Our main feature is around ourCon nuity Capability and Ma­turity Model, CM², and is testa­ment to what I have wri enabove. The contributor to thisfeature, Karen Humphris a sen­ior advisor for Con nuitySA.

A demonstrable ability to survive and recover frommajor disrup ve events has become the single most im­portant success aspect of any business con nuity man­agement (BCM) programme. The CM2 framework hasbeen designed to provide analy cal informa on whichcan be used in determining an organisa on’s ability tosurvive any opera onal disrup on resul ng from a sin­gle or a series of worst­case events. CM2 provides com­pany boards, senior management, Risk Managers,Compliance Officers and BCM prac oners with amechanism to; monitor the effec veness of a BCM pro­gramme, establish its current level of maturity; and todefine an ac on plan of improvement measures whichcan be adopted to enhance BCM capability. To ensurethat everyone gets something out we are hos ng abreakfast on the 24th May 2012 around the detail ofthis solu on.

Our second feature is around Infrastructure ImpactAnalysis (IIA) which can help CIO’s create a businesscon nuity solu on that is effec ve and takes into account the constraints of the real world. It is clear that

IT has become cri cal to business and this solu on canassist in keeping a business running and its reputa onin tact when disaster strikes.

This month we also feature adop ng cloud in your backup strategy and yet again give coverage on taking busi­ness con nuity into the mainstream and not forge nghow to keep your contact centre up and running.

The comments and opinions from our contributors pro­vide valuable insights to advising our clients more effec­

vely around these services.

Lastly I am excited to announce that we are trying tokeep you informed in every means possible and besidesour quarterly newsle er we load our latest informa onon both our LinkedIn and Facebook pages so as to keepyou informed, so join us on these social networks forthe latest news. Don’t forget to take a look at our up­coming events and training happening this year, soplease visit our website and look at these events andlatest news.

Don’t forget that you are welcome to send us yournews, which we will be willing to include in our nextissue of client chronicles.

Editor – Cindy Bodenstein

cindy.bodenstein@con nuitysa.co.za

marke ng@con nuitysa.co.za

by Michael Davies – Managing Director, Con nuitySA

Q2 2012Keeping ContinuitySA

clients informed

1

As we move towards the middle of 2012 it is apparent that uncer­tainty and risk will be prevalent for the me being. With greaterstrides in technological advancement yet greater uncertainty in thepoli cal and financial stability of countries worldwide, companiesneed to ensure that they have greater organisa onal resilience to theunexpected bumps in the business road along the way.

All Links now Interac ve

and Live!

This issue of Con nuitySA Client Chronicles is the biggest we have ever pub­lished. These pages are filled with news on current developments, expert in­sights and useful informa on. There is so much happening in the industry, andI thank all the contributors for their informa on.

In this Issue

Business Update: Forging ahead into 2012

1 Business Update:Forging ahead into2012

2. CANSA Shavathon

3. CM2: Measuringthe business con nuity model

5. Medihelp remainsat forefront ofmedical schemes’industry

7. Adop ng Cloud inYour Backup Strategy

8. Striking the bal­ance between costand cri cality

10. Keeping the contact centre and the business –up and running

12. Con nuity as aService becoming a reality Data recovery servicestake the next bigevolu onary leap.

13. “No business con nuity plan, no business”

15. Ge ng to gripswith VDI

18. IT Service Con nuity® Training

Editor’s Note

Business confidence in South Africa s ll appears bruised and theeconomy is doing its best to grow while the internal and globalpressures remain. At Con nuitySA we have been fortunate to ex­perience a li in business ac vity since the beginning of the yearand are heartened that business con nuity appears to be movingback onto the board’s agenda. This may also be as a result of aconcerted effort by Con nuitySA to become more opera onallyrelevant to companies in terms of delivering more value throughbusiness con nuity solu ons including virtualisa on and replica­

on which can result in a higher availability of resources. A virtu­alised environment not only has the ability to reduce the numberof servers currently required, it is also possible to route some ofthe produc on ac vity through this environment too.

In this new order of a depressed economy it has become impor­tant to u lise be er IT technologies, such as cloud compu ng, togain be er effec veness of the IT budget.

Con nuitySA’s Advisory Service offerings of CM² (Capability andMaturity Model) and IIA (Infrastructure Impact Analysis) are toolsused to reflect the current state of business con nuity and IT sys­tems and processes with a view to their cost and cri cality and ul­

mately improve the efficiencies within that environment. Thepoten al savings in costs together with improving technologiesplaces a company in a more compe ve posi on.

Con nuitySA’s aim is to be a trusted partner to your company withbusiness con nuity that is opera onally relevant and to assistthrough your more difficult mes so that you are around for thegood mes.

Our Business is keeping you in Business.

2

by Karen Humphris – Senior Business Con nuity Management Advisor, Con nuitySA

3

As we all know, the business environment has becomemuch more vola le and changeable: Compe on is moreintense, and customers are raising the bar all the me.Business agility has become a key business success factor,

and the modern corpora on is increasingly all about change. Intandem, business con nuity plans have to become as agile in orderto ensure they remain up to date with constant change. For thatreason, business con nuity management has grown in importanceglobally because it provides a way to embed and con nually up­date business con nuity plans. And, as business con nuity man­agement has grown in importance, so has the need to assess iteffec vely.

The old adage, “You can’t manage what you can’t measure”, isequally true here.

We have developed a comprehensive model that allows companiesto assess the effec veness of all the elements of their business con­

nuity management programmes and, perhaps more importantly,to move from their current state to the desired state in a deliberateand planned fashion. This model—the Capability and MaturityModel, or CM2 Model—is applicable whether you have just begunimplemen ng business con nuity management or whether youhave a full­blown business con nuity management system.

The 12 success factors of business con nuity management

Our departure point for building the CM2 model is the 12 successfactors of a successful business con nuity model. Clearly, the effec­

veness of each one of these contributes to the overall maturityof the programme as a whole.

In our experience, the 12 success factors of an effec vebusiness con nuity model are:

• Execu ve support. Is there a business case and is it backed upwith budget, policies and leadership commitment?

• Resources and exper se. Are they sufficient?• Core enterprise threat assessment. What are the threats and

single points of failure—and how are they managed and mi ­gated?

• Extended enterprise threat assessment. The same assessmentmade of the supply chain.

• Con nuity strategies. What are the possible strategies for eachof the resource dependencies, and which ones should be se­lected?

• Incident management framework. This should consist of strate­gic, tac cal and opera onal ac vi es with an appropriate infra­structure.

• Incident (emergency) response. Are the procedures, infrastruc­ture and teams in place to protect your most valuable asset,your people?

• Reputa on management. Are the procedures, infrastructure andteams in place to protect your next most valuable asset?

• Business con nuity plans. Do they include an ini al response,recovery plans and, ul mately, resump on of normal opera­

ons?• Recovery infrastructure. Is it adequate, and is its own risk profile

adequately managed?• Tes ng. This is one of the most vital steps and one that compa­

nies struggle with the most. • Assurance reviews and audits. These processes are necessary

ul mately to drive a culture of con nuous assessment.

Crea ng the CM2 model

Each of these 12 success factors, including the many individual fac­tors that make up each one, can then be scored according to in­terna onal standards and good prac ce guidelines. Each scoringwould take into account the theory and methodology of businesscon nuity management, the company’s actual prac ces, the re­sources it allocates to business con nuity management and theunderlying business con nuity management system. The scoringwe use dis nguishes between five levels of maturity, from Level 1(cannot recover from or survive a disrup on) to Level 5 (recover­ability is cer fiable). These levels correspond to percentageranges, and so each success factor’s elements can be rated interms of percentage to generate an overall level for that factor.The assessment results are granular enough to provide many dif­ferent analyses; for example, business units or individual sitescould be assessed.

This model thus provides a clear snapshot of where the organisa­on is at present—perhaps more important it allows a company

to specify where it would like to be in the future.

And because it’s so concrete, the steps that need to be taken canalso be precisely iden fied and priori sed. Progress along the jour­ney can also be measured and managed, and improvement quan­fied.

Measurement truly doesn’t only enable management but also im­provement—and that’s where the strength of this model is evi­dent: it helps an organisa on to move towards be er businesscon nuity management and thus, ul mately, to a company withgreater longevity.

CM2:Measuring the businesscon nuity model

A capability and maturity model injects rigour into a business con nuity model – something that’s necessarygiven its importance.

5

Medihelp is South Africa’s third largest open scheme with 107 years’ experience in the medical

schemes’ industry. The Scheme covered more than 217 000 lives by the end of April 2012 whilst

maintaining a solvency ra o of more than the required 25%.

The Scheme has performed wellwith regard to its client service,brand awareness and claims­paying ability. Medihelp hasbeen at the forefront of the

industry when it comes to client serviceand has maintained its good rela ons withmembers and service providers alike. Anintegral part of Medihelp’s service offeringis its ability to process and pay claims. TheScheme processes more than 250 000claims per month of which almost 90% are received electronically. Claims areprocessed on average in 5.4 days from recep on and payments to members andservice providers are made three mes amonth. This efficiency has contributed toMedihelp’s AA­ (AA minus) ra ng by theworld­renowned Global Credit Ra ngCompany for its claims­paying ability.

Product­wise Medihelp offers a range ofgood quality, yet simple benefit op ons toensure ideal medical insurance to its corporate and individual clients. The prod­uct offering es in with the Scheme’s mission to enhance the quality of lifethrough cost­effec ve and efficient finan­cial cover of health care services, in par cular those that are life­saving andlife­sustaining.

For 2012 Medihelp enhanced its productrange considerably, including a HPV vacci­na on benefit against cervical cancer as

part of its preventa ve care benefit pack­age. In addi on to the preventa ve carebenefits Medihelp has increased its benefitlimits on the majority of its op ons and hasdecreased its co­payments on hospitalisa­

on and endoscopic procedures with respect to its Dimension range of products.

Anton Rijnen, CEO of Medihelp says theScheme has con nued with its seven benefit op ons in 2012 and has added sub­stan al value with the various enhance­ments. “We have con nued our strongfocus on preventa ve care with the cervi­cal cancer vaccina on benefit for femalesbetween the ages of 10­ and 26 years. Inthe same vain we are offering tetanus vaccina ons for all beneficiaries as a pre­venta ve care benefit,” he says.

“For us, long term sustainability remainsthe key. The challenge lies in growing ourmarket share through effec ve risk management, and ensuring the con nuedperformance and compe veness of ourproduct range. It is of par cular impor­tance to ensure financial stability in an environment typified by constant change,”he says.

Medihelp remains at forefrontof medical schemes’ industry

http://www.medihelp.co.za

7

Today’s business environment istruly global—and that means it’shighly compe ve and ge ngmore so as the emergingeconomies flex their muscles.

Cost pressures are unremi ng and the demand for uninterrupted services andhigher levels of personalised service thanever before has become the norm.

In order to enable organisa ons to compete effec vely in this demanding marketplace, CIOs are looking for increas­ing levels of performance from their infrastructure. At the top of their lists are ways to make infrastructure more dynamic, resilient and to take advantage of virtualisa on, which itself is changing the tradi onal compu ng model.

Cloud compu ng offers a way to achievemany of these goals and is increasingly becoming part of corporate strategies.

As an aside, it’s advisable to be aware thatthere are many defini ons of cloud compu ng—so many that the US Ins tuteof Standards and Technology (NIST) has issued a formal defini on: “Cloud comput­ing is a model for enabling ubiquitous, convenient, on­demand network access toa shared pool of configurable compu ngresources (networks, servers, storage, applica ons and services) that can be rap­idly provisioned and released with minimalmanagement effort or service provider interac on."

As a model for consuming and deliveringinfrastructure, the cloud enables self­service, different sourcing op ons and significant economies of scale. It’s alsoclear that organisa ons will use a combina­

on of private and public clouds to achievetheir goals.

When it comes to backup, cloud has manya rac ons for CIOs, who face the challengeof increasing volumes of data and sta c ITbudgets, allied to growing requirements tokeep vital data and the systems it runs onavailable. In other words, tradi onalbackup which protects the data is no longersufficient—Complete IT resilience is essen­

al because without it, very few organisa­ons can survive for extended periods.

Adop ng Cloudin Your BackupStrategyIt makes sense, but you need to do your homework first. By Sasha Malic, Solu ons Architect, Con nuitySA

Infrastructure ImpactAnalysis can help

CIOs create a businesscon nuity solu on

that is effec ve andtakes into account theconstraints of the real

world.

8

Cloud­based backup also has the advan­tage of giving peace of mind because it oc­curs off site and reduces the need to dotape back­ups.

Caveat emptor

The old La n tag, “buyer beware”, is par cularly relevant here becausemany services that are marketedas disaster recovery are actually

nothing more than offsite data copies.That is, they replicate data but not the sys­tems, on which the data, applica ons, con­figura ons and opera ng systems resideon. Data replica on is no longer accept­able for most businesses. In today’s globaleconomy it is expected from organisa onsto be 100% available at all mes.

By contrast, a true disaster recovery mir­rors the en re system as well as providingthe infrastructure on which to bring up thesystems. A cloud based solu on will lever­age the syndica on of such systems whichthe service provider can offer due to mul­

ple customers that share the same infrastructure.

A complete disaster recovery solu on asdescribed above is costly. It requires largevolumes of data to be copied across thepublic Internet or via a private WAN link. A lot a bandwidth is required to ensure thethe Recovery Point Obec ve (RPO) re­mains at acceptable levels and the solu onis reliable.

It is also important to op mise data replica on by using compression devices,selec ve replica on and incrementalcopies.

Priori sing data and systems for replica­on is thus key, and to do so one must un­

derstand the organisa on’s risk profile andto iden fy cri cal data and system. To pri­ori se effec vely, it is cri cal to perform arisk assessment as well as business impactand infrastructure impact analyses. (Formore on this process, see Striking the bal­ance between cost and cri cality.)

Once this homework has been done, andyou have a full understanding of the hierarchy of data and systems in rela onto business cri cality, then the business recovery plan can be created. And as partof this business recovery plan, cloud’s flexibility and ability to reduce costs willlikely be an a rac ve solu on.

By Jorgen Nielsen, Director, Con nuitySA

There’s no ge ng away from thefact: IT has now become cri cal tobusiness. In fact, in many instances,

the business is virtually indis nguishablefrom the IT pla orm on which it oper­ates. For CIOs, this means tremendouspressure to provide business con nuitysolu ons that will keep the business run­ning and its reputa on intact when dis­aster strikes.

Of course, business con nuity providerslike Con nuitySA have developed the in­creasingly sophis cated recovery solu­

ons to do just that. The technology toget an organiza on’s IT systems up andrunning in minutes in the event of a dis­aster now exists—but the problem is thatmost, if not all, companies cannot affordthis Rolls­Royce solu on for all their data.

This reality check is all the more severegiven the current circumstances in whichwe find ourselves. The global recessionmay or may not be ending, but compa­nies remain under very ght cost con­straints, and are likely to remain so. CIOsreally are being forced to do more withless.

The second circumstance that compli­cates the CIO’s life is the huge explosionin data generated by ubiquitous IT. Gart­ner es mates that businesses are grow­ing their data capacity at between 40 and60% annually, in part because of thegrowing torrent of unstructured data likee­mail, and documents that need to bekept for regulatory purposes.

Whereas once CIOs talked about kilo­bytes and gigabytes of storage, now it’sno longer unusual to hear them talkabout terabytes and petabytes!

Striking the balance betweencost and cri cality

Second Feature

New thinking needed

All of this data is extremely costly tostore, protect and keep availablethroughout a disaster. The truth of thema er is that CIOs desperately a need away to priori se the data that they mustprotect, and devise targeted solu ons ac­cordingly. A one­size­fits­all approach iseither unaffordable if it uses the best so­lu on, or not good enough if it takes acheaper, less effec ve route.

At Con nuitySA we have developed a six­step methodology for extending the tra­di onal business impact analysis to givethe CIO true visibility into the businessimpact of each component of the IT in­frastructure. This view enables him or herto come up with a ered IT Service Con­

nuity solu on. We call this the Infra­structure Impact Analysis (IIA).

The IIA allows the CIO to analyse the ap­plica ons, systems and, crucially the in­

terdependencies between the variousback­end infrastructure componentsthat support them. Based on which ap­plica ons they enable, the IT compo­nents can be priori sed in terms of theircri cality to the business. In this way, theCIO gains total visibility not only of thefront end (which is the area covered bythe tradi onal business impact assess­ment) but the processes and ul matelythe systems and infrastructure that sup­port each part of the front end.

With this view, it becomes easy to er thedata—we use a three­ er structure—interms of which the most appropriatetype of data recovery solu on can beconstructed. In crude terms, therefore,the Tier 1 super cri cal data can get theexpensive, top­of­the­range managed so­lu on with instant recovery, while Tiers 2and 3 receive more affordable treatment.The cost savings of this ered approachcan be significant—but they are driven by

a clear understanding of each IT infra­structure component’s cri cality to thebusiness and not cost.

Conversely, by op mising the businesscon nuity budget, the IIA makes thefunds necessary to provide the managedbusiness con nuity that the Tier 1 dataneeds by migra ng the lower ers to lessexpensive solu ons. There’s a furtherbenefit: the use of hosted business con­

nuity management for Tier 1 creates avirtual environment that can also be usedfor produc on during normal businessopera ons. In effect, this moves ex­penses off the capital budget and ontothe opera onal segment.

In this way, an Infrastructure ImpactAnalysis can help CIOs meet the need toensure that the business always has thenecessary IT systems available and recov­erable — within the budget constraintsof the real world.

9

By Jus n Hammann,Business Development Manager, Con nuitySA

10

Keeping the contact centre and the business – up and running

If the contact centre goes down, very o en the whole business ishamstrung. A dedicated business con nuity plan is a must.

Love them or hate them, contact cen­tres have grown steadily in impor­tance. Now, for many businesses

across all sectors, the contact centre hasbecome the conduit through which clientsand business partners interface with thecompany. In line with their growing impor­tance and thus scope, they have becomecomplex organisa ons in their own right.

All of this, of course, represents a real risk.In the event of a disaster, how quickly canthe contact centre be recovered? And howmuch of it can be made opera onal? In cer­tain industries—think of a bank—transac­

ons are extremely me­sensi ve. Forothers, there is greater leeway, but it mustalways be borne in mind that today’s cus­tomers are both fickle and have realisedthe power of social media to voice their dis­sa sfac on. One person’s inability to get intouch with your company to do businesscan quickly escalate into a firestorm onTwi er or Facebook.

The inescapable fact is that companiesneed to understand exactly what the com­ponents of their contact centre/s are, andhave an integrated business con nuity planthat can get them up and running in asshort a me as possible.

Know the vulnerabili es –and the components of thestackA good place to start is to understand themain things that could go wrong. These in­clude pandemics that affect staff and theinability to access the premises owing, say,to a fire in the neighbourhood or a bombscare. In South Africa, cable the thatcauses either communica on or poweroutages is a real possibility. But by far themost common threat is, of course, ICT fail­ure of one sort or another.

Next, a company really needs to under­stand the various components that makeup its contact centre. At Con nuitySA, wehave created a conceptual model, or stack,that makes a logical framework to follow(see the diagram). The stack builds fromthe bo om, and the business con nuityplans must encompass them all.

But how?Crea ng these plans can never be a singleevent—contact centres are extremely dy­namic environments with new technologyand capabili es being added all the me.For example, a company might introduce apromo on that requires it to receive andrespond to SMSs from exis ng and poten­

al customers. If the centre goes down dur­ing this promo on, that capability needs tobe integrated into the business con nuityplans.

For this reason, we suggest following thetypical business con nuity managementlife cycle approach. Without going into de­tails about the life cycle itself, the impor­tant point is that the process is itera veand measurable. It ul mately comes downto embedding business con nuity manage­ment into the corporate culture: this issomething that senior management has tolead.

The life cycle approach will also prevent acompany from excessive focus on one ele­ment of its contact centre—usually tech­nology—to the detriment of othercomponents. It means that the plans madeare not focused on scenarios (like floods orIT failure) but on the resources needed torun the centre.

11

Ac on planOver many years in the business, we have dis lled several key lessons that should guideyour thinking about how to plan for the con nuity of your contact centre.

• Understand the importance the contact centre has to your business and thus the impactof any disaster. This will help you achieve focus and set budgets realis cally.

• We have found it very beneficial to involve all the role­players involved in each componentof the stack, as well as the business, in order to make accountability clear.

• Transparency, in general, is crucial. Without it, one o en finds that the business has com­pletely unrealis c expecta ons of the business con nuity plan, and the business con ­nuity team does not properly communicate areas of concern for a en on.

• Tes ng is absolutely vital. It must be meaningful—too o en, companies test what theyknow they can do—and it must be documented so that issues can be addressed and thenecessary budge ng undertaken as required.

In conclusion, contact centres have become very complex and very important. It’s vital tounderstand how important, and what elements actually go into the centre—and then createthe plan you need to ensure con nuity.

Keeping the contact centre and the business – up and running

12

Con nuity as a Service becoming a realityData recovery services takethe next big evolu onary leap.

A decade ago, server recovery was a manual process that took four to five days on

average to complete. In fact, anything up a week was acceptable. The solu on was

almost invariably on the client’s site using dedicated infrastructure—the lack of band­

width meant that replica ng data between offices simply was not financially feasible.

The burs ng of the dotcom bub­ble provided the impetus for arange of new hosted servicesand had a major impact on thedisaster recovery services as

companies began to outsource hos ngservices. In turn, this prompted the growthin replica on and co­loca on, mostly lo­cated within the same city, as connec vitycosts and bandwidth issues remained a keyconstraint for the industry.

Over me, as we all know, connec vityprices started to come down, and band­width became more available in outer cityareas. As a result, data centres could bemoved to outlying areas, and dual­site so­lu ons became more standard. And as thedemand and expecta ons rose, so did thepressure on business con nuity providersto guarantee resilience.

Today, we are seeing triangulated gigabitsolu ons becoming commonplace—andclients really benefi ng from the reducedlatency.

Greater connec vity into mul ple data cen­tres has also driven an increase in the de­mand for on­site services like remotehands, monitoring portals that allow clientsto monitor power and temperature, andthe rise of service­level agreements. It alsoled to an increase in the concept of the sin­gle solu on that included hos ng, storage,networking and many of the associatedmanaged services.

In essence this means that a wide varietyof services across pla orms within thecompany can be fused back into a single re­covery service—Con nuity as a Service.

What does the future hold?Given where we are now, it’s worth lookingat where we are likely to be going in the fu­ture. It’s clear that Infrastructure as a Serv­ice and Pla orm as a Service will play agrowing role in disaster recovery. They arenot new, but they are changing the waythat companies use disaster recovery serv­ices by making recovery solu ons more op­era onally relevant.

It must be borne in mind that the tradi­onal hosted services I described at the be­

ginning of this ar cle are some mes s llquite sufficient for certain areas of busi­nesses.

Consequently, a business con nuity com­pany must s ll offer these types of service.Where there is considerable evolu on isaround the area of availability and networkservices. When it comes to availability, weare seeing more demand for managedbackup and recovery, virtual server replica­

on and high­availability solu ons gener­ally. Networks are obviously cri cal intoday’s connected environments, and so In­ternet bandwidth, voice and network re­covery, point­to­point connec vity, MPLSrecovery and managed security are alsogrowing strongly.

Recovery services are becoming more op­era onally relevant and increasing the con­

nuity of the business that is being offered,not specific services. In this context, it’s ob­viously very important that one providerdelivers the full service—everything hangstogether so it’s best if one company has re­sponsibility for it.

Professional services play a hugely impor­tant role in this emerging business con nu­ity landscape. They can help companiesdecide which components need to behosted in Tier 3 data centres or require fullymanaged services, by establishing howmuch the business depends on each com­ponent of the IT infrastructure.

For that reason, we have created an Infra­structure Impact Analysis which is ab­solutely cri cal in helping clients assesswhat their business con nuity needs are,and what type of service they require froma provider like us. (Read more about the In­frastructure Impact Analysis in a forthcom­ing ar cle.)

By Jus n Lord, General Manager, Hos ng Services, Con nuitySA

13

Taking business con nuityinto the mainstreamSeveral services flow from the concept ofCon nuity as a Service, and complementit. These include managed services andreplica on services, but I especially wantto highlight virtual server hos ng, whichcreates fully resilient resource pools forclients to recover cri cal business applica­

ons. This on­demand capacity can also beused for normal daily opera ons at meswhen it is not required for disaster recov­ery—which is most of the me, a er all.

Obviously, this resource pool’s primaryfunc on is for business con nuity, but it isthere to be used for whatever the clientwishes; for example, for R&D. It givesclients a seamless real­ me recovery ifthat’s what they want, which can include

other services like call centres, telephony,work sta ons and so on. This fusion ofservices is possible because it all sits on thevirtual infrastructure within the serviceprovider’s campus.

Con nuity as a Service is about evolvingtradi onal recovery services into opera­

onally relevant services that provideclients with virtual resource that can beused for much more than disaster recov­ery. It’s all a very long way from the man­ual on­site recovery over several days, withdedicated infrastructure that basicallystands idle for most of the me.

Supply chains today are extremely com­plex—and as they are now global, they areextremely long as well. This scope andcomplexity creates a web of interdepen­dencies that is hard to track. Indeed, manycompanies live in ignorance of the riskposed by one part of their supply chain…un l disaster strikes.

Supply chains are mul level and comprisethe flow of goods and materials, informa­

on and money within and between or­ganisa ons. The outward manifesta on ofsupply chain is the physical transport anddistribu on networks that move goodsfrom one point to another, but as impor­tant are the communica on networksacross which informa on passes. Today’ssupply chains, with their emphasis on effi­ciencies and just­in­ me delivery arehugely dependent on these less visible net­works.

Watch for the risksToday’s supply chains face three broadtypes of risk. The first of these is the lossof power. Many outlets at the one end ofthe supply chain simply don’t have backupgenerators; during a power outage, theycannot transact with customers giventoday’s payment methodologies. In addi­

on, ordering systems are increasinglylinked to electronic lls, so loss of poweraffects replenishment. And, of course,stores selling perishables would be se­verely affected by extended loss of powerto refrigera on units.

The second major category of risk is loss offuel. One immediate result is loss of trans­port, which means that the movement ofgoods and people is halted—and considerthat the average supermarket might be re­plenished up to 12 or more mes a week.Perishable goods in transit would be at riskand, of course, so would backup power­genera on plans, which typically rely ondiesel generators.

Con nuity as a Service becoming a reality Data recovery services take the next big evolu onary leap.

By Derek Taylor, Business Development Manager, Con nuitySA

“No business con nuity plan,no business”That’s what your procurement department shouldbe saying to all your suppliers—but are they?

14

The final category is loss of people, prima­rily through industrial ac on and pan­demics. Obviously, without people,opera ons are compromised or even im­possible.

Each of these losses can affect any com­pany within the supply chain, with knock­on effects of greater or lesser severity.

But is it in the budgetEven from this brief descrip on, it’s clearthat even the simplest supply chain hasmul ple vulnerabili es, the number ofwhich grows exponen ally in rela on tothe supply chain’s complexity and scope.

The case of a local producer of specialtymushrooms to the European marketdemonstrates some of these interdepen­dences. A er lis ng on the stock exchangeand a year’s stellar growth, the companyfolded. One reason was poor harves ngprac ces, but the other two concerned

loss of power and loss of transport. Loss ofpower meant that the temperature con­trols necessary for mushroom growthbroke down, and port conges on meantthat the perishable product spoiled.

Even more to the point is Landrover which,in the early 2000s found itself unable toproduce its best­selling Discovery modelbecause the company that supplied thechassis went under. The chassis manufac­turer’s failure was the result of an ill­ad­vised foreign venture that had nothing todo with its local business with Landrover.Landrover learned the hard way that thefailure of single point of dependency is cat­astrophic: luckily, there was a happy end­ing and the company was able to recover.

Learn the lessonsMy point is that the interdependencieswithin a supply chain can be so complexthat a business can find itself at risk from

something totally unexpected somewherein a complex web of business partners.Conversely, a business might itself be soimportant in a supply chain that its failurewould put the whole chain at risk.

Your own company’s con nuity thus de­pends on the con nuity of the en re sup­ply chain. It’s thus very important to knowyour suppliers well, especially those thatare important. In fact, I believe that com­panies should not procure from supplierswithout ensuring that an effec ve and cur­rent business con nuity plan is in place:“No business con nuity plan, no business,”should be phrase on your procurementstaff’s lips!

In other words, your business con nuityplan must include credible business con ­nuity plans for all suppliers as well—theirsuccess is your success, but their failurecould also be your failure.

Should you have any enquiries as to how you can make a difference or would like to be included in regularly communica on, please contact Louise Theunissen (MBCI)(PMP), BCI Board Member Mobile: +27 82 928 7158 or Mail to: louise.theunissen@con nuitysa.co.za

BCI Forum South Africa

Upcoming BCI Forum Dates for 2012

30 May 2012 ­ Con nuitySA Media Briefing Room• 25 July 2012 • 28 November 2012

15

What is a virtual desktop infrastructure(VDI)?

A very simple ques on, but I have comeacross plenty of IT owners who have notheard of VDI or simply don't know theacronym. As is the ques on, the answer issimple. VDI provides the ability to house adesktop opera ng system in a virtual envi­ronment, which has typically been re­served for use with server pla orms.

Where does VDI originate from and whyis it of interest to many businesses?

VDI originated from the success of servervirtualisa on over the past few years. Or­ganisa ons were and s ll are moving moreand more to implement virtual infrastruc­tures for their produc on environments toease the pain of managing physical serverenvironments, reduce hardware footprintsand all the other associated issues andcosts, like data centre space, power and aircondi oning.

Virtualisa on has been so successful thatit has almost become the norm for an IT in­frastructure. Because IT managers andCIOs saw how successful the virtual plat­form could be, ques ons and ideas startedto appear around the feasibility of movingdesktops into the virtual environment as

well. In theory this would enable a secure,easy­to­deploy desktop that is housed inthe data centre and has all the inherentbenefits of server virtualisa on, such ashigh availability, consolida on and ma­chine templates.

Not surprisingly, the virtualisa on vendorsquickly came up with a solu on for housingdesktops in a virtual environment andcalled it VDI.

So how does everything fit together andwhat is needed to adopt VDI?

Because a desktop environment is muchmore (or should be) interac ve than aserver environment, user interac on witha virtual desktop is a given. Since the desk­tops are housed in a data centre, a remoteconnec on for user interac on is needed.

Most VDI vendors make use of technolo­gies such as terminal services as the inter­face to connect to desktops in the datacentre. Much like tradi onal desktops,each user has his/her own virtual desktopwith a desktop opera ng system such asWindows XP or Windows 7. Connec on tothis desktop is managed and maintainedusing a VDI connec on broker such asVMware view or Citrix Xen Desktop, to

name a few. The connec on is made fromany device that supports this so ware,such as a thin client, desktop or laptop. Toadopt a VDI solu on, a resilient virtual plat­form with enough capacity is needed tohouse the environment, and all the desk­tops, connec on broker so ware and aclient device are all necessary.

If an organisa on has already deployed aserver virtualisa on pla orm, on paper,adop ng a VDI strategy to enhance thebusiness seems cost­effec ve and easy toproduce a decent return on investment(ROI).

However, dive into it a li le more and theopposite is true. The cost of a thin client isvery similar to purchasing a desktop, ex­cept without the desktop opera ng sys­tem. There are a few tricks to housing adesktop opera ng system in a virtual envi­ronment from a Microso perspec ve. Avery par cular licensing type is needed,and exis ng desktop OEM licences cannotbe transferred unless so ware assurancewas purchased with them.

In the next few weeks, I will provide some insight into theworld of virtual desktop infrastructures (VDI). I will introducethe background of the technology, the pros and cons, alterna­

ve op ons and the future of VDI. To fully understand whatVDI is and why it is a key focus for many organisa ons, let mestart by asking a few ques ons:

Ge ng to grips with VDIGaining insight into the world ofvirtual desktop infrastructure andconcepts.

By Sco Orton, Co­founder and sales director of Triple4.

16

For a worthwhile VDI environment, a con­nec on broker such as VMware view orCitrix Xen Desktop is recommended. Al­though virtual desktops use significantlyless resources than virtual servers, addi­

onal resources are s ll needed.

Add all this together and there's a solu onthat requires quite a bit of investment,above and beyond, and merely offers desk­tops in a data centre environment. Simplymoving desktops from physical machinesinto a virtual data centre does not really re­duce support costs, because if a companyhad 400 desktops before, they s ll have

400 desktops simply housed in another loca on.

Benefits such as easy desktop deploymentare realised because of the inherent virtu­alisa on benefits. Other issues such asso ware deployment and support s ll re­main. So I pose the following ques on: isit worth inves ng in a VDI solu on or is itmore beneficial to concentrate on crea nga well­managed desktop infrastructure?How different are they really? That discus­sion is covered in part two; watch thisspace...

It’s widely accepted that SMEs are anyeconomy’s prime engines of job cre­a on and innova on. In South Africa,it is believed that SMEs employing

fewer than 50 people provide around68% of private sector jobs—and generatesome 60% of gross domes c product.

“In a country like South Africa, SMEs areabsolutely vital on a number of fronts,and ICT has a key role to play in makingthem more compe ve,” says ScoOrton, sales director at Triple4. “However,all too o en ICT acts as a hindrance ratheras an enabler for the busy entrepre­neur—that’s why we have developed thishosted op on to reduce both the costsand the management burden.”

According to Orton, Triple4’s Hosted Busi­ness Resources offering will enable SMEsto gain the agility they need to operateanywhere there is an Internet connec on.For example, the Hosted Lync servicemeans that a SME employee is always onthe corporate telephone system wher­ever he or she happens to be, and can ac­cess documents and a collabora onpla orm via Sharepoint.

“This offering allows an SME to operatelike a corporate—but without the over­heads in capital and management methat in­house ICT systems require,” Ortonsays. “There are also huge administra veand cost advantages when it comes to thepurchase of licences for Microso ’sserver products.”

Moving ICT offsite to the premises of atrusted service provider in this way doesrequire good connec vity, but a goodADSL line is sufficient, Orton says. Themonthly fee includes full support fromTriple4’s call centre. And because the ap­plica ons and data are housed in Triple4’sdata centre at Con nuitySA, Africa’s lead­ing business con nuity provider, both arefully protected against disaster. Con nu­itySA acquired 50% of Triple4 in 2011.

“This offering is already provoking greatinterest from the market, which showsthat the need is out there. SMEs need abe er way to access ICT, and this is it,”Orton concludes.

Triple4, the innova ve infrastructure solu on company, has launched a hosted service designed to givesmall to medium­sized enterprises (SMEs) access to enterprise­grade compu ng—at a monthly fee perseat. The new offering, Hosted Business Resources, offers SMEs Microso Exchange, Lync and Sharepointdelivered as a service from Triple4’s fully redundant data centre.

New hosted offering for SMEs from Triple4

Please click here to visit ourwebsite, Triple4.

17