Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Will You Be Prepared When The Next Disaster Strikes - Whitepaper


Published on

Improved Business Continuity for Your Critical Applications and Services.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

Will You Be Prepared When The Next Disaster Strikes - Whitepaper

  1. 1. 1WhitepaperWILL YOU BE PREPARED WHEN THE NEXTDISASTER STRIKES?In a perfect reality, “application and service availability” would be ameaningless term. All business services would run as reliably as the planetsorbiting the sun.In our reality, unfortunately, such is not the case. Organizations know that it’snot a matter of if operational events or disasters strike, but when — and howwell they’ll respond to mitigate the business impact.Operational problems such as logical corruption, human error,misconfigurations or security events, and natural disasters can all causeunwanted downtime. Of course, unpredictable, catastrophic hardware andsoftware failure is also possible in any IT infrastructure.Application and service outages translate not only into substantial businesscontinuity challenges and lost revenues, but they also affect the organization’sreputation with corporate stakeholders.As an example, when Superstorm Sandy hit in October 2012, impacts inthe United States were widespread. At least 650,000 houses were eitherdamaged or destroyed as a result of the cyclone, and about 8.5 millioncustomers lost power as a result of Sandy or its remnants, with power out forweeks, and even months in some areas. Severe damage to small businessesoccurred in New Jersey, with nearly 19,000 businesses sustaining damage of$250,000 or more, and total business losses estimated at $8.3 billion.1However, a regional disaster is only one type of event that impacts downtime.According to a recent IDC study on business continuity2, the greatest threatscame from power outages, security, and telecommunications failures. In fact,a near majority of users surveyed said that in the past 12 months, they had toinitiate an application or data recovery, while only 10% indicated they had toactivate a data center recovery and only 6% experienced a facility loss.When disaster strikes, will your critical applications continueto run?IMPROVED BUSINESS CONTINUITY FOR YOUR CRITICALAPPLICATIONS AND SERVICESSuperstorm Sandy -October 2012• 8.5 million customers lostpower• Power out for weeks,and even months insome areas• Severe damage to smallbusinesses in New Jersey• 19,000 NJ businessessustaining damage of$250,000 or more• Total NJ business lossesestimated at $8.3 billionFuture - More FrequentExtreme Hurricanes3• Frequency to increase10 times in comingdecades• Chance of Katrinamagnitude hurricaneshave doubled• Could see a Katrinalevel hurricane everyother year• Storm surges willbecome worse andpotentially moredestructive
  2. 2. 2WhitepaperTime is money — and downtime is lost money. This is why disasterrecovery is an important element in business continuity planning fororganizations of all sizes in all industries.So the questions are: What do you need to protect when the nextdisaster strikes? How will you prioritize, allocate resources, and bringback services in the sequence that will yield the best business outcome?And what’s actually involved in the process of recovery?Following any sort of disaster, most businesses would certainly want torestore the following:However, every business has different applications and infrastructure,different goals, and different priorities. It follows that every business willalso need a custom disaster recovery strategy to restore some or all ofthe above elements most effectively, given its particular context.Best results stem from a tailored disaster recovery strategythat reflects the organization’s unique business goals andrequirements• Essential IT applications. E-commerce, business applications,collaborative platforms such as email, customer relationshipmanagement, enterprise resource planning, and accounting.• Structured data. Core databases required for applications/services to function.• Unstructured data. Word processing documents andspreadsheets.• Network services. Responsible for critical business events suchas operations management, collaboration, marketing, sales, creditcard processing, and access to shared or cloud services.• Security. Identity and access management, firewalls, PCIcompliance, and other industry compliance.• Voice services. Customer care, call centers, and internalcollaboration.More than NaturalDisasters• 100% of organizationshave experiencedapplication and data lossover the past year 6• 78% of lost data wascaused by IT systemsfailure 6• Greatest threats frompower outages, security,and telecommunicationsfailures2
  3. 3. 3WhitepaperIn restoring IT services in particular, there are not only different domainsand resources to consider, but also fundamentally different methodologiesthat can be used to do it — measured in different ways.Two common metrics to use in assessing disaster recovery solutions are:The expected cost of disaster recovery tends to vary based onperformance. As a general rule, then, the shorter the time to recoverfrom a disaster, the higher the associated costs will be.To illustrate this point, let’s consider in the abstract four different ways anorganization might go about recovering from a disaster that affects ITservices.In developing a Disaster Recovery strategy, weigh businesspriorities and recovery times against expected costsFour common methods to restore an IT infrastructure• Recovery time objective (RTO). How long following a disaster doesit take to restore a service to acceptable performance? Accordingto an IDC study2, 43% of firms said their most mission-criticalapplications had an RTO of two hours or less.• Recovery point objective (RPO). The maximum amount of downtime,potentially resulting in irrecoverable data loss, that can be toleratedfor any given service. The idea is to ensure that the real-worldrecovery time is equal to or less than the RPO for the recovery of allservices. According to the same IDC study2, 43% of firms indicatedtheir most mission-critical systems had an RPO of no greater than 59minutes.Physical colocationThe most rapid recovery would come from completely recreating thatinfrastructure — literally building a duplicate of it, and keeping thatduplicate perpetually up and running in an alternate location. If disasterstrikes, the duplicate infrastructure can serve as an immediate failover.This approach is, for many reasons, the most expensive option. It requiresduplicates, not just of data and software, but also of hardware, such asphysical servers. Prior to the advent of virtualization, physical colocation,despite its costs, was essentially the only option for organizations thatwanted the fastest possible recovery from an unpredictable disaster.This option is best suited to organizations that can’t afford even a fewminutes of downtime and are less cost sensitive to the solution.Recovery TimeDisasterrecoveryCostsCan You Afford aDisaster?• 43% of companies thatexperience a major dataloss do not reopen 4• 80% of companies that donot rebound from a dataloss within one month arelikely to go out of businessin the near future 5• 51% of companies are outof business within two yearsof experiencing a majordata loss 7The shorter the time to recoverfrom a disaster, the higher theassociated costs.
  4. 4. 4WhitepaperContinuous data and applications replicationStill less expensive, and arguably the most practical option for manyorganizations, is a policy-driven scheme that replicates the organization’sdata and applications on a real-time basis in a virtual environment and canbe rapidly and accurately recreated, in a service provider’s cloud, based ona pre-configured contingency plan.Since this failover infrastructure is not already up and running, it does requiresome time to create. But the use of automation and virtualization makes theprocess relatively quick. New virtual servers based on pre-configured designscan be created and provisioned in just a few hours.Further, because it’s entirely driven by software, the sequence of the failoverprocess can easily be tailored to suit an organization’s business contextand requirements. This means it’s relatively easy not only to align the overalldisaster recovery strategy with an organization’s specific priorities, but also tokeep it in alignment over time, as circumstances change. And the closer thealignment, the better the business outcome it will deliver.For organizations that can tolerate up to a four-hour RTO, this may be themost cost-effective option.Data backupFinally, the least expensive option involves simply backing up data. Shoulddisaster occur, services can be restored as quickly as the organization is ableto bring servers back online and restore network connectivity.The time required to do all this will be longer than the other options,but may be the most cost effective, if a variable RTO based on theirown policies is acceptable.Virtual colocationSignificantly less costly is the virtualized version of the same idea. Here,too, the infrastructure is duplicated and is perpetually up and running — thedifference is that it’s running via virtual servers, not physical servers.Typically, these are hosted (the underlying hardware is owned, monitored,and managed) by a third-party service provider. Essentially the same benefitsof the prior solution are delivered, except that instead of requiring large initialcapital expenditures, all costs are operational, and can therefore be adjusted,or even eliminated, at will.This option is also best suited to organizations that want to minimize downtimeand are looking for the most economical solution.Methods to Restore anIT Infrastructure• Physical colocation• Virtual colocation• Continuous data andapplication replication• Data backup
  5. 5. 5WhitepaperEarthLink offers all four of the IT recovery methods, from full hardwarecolocation all the way down to relatively simple offsite data backup. Thisdiversity of options allows you to choose whichever method best fits yourgoals, priorities, and budget today, and if your situation changes, to simplyswitch to another method. All of these options are hosted in an EarthLinkSSAE 16 compliant data center.One particularly compelling option you might want to consider is continuousdata and applications replication of IT infrastructure with EarthLink CloudDisaster Recovery service. This allows you to recover not just data, but alsoapplications and operating systems — entire servers. When ordering thisservice, you preconfigure all the logical resources you’ll need during failover,such as CPU and RAM, and you won’t be charged for them until you actuallyuse them.IT infrastructure recoveryAs you develop a disaster recovery strategy, another important factor toconsider is the practical coordination of the recovery process.If you work with multiple providers that address different IT domains or businessservices, you may have to orchestrate their activity to ensure that stated servicerecovery times meet expectations. But if you choose a single trusted partnerwith a broad portfolio of disaster recovery solutions and configuration options,no such orchestration is needed.EarthLink can be that trusted partner. EarthLink’s suite of recovery capabilitiescan be combined and configured to fit the needs of almost any organization,respond to almost any type of disaster, and restore almost any type ofbusiness service or IT domain.EarthLink can provide the comprehensive, unifiedrecovery capabilities you need to restore key servicesfollowing a disasterThe best solution for any organization is a balance of IT costs versuscosts of the potential downtime risks. Risks can be measured in terms ofthe potential negative business impact, whether that’s measured by lostrevenues, the decline in average customer satisfaction, brand strength, orin other ways.Summary of methodsWhat are Your MissionCritical Systems?• IT Applications• Voice Services• Email• Databases• Call Centers• Online Store• Order Entry• Invoicing• Remote Access• Firewalls
  6. 6. 6WhitepaperFor most types of data backup, EarthLink Cloud Server Backup is a goodsolution. Using a simple, intuitive desktop agent with a small footprint, or theWeb-based interface, you can back up data from all common operatingsystems to our data centers.Cloud Server Backup secures your data with 256-bit AES encryption,provides extensive reporting and alerts, and tracks the status of all backups,providing daily email confirmations of successful backups.No data is as mission-critical as your core databases, and these too canbe easily backed up to EarthLink’s cloud environment. EarthLink supportsMicrosoft SQL Server 2012, which includes advanced High Availabilityfeatures that are designed to improve the uptime and performance of alldatabase-driven services.Using SQL Server, redundancy both within and across data centers issupported via logical groups and clusters — and failover time to an alternatecopy, should a primary copy become corrupted, is significantly reduced.EarthLink’s MPLS (Multiprotocol Label Switching) network delivers businesscontinuity benefits for our clients. For instance, should link failures or networkcongestion occur at a given location or network segment, traffic is divertedvia alternate paths to take the shortest route to its final destination.Additionally, with EarthLink’s broad portfolio of access options, customerscan design their network utilizing cost-effective backup options like ADSL withClass of Service and Wireless Data — all integrated into one router andmanaged by one provider for efficient fault identification and failover.Data recoveryDatabase recoveryNetwork Service RecoveryFailover time is under four hours, and could be less, based on your particularinfrastructure, since data is continuously backed up to EarthLink’s cloud priorto a disaster rather than just at periodic intervals, you will not lose any data,and your restored servers will be completely up-to-date.Post-failover, you have multiple options. You can use EarthLink’s cloudtemporarily until the original infrastructure is fully restored, or you cancontinue to use EarthLink’s cloud as a primary IT infrastructure indefinitely.Disaster RecoverySolutions• IT InfrastructureRecovery• Data Recovery• Database Recovery• Network ServiceRecovery• Security Recovery• Voice ServicesRecovery
  7. 7. 7WhitepaperThis access portfolio is also ideal when implementing backup networksutilizing separate carriers. The EarthLink blended access portfolio can be usedto provide backup connections at your locations and can take the low-prioritytraffic off of your primary MPLS network when the site isn’t in failover mode —extending the useful life of that network and providing a cost-effective backupoption as well.EarthLink Secure Remote Access is also directly applicable to disasterrecovery. This offering provides authentication using 256-bit AES encryption,granting secure access to key applications and resources to IT staff fromalternate locations, and using any computational platform, following a disasterin which primary workplaces are rendered inaccessible.How can business services best be secured during a disaster, beyond justsecure access to them? EarthLink’s cloud-based Hosted Network Securityprovides firewalls at both network and data-center levels.With this solution, MPLS networks can be protected against a broad array ofboth inbound and outbound threats — all managed in a centralized fashion,even when there are multiple MPLS networks and geographically separatesites or team members using them.EarthLink’s disaster recovery suite also supports the swift and effectiverestoration of voice services in a few different ways.EarthLink Hosted Voice is a full-featured, IP-based PBX solution — thisessentially eliminates any need for an organization to purchase or maintaina PBX of its own by migrating PBX functionality to EarthLink’s secure, cloud-based environment. Because the offering is IP-based, it can be accessedanywhere team members have an Internet connection — perfect for post-disaster scenarios that might require physical relocation. Further, from theperspective of outbound call recipients, nothing will have changed; thesolution is completely business-transparent.EarthLink SIP Trunking and PRI solutions generate new value from anexisting PBX by allowing you to integrate voice traffic from multiplelocations into a central site with a SIP trunk. EarthLink Business providesoptions to customers so that they can be prepared if a disaster shouldoccur. Calls will automatically be made via a secondary route option, andorganizations can obtain instant failover for voice services, configurable witha variety of routing options.Security recoveryVoice service recoveryEarthLink DisasterRecovery Services• Cloud DisasterRecovery• Cloud Server Backup• Hosted Voice• SIP Trunking and PRI• Secure Remote Access• Hosted NetworkSecurity• Microsoft SQL Server2012• MPLS Networks
  8. 8. 8Whitepaper“If the data center was inthe New Jersey office, wewould have been in bigtrouble,” said Bob Serchuk,Ciao Bella controller.“With Cloud Hosting, ournationwide sales reps,distributors, customer service,warehouse, and productionin Oregon all kept running.”©2013EarthLink,Inc.Trademarksarepropertyoftheirrespectiveowners.Allrightsreserved1071-07053.Surviving Superstorm Sandy: Ciao BellaUntil recently, Ciao Bella—a New Jersey-based dessert company—hada nationwide team that utilized services provided by a central data center.In recent years, however, Ciao Bella had concluded that its data centerwasn’t able to scale adequately to support growth. Following an analysisof the available alternatives, Ciao Bella executives decided to virtualize thedata center entirely—migrating all central services to EarthLink Business’scloud environment.In October 2012, that decision proved particularly important from a disasterrecovery standpoint when Hurricane Sandy struck, forcing countless localbusinesses to close for extended periods and creating a significant financialbusiness impact.Because Ciao Bella had migrated to the EarthLink cloud, however, it wasbusiness as usual.“If the data center was in the New Jersey office, we would have been inbig trouble,” said Bob Serchuk, Ciao Bella controller. “With Cloud Hosting,our nationwide sales reps, distributors, customer service, warehouse, andproduction in Oregon all kept running. When we chose Cloud Hosting,disaster protection was not a big part of the reason, but now we’re veryglad we went that route.”The total costs of a service outage can be devastating, from both businessand public relations standpoints. But what’s the best disaster recoverystrategy for you?EarthLink Business, which offers a full suite of recovery capabilities, can bethe one-stop solution your organization needs. Design the disaster recoveryprotection required to improve business resilience — spanning voice, network,data, and IT infrastructure — to proactively mitigate the total impact of adisaster and restore your business services rapidly.SUMMARYEmail:getinfo@earthlinkbusiness.comCall:1-877-355-1501Visit:www.earthlinkbusiness.comTo learn more about howEarthLink can help yourorganizationSOURCE1. Tropical Cyclone Report Hurricane Sandy (AL182012)2 IDC, The State of Business Continuity in End-User Environments in 2011, doc #227783; April, 20113. Proceedings of the National Academy of Sciences: 3/18/134. DTI/Price Waterhouse Coopers5. Bernstein Crisis Management6. CA Technologies survey 12/20117. University of Texas Center for Research on Information Systems