The Cost of Downtime


Published on

Action Point Event in conjunction with ABC Solutions & Dell: The Cost of Downtime. Business Continuity & Disaster Recovery Strategies.

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

The Cost of Downtime

  1. 1. In partnership withBusiness Continuity & Disaster RecoveryStrategies for Success
  2. 2. About Action Point Established 8 Years - 2005 to 2013 Average growth rate of 48% per Year 30 Employees First Dell Certified Partner in Ireland Overall Winner in Limerick County Enterprise Awards 2011 Winner Best SME Award Midwest 2011 Winner Best Technology Business Award Midwest 2012
  3. 3. Our Services
  4. 4. Clients include
  5. 5. Clients include
  6. 6. Business Continuity ManagementThe Cost of DowntimeSpeaker: Michael O’ReganABC SolutionsMichael O’Regan established Absolute Business ContinuitySolutions Ltd in 2005 and has over 10 years’ experience inbusiness continuity planning. ABC Solution’s primary functionis to aid small to medium enterprises in establishing businesscontinuity arrangements to enable them to weather anyincidents that may occur.
  7. 7. Business Continuity ManagementAgenda: Business Continuity Overview Business Continuity Plans – Key Contents Business Continuity Planning – IT Relationship
  8. 8. What is the Business requirement? To provide the service, ideally 100% of thetime, in a timely manner, to an acceptablelevel – may be defined in contract/SLA Stated another way – to reduce the risk ofservice interruption to an acceptable level If an incident occurs to be able to recover asquickly as possible with as little disruption tothe service as possible
  9. 9. What is Business Continuity Management (BCM)?BCM is about ensuring that your Businessprepares a plan to handle a serious incident.During this process you can identify ways toreduce the risk of an incident happening andminimise the impact if it does happen.If an incident occurs key staff should betrained to handle the situation through testingand exercising which will enable your businessto continue to function to the agreed levelwith the least disruption possible.
  10. 10. Drivers for Business Continuity ManagementKey Stakeholders: Customers/Clients Regulator – Financial Regulator Insurance Company Staff IT providers
  11. 11. Categories of Operational Risk Environmental Disasters – Fire, Floods Organized or Deliberate Disruptions – Labour dispute, Fraud Loss of Utilities or Services – Power, water, waste, phones Equipment or System Failure – Internal Power; Air Conditioning Serious Information Security Incidents – Laptop stolen;Disclosure of sensitive files; IT systems failure Other Emergency Situations – Negative publicity;Mergers & Acquisitions
  12. 12. Cork suburb badly hit by overnight floodingMarch 2013
  13. 13. 27/1/11 – 10 Revenue laptops stolen
  14. 14. June 2012 - Ulster Bankpayment problems to persistuntil the end of the week
  15. 15. Exercise/tests vital to successBlue Light Services (Fire brigade, Gardai, Ambulance)carry out regular training exercises – this is why theyare prepared for the real thing!
  16. 16. BCP Plan contents List of critical activities IT dependencies Alternative work area requirements Contact details – Staff, Clients etc. Incident Management details Testing/Exercising BCP Policy BCP Support infrastructure
  17. 17. BCM process overviewBackup &Recovery StrategyRecovery ActivitiesIncidentID Recovery Teams Emergency Disaster Recovery Business RecoveryRisk AnalysisThreat => Probability & ImpactID Controls – in place; required(Reduce risk to acceptable level)
  18. 18. Key output from BCM processIdentify Mission Critical Activities (MCA)Identify key InputsOutputs,Key Suppliers; DocumentsIdentify Maximum Tolerable Outage (MTO)and Minimum Essential Service (MES)Define the:Recovery Point Objectives (RPO)to what point in time you need to recover the MCARecovery Time Objectives (RTO)how quickly you need to recover the MCA
  19. 19. Recovery Management ObjectivesDefine RTO and RPOBackup to DiskReplicationRPO RTOWks Days Mins SecsHrs WksDaysMinsSecs HrsTape Backupwith Offsite StorageFail-Over/ReplicationBackup to DiskHow much data loss canyour business endure?Lost transactions = Lost businessHow much downtime canyour business endure?Time is moneyRecovery from Tape
  20. 20. Testing/ExercisesNeeds to consider different scenarios… Fire/flood impacting data centre Fire/flood impacting work area Data corruption Loss of broadband Loss of phones Supplier incidents
  21. 21. Critical Suppliers ID critical suppliers What would happen if they had an incident? Do they have a proven BCP plan? What alternatives exist?
  22. 22. Next Steps - Outline Process to put BC Plan in place Review current state of risks – ID gaps Prepare plan to eliminate gaps Document the plan Test/exercise the plan Annual Review or after major change
  23. 23. COFFEE BREAK
  24. 24. Continuity & TechnologyWhat are the top causes of downtime? Natural Disasters? Human Error? Hardware Failure? Software Failure?
  25. 25. Continuity & TechnologyTop causes of downtime: Natural Disasters 5% Human Error 22% Hardware Failure 55% Software Failure 18% Average Recovery Time – 30 HoursSource: Quorum. Q1 2013
  26. 26. Continuity & Technology 73% of downtime relates to InformationTechnology & Information Systems5%22%55%18%Natural DisastersHuman ErrorHardware FailureSoftware Failure
  27. 27. Continuity & Technology How do you calculate the cost of this to yourbusiness? Add: Employee Productivity Cost of Restoration Sales Lost Reputational Cost Online calculator available
  28. 28. Continuity & Technology Prevention is better than cure! Most downtime could be avoided- Prevent – Apply Best Practice & Maintain- Plan – Projects, Resources & Finances
  29. 29. Continuity & Technology Action Point’s methodology1. Identify the Risks2. Address the Risks3. Document4. Test
  30. 30. 1. Identify the Risks Technology StackApplicationsServicesData BackupOperating SystemsDR & BCVirtualisationServer HardwareTelephonyActive NetworkPhysical NetworkExternal NetworkPowerEnvironmentPhysical Security Access Control SystemData Backup to Offsite LocationVMWare or HyperVDell PowerEdge Servers & EqualLogic StoragePhone System, Handsets & HeadsetsUPS, GeneratorAir Conditioning / General LocationBusiness Applications, Databases, ServicesCabling & PatchingDell PowerConnect SwitchesData Replication System (to Secondary Site)Microsoft Windows ServerMicrosft Exchange, Office Applications, SQL, File, Print QueuesInternet / WAN / Firewalls / Interbuilding Links
  31. 31. 1. Identify the Risks Identify and catalogue the risks Catalogue the application services Are any pro-active maintenance routines needed? Establish the RTO & RPO of each This information dictates the minimumrequirements for protection: Is Backup sufficient? Is Continuity required?
  32. 32. 2. Address the Risks Bring existing systems in line with Best Practice Introduce Resilience where required Install software systems and hardware systemsas needed Update maintenance routines to ensure systemsare kept operational and that potential issues arepre-empted. Employ pro-active monitoring of key services.
  33. 33. 3. Document the Plan Document: Infrastructure Maintenance routines Procedures for Fail-over Keep it updated
  34. 34. 4. Test, Test & Re-TestTest!!! Your plan is only as good as the last test
  35. 35. Client Case Study: VoxPro Client since September 2010 Have grown from 100 to 400 staff Core Systems based on Dell Infrastructure Implementation Services from Action Point
  36. 36. Client Case Study: Chill Insurance Client since October 2010 Have grown from 40 to 200+ staff Core Systems based on Dell Infrastructure Implementation Services from Action Point