ST1801
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
STRATEGY:<br />
STRATEGY: BUSINESS CONTINUITY/DR<br />
"The culture of disaster preparedness needs to be set from the top and talked about<br />
at all levels of the organisation. Users need to know how they will access critical<br />
systems if they can't reach the office for whatever reason, and this plan needs to be<br />
tested outside of the disaster cycle, to ensure that those employees will be able to<br />
keep working should disaster strike. All of this comes firmly under the auspices of<br />
strategic decision-making, so it's time that the C-suite and IT departments aligned to<br />
support one another."<br />
This can lead to the frustrating situation<br />
where the IT department is clamouring for<br />
budget to deliver backup and DR, but they<br />
don't have full visibility of the level of<br />
investment available and the amount of<br />
operational risk that executives are<br />
prepared to accept. On the other hand,<br />
business leaders suddenly get a wake-up<br />
call in the shape of a high profile climate<br />
or security-related disaster and demand an<br />
"instant" solution that guarantees zero<br />
downtime, without understanding that an<br />
effective programme is not a quick fix<br />
product that can be immediately installed.<br />
Fundamentally, both sides are operating<br />
in the dark and this lack of alignment<br />
between the technical expertise of the IT<br />
department and the strategic priorities of<br />
the C-suite means that it's difficult for either<br />
side to make good decisions.<br />
Ideally, all technology decisions should<br />
cascade from the business continuity<br />
strategy. It's the responsibility of the<br />
executive suite to decide what the business<br />
imperatives should be when problems<br />
occur and what level of back up is needed<br />
to ensure regulatory compliance.<br />
These directives should then be<br />
interpreted by the IT department so that the<br />
solution they select can meet the stated<br />
requirements. There's also an important<br />
role for the IT department in providing<br />
technical counsel to the executive level, so<br />
information needs to flow both ways.<br />
GETTING STRATEGIC ABOUT TESTING<br />
I'd like to see organisations applying more<br />
strategic thinking to their DR testing<br />
regimes. I often hear companies saying<br />
that they're going to test quarterly, and<br />
perhaps over a weekend. But disasters<br />
don't happen quarterly, and they often<br />
happen when the business is in full<br />
operation.<br />
A disaster, by definition, is going to be<br />
something that hasn't been anticipated.<br />
This actually means that events such as<br />
major storms, which can be predicted and<br />
prepared for to some extent, aren't the<br />
concerns that should be driving the testing<br />
cycle. It's more likely that a major issue will<br />
be caused by human error, a patch that<br />
goes wrong, or a newly evolved cyberthreat.<br />
Business leaders need to be<br />
confident that their testing regimes and the<br />
associated business continuity<br />
programmes are being continuously<br />
enhanced and updated to meet the next<br />
level of potential threat.<br />
One of the benefits of using the cloud for<br />
DR and backup is the ability to run test<br />
programmes without impacting day-to-day<br />
operations. This means that testing can be<br />
carried out on an ad hoc basis if<br />
necessary, allowing the business continuity<br />
plan to evolve and adapt in real-time as<br />
described above. The isolated test<br />
environment can even be used to test software<br />
patches before they go live - potentially<br />
avoiding a disaster in the first place.<br />
A CULTURE OF PREPAREDNESS<br />
The culture of disaster preparedness needs<br />
to be set from the top and talked about at<br />
all levels of the organisation. Users need<br />
to know how they will access critical<br />
systems if they can't reach the office for<br />
whatever reason, and this plan needs to<br />
be tested outside of the disaster cycle, to<br />
ensure that those employees will be able<br />
to keep working should disaster strike.<br />
All of this comes firmly under the<br />
auspices of strategic decision-making, so<br />
it's time that the C-suite and IT<br />
departments aligned to support one<br />
another. The nature of cloud - its cost<br />
benefits and scalability plus the business<br />
critical aspects of back up and DR - mean<br />
that selecting solutions should be a board<br />
level decision supported by the knowledge<br />
and expertise of the IT department.<br />
In today's world it's a case of when, not<br />
if, companies will be affected by disaster,<br />
and when they are they should be<br />
confident that their business continuity<br />
plan will do its job, so everyone else can<br />
continue to do theirs.<br />
More info: www.iland.com<br />
www.storagemagazine.co.uk<br />
@STMagAndAwards<br />
Jan/Feb 2018<br />
^<br />
STORAGE<br />
MAGAZINE<br />
25
Change language