiliency requirements. Always verify that vendors follow correct procedures. Actively seek out service providers with a demonstrated commitment to quality, which can be shown through certification through organisations like the Uptime Institute, Six Sigma and ISO.
True business resiliency isn’t just about data centres. It also has to do with making sure data isn’t compromised. Employees often open the doors wide to data breach, whether it’s a malicious act or because organisations either don’t have security policies in place or don’t enforce them.
This article was originally published on iStart technology in business