Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Business Continuity Planning – an astute management process

Kenny Sng | Oct. 5, 2011
Virtualisation and cloud infrastructure have made BCP an imperative today.

Business Continuity Planning (BCP) and Disaster Recovery (DR). The fire sprinklers are activated, FM200 gas is released and the burnt smell is in the air, the alarms are ringing. Every piece of equipment, from PBX to routers to networking switches, VPN gateway, and servers, is filled with a layer of black soot. The Business Continuity Plans are activated and IT swings into recovery mode. The effort is tedious. Recovery is executed by bringing in new and refurbished equipment for successful revival. Disaster Recovery work is no fun and this clearly shows that while data backups may be the most mundane of roles, it is critical to infrastructure recovery.  

So has this landscape changed compared with 10 years ago?  Yes, it has! Virtualisation and cloud infrastructure have made Business Continuity Planning and Disaster Recovery an imperative. Let's investigate the Disaster Recovery process. Cloud infrastructure contributes to high system uptime, and, application availability is taken for granted. If the infrastructure goes down, the recovery is expected to be more complex. When a declaration of disaster is made, the recovery steps need to be triggered according to the DR Plan, and must be carried out quickly while constantly responding to changing scenarios.

Being ready means having sufficient server, SAN and networking capacity to activate a failover step. This requires a conscious capacity planning effort - to deliver a productive, robust plan. These plans can be activated to our private cloud infrastructure in another company owned data centre. If you have been leveraging the public cloud, alternative options are available. In this world of instant capacity, on demand pre-negotiated provisioning is a viable situation to support backups to a hosting provider.

The assessment is whether the current provider has a sufficient robust infrastructure to provide a disaster recovery function to meet your business needs. A second provider can be explored.  There are companies which have made this a focus area, ensuring system/data backups are compressed, transmitted and encrypted over the network and stored in a reliable location. Secured recovery is activated on command by the customer.

Basics are the same 

Regardless of infrastructure providers, the basics do not change. Business Continuity Planning is key to ensuring the organisation's capability to operate in any situation. We have to evaluate the critical systems to be recovered and the timing to execute the recovery. An organisation is likely to have tier one critical applications which are synchronous with another location, and we will not notice the backend system's unavailability.

Alternatively, some organisations execute DR plans by switching systems -from secondary to primary.   There may be systems which have manual work around and do not require IT recovery. Prioritisation of systems to recover must be clear and pre-determined. Also, as preparatory diligence, assessment and allocation of resources must be done prior to the crisis; to seamlessly execute recovery. Finally, a disaster recovery drill needs to be conducted on an annual basis; to ensure compliance, to document relevant changes and updates to plans. Confidence comes from being prepared.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.