Under par - disaster recovery, business continuity [ITP.net (United Arab Emirates)]
(ITP.net (United Arab Emirates) Via Acquire Media NewsEdge) Regional enterprises' disaster recovery and business continuity plans were largely lacklustre and insufficient, but are showing some signs of improvement writes Piers Ford
How resilient is your IT infrastructure? In an age when even a modest amount of downtime can have a profound impact on an organisation's profitability, it's a question that is rightly taking priority in enterprises across the Middle East. There is an unprecedented drive towards creating standards and procedures that reflect the latest best practice advice in disaster recovery and business continuity (DR/BC).
Much of this activity is being driven by shifts and influences such as the Arab spring, which has forced businesses to consider their vulnerability to governments shutting down the internet due to civil unrest, as well as the impace of that civil unrest on their resources.
Compliance and regulation are also key factors for any Middle East-based business which wants to compete in a global market.
But when a company comes to consider the effectiveness of its DR/BC strategy, there is still some confusion about what a robust plan actually involves.
"The Middle East does not have an impressive track record for DR and BC, and many installations are more focused on islands of functionality than complete functionality," said Boby Joseph, CEO of StorIT Distribution, one of the region's leading value-added distributors.
"Most of the time, DR and BC are confused with IT equipment availability rather than business continuity in the event of disruption or disaster. The local situation is volatile and fluid. The strategies adopted by most organisations are complacent and superficial. Of those who do have some kind of setup, they have hardly rigorously tested them and have adopted a policy of 'we are looking into it and developing in phases!'"Seeing improvement
Joseph's scathing comments are not necessarily reflected across the industry, however, and he does at least reserve some praise for financial organisations, which have been compelled to address DR and BC capabilities by the pressure of international compliance. Allen Mitchell, senior technical account manager, MENA, at data and information management software vendor CommVault Systems, said the picture has improved considerably during the last five years.
"This is partly due to worldwide events over the last decade, which has driven businesses to think differently about 'what we do in the event of…' scenarios," he said. "For example, many of the data management conversations, meetings and presentations that we have with end-users have an element of DR and BC built in to them, it is expected.
"Also, there is far more focus on BC in the tenders that end-users issue as they realise that they have to think about the 'what-if' factor, as well as the here and now. Another consideration today for enterprises in the Middle East is the competition and compliance factors from the various worldwide markets that they operate in. For example, there are standards and trading expectation within the telecoms, airline and banking sectors that need to be followed in order to operate in global markets. Multi-national organisations adapt to the regulations of the country in which they do business. That is why there is such activity around creating standards and procedures."DR/BC is essential
At Dubai-based data protection specialist Condo Protego, general manager Savitha Bhashar is more positive still about the attitude to DR and BC in the region, particularly among young businesses that are unencumbered by obsolete processes.
"A DR/BC plan is absolutely essential in today's business environment," she said. "Businesses in the Middle East are increasingly determined to move away from the notion of data storage as a diffuse, overwhelming burden, to embrace it as an integral part of a business strategy driven by information visibility and accessibility. The era of information being dumped and dispersed across multiple servers and mainframes is long gone, and business leaders are rightly looking for solutions that are faster, more efficient and above all, safer."
Yasser Zeineldin, CEO at regional managed services and hosting specialist eHosting DataFort, agreed that DR and BC are top priorities for organisations across the region.
"Understanding how to tie together diverse IT components to guarantee uninterrupted operations is crucial to a sound technology management operational plan," he said. "While time consuming, this is a critical process to ensure an organisation's ability to recover from unplanned events with minimal or no disruption to services and operations."Steps to DR/BC
According to Zeineldin, there are some key steps a business must consider in order to arrive at the basis of a comprehensive DR/BC plan.
"The initial step involves a Risk Analysis, in which you analyse the current environment to determine the threats that could cause a disaster, such as physical location, access security or corporate policy and practices," he said.
"The next step is a Business Impact Analysis, in which the organisation must ask who, what, where, why, how and when, in relation to its contingency planning. This helps in understanding and prioritising the risks you need to mitigate."
Zeineldin said there are two essential factors to consider when calculating downtime: the Recovery Pont Objective, which defines the acceptable latency of data to be recovered; and Recovery Time Objective, which defines the acceptable amount of time to restore the function. As part of your Disaster Recovery and Business Continuity plan, you will need to have a secondary site or at least the ability to back up your data to an external hard drive.
These functions could be outsourced to a third party such as eHosting DataFort, and cloud-based backup services are an increasingly flexible way for smaller enterprises to manage their DR/BC provision.
For larger enterprises, the options vary: hot sites, which duplicate the original site of the organisation complete with full computer systems and backups of user data; cold sites, which are the least expensive solution, which does not include pre-set up hardware or backed-up copies of data and information from the original location; and warm sites, a hybrid of the two, which will have some hardware and connectivity already established, and backups that might not be up-to-date.Defining…
As the IT industry finds increasingly sophisticated ways to pin down exactly what is meant by DR and BC, there is a shifting perception that the terminology itself is becoming outdated. Research firm Gartner has defined Business Continuity Management as a series of components that organisations can adapt and use as the foundation for an overall BCM program.
"Having a BCM program inclusive of crisis/incident management, IT-DR, business recovery, supplier management, contingency planning and possibly devolution/resolution planning, is required in today's world of growing disasters," said Roberta J Witty, research VP.
"Every firm, from small to large, should have a recovery program, even if it is keeping backups in your home, having everyone's home phone number and supplying laptops to critical employees," she added.
Witty said the starting point for any meaningful BC strategy is obtaining management support, so the need for recovery is clearly aligned with the business process.
"Without it, trying to create a BCM program will be an uphill battle," Witty said, adding that the program should be run by a dedicated manager on a full-time basis, and that it should involve the business at every stage.
"BCM is NOT an IT job," said Witty.
(c) 2013 ITP Business Publishing Ltd. All Rights Reserved. Provided by Syndigate.info an Albawaba.com company
[ Back To Technology News's Homepage ]