Upload
miriam-obrien
View
144
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Action Point Event in conjunction with ABC Solutions & Dell: The Cost of Downtime. Business Continuity & Disaster Recovery Strategies.
Citation preview
In partnership with
Business Continuity & Disaster RecoveryStrategies for Success
About Action Point Established 8 Years - 2005 to 2013
Average growth rate of 48% per Year
30 Employees
First Dell Certified Partner in Ireland
Overall Winner in Limerick County Enterprise Awards 2011
Winner Best SME Award Midwest 2011
Winner Best Technology Business Award Midwest 2012
Our Services
Clients include
Clients include
Business Continuity Management
The Cost of Downtime
Speaker: Michael O’ReganABC Solutions
Michael O’Regan established Absolute Business Continuity Solutions Ltd in 2005 and has over 10 years’ experience in business continuity planning. ABC Solution’s primary function is to aid small to medium enterprises in establishing business continuity arrangements to enable them to weather any incidents that may occur.
Business Continuity Management
Agenda:
Business Continuity Overview
Business Continuity Plans – Key Contents
Business Continuity Planning – IT Relationship
What is the Business requirement?
To provide the service, ideally 100% of the time, in a timely manner, to an acceptable level – may be defined in contract/SLA
Stated another way – to reduce the risk of service interruption to an acceptable level
If an incident occurs to be able to recover as quickly as possible with as little disruption to the service as possible
What is Business Continuity Management (BCM)?
BCM is about ensuring that your Business prepares a plan to handle a serious incident.
During this process you can identify ways to reduce the risk of an incident happening and minimise the impact if it does happen. If an incident occurs key staff should be trained to handle the situation through testing and exercising which will enable your business to continue to function to the agreed level with the least disruption possible.
Drivers for Business Continuity Management
Key Stakeholders: Customers/Clients
Regulator – Financial Regulator Insurance Company
Staff
IT providers
Categories of Operational Risk
Environmental Disasters – Fire, Floods
Organized or Deliberate Disruptions – Labour dispute, Fraud
Loss of Utilities or Services – Power, water, waste, phones
Equipment or System Failure – Internal Power; Air Conditioning
Serious Information Security Incidents – Laptop stolen;Disclosure of sensitive files; IT systems failure
Other Emergency Situations – Negative publicity;Mergers & Acquisitions
Cork suburb badly hit by overnight floodingMarch 2013
27/1/11 – 10 Revenue laptops stolen
June 2012 - Ulster Bank payment problems to persist until the end of the week
Exercise/tests vital to success Blue Light Services (Fire brigade, Gardai, Ambulance) carry out regular training exercises – this is why they are prepared for the real thing!
BCP Plan contents
List of critical activities IT dependencies
Alternative work area requirements
Contact details – Staff, Clients etc. Incident Management details
Testing/Exercising
BCP Policy
BCP Support infrastructure
BCM process overview
Backup & Recovery Strategy
Recovery Activities
Incident
ID Recovery TeamsEmergencyDisaster RecoveryBusiness Recovery
Risk AnalysisThreat => Probability & Impact
ID Controls – in place; required
(Reduce risk to acceptable level)
Key output from BCM process
Identify Mission Critical Activities (MCA)
Identify key Inputs\Outputs,Key Suppliers; Documents
Identify Maximum Tolerable Outage (MTO) and Minimum Essential Service (MES)
Define the: Recovery Point Objectives (RPO) to what point in time you need to recover the MCA
Recovery Time Objectives (RTO)how quickly you need to recover the MCA
Recovery Management Objectives
Define RTO and RPO
Backup to Disk
Replication
RPO RTO
Wks Days Mins SecsHrs WksDaysMinsSecs Hrs
Tape Backupwith Offsite Storage
Fail-Over/Replication
Backup to Disk
How much data loss can your business endure?
Lost transactions = Lost business
How much downtime canyour business endure?Time is money
Recovery from Tape
Testing/Exercises
Needs to consider different scenarios…
Fire/flood impacting data centre
Fire/flood impacting work area
Data corruption
Loss of broadband
Loss of phones
Supplier incidents
Critical Suppliers
ID critical suppliers
What would happen if they had an incident?
Do they have a proven BCP plan?
What alternatives exist?
Next Steps - Outline Process to put BC Plan in place
Review current state of risks – ID gaps
Prepare plan to eliminate gaps
Document the plan
Test/exercise the plan
Annual Review or after major change
COFFEE BREAK
Continuity & Technology
What are the top causes of downtime?
Natural Disasters?
Human Error?
Hardware Failure?
Software Failure?
Continuity & Technology
Top causes of downtime:
Natural Disasters
5%
Human Error
22%
Hardware Failure
55%
Software Failure
18%
Average Recovery Time – 30 Hours
Source: Quorum. Q1 2013
Continuity & Technology
73% of downtime relates to Information
Technology & Information Systems
5%
22%
55%
18%
Natural Disasters
Human Error
Hardware Failure
Software Failure
Continuity & Technology
How do you calculate the cost of this to your
business?
Add:
Employee Productivity
Cost of Restoration
Sales Lost
Reputational Cost
Online calculator available
Continuity & Technology
Prevention is better than cure!
Most downtime could be avoided
- Prevent – Apply Best Practice & Maintain
- Plan – Projects, Resources & Finances
Continuity & Technology
Action Point’s methodology
1. Identify the Risks
2. Address the Risks
3. Document
4. Test
1. Identify the Risks
Technology StackApplications
Services
Data Backup
Operating Systems
DR & BC
Virtualisation
Server Hardware
Telephony
Active Network
Physical Network
External Network
Power
Environment
Physical Security Access Control System
Data Backup to Offsite Location
VMWare or HyperV
Dell PowerEdge Servers & EqualLogic Storage
Phone System, Handsets & Headsets
UPS, Generator
Air Conditioning / General Location
Business Applications, Databases, Services
Cabling & Patching
Dell PowerConnect Switches
Data Replication System (to Secondary Site)
Microsoft Windows Server
Microsft Exchange, Office Applications, SQL, File, Print Queues
Internet / WAN / Firewalls / Interbuilding Links
1. Identify the Risks
Identify and catalogue the risks
Catalogue the application services
Are any pro-active maintenance routines needed?
Establish the RTO & RPO of each
This information dictates the minimum
requirements for protection:
Is Backup sufficient?
Is Continuity required?
2. Address the Risks
Bring existing systems in line with Best Practice
Introduce Resilience where required
Install software systems and hardware systems
as needed
Update maintenance routines to ensure systems
are kept operational and that potential issues are
pre-empted.
Employ pro-active monitoring of key services.
3. Document the Plan
Document:
Infrastructure
Maintenance routines
Procedures for Fail-over
Keep it updated
4. Test, Test & Re-Test
Test!!!
Your plan is only as good as the last test
Client Case Study: VoxPro
Client since September 2010
Have grown from 100 to 400 staff
Core Systems based on Dell Infrastructure
Implementation Services from Action Point
Client Case Study: Chill Insurance
Client since October 2010
Have grown from 40 to 200+ staff
Core Systems based on Dell Infrastructure
Implementation Services from Action Point