Recommended
More Related Content
Similar to Data Center Qualitative Readiness Sample Post
Similar to Data Center Qualitative Readiness Sample Post (20)
Data Center Qualitative Readiness Sample Post
- 1. Data Center Qualitative Readiness The Degree of Readiness By Richard A. Jurado, CBCP 2010 - 2012 PRESENTATION SAMPLE ONLY
- 2. The Cost of Disasters Forrester Research $6.2 Billion Inc., and CRED from Tornadic damage survey Activity - USA $41.2 Billion 2009 • $102.6 billion economic @ damage worldwide 335 Disasters • $41.2 billion economic 4 Yrs $88.7 Billion damage USA $10.8 billion 2008 China $5.2 billion France $3.2 billion Annual Avg’s $102.6 Billion NOAA 29 Yr Reports @ 392 Disasters • Missouri Extreme Heat 2000 Data is attracting attention Forrester Research, Business Continuity and Disaster Recovery Are Top IT Priorities for 2010 and 2011, Sept 2, 2010
- 3. 2008 -2010 Preparedness, Security, & Crisis Communication Survey Public/Private Sector Top Concerns Influences on Preparing and Planning 2009 2008 80% 40% 0% Disasters Damage (fire, Pandemic Failure/Power Physical Leak/Chemical Data Center Data Breach Cyber Attack Labor Dispute Security Disruption Natural Structural Telecom Outage water) Spill Gas Common Threat Sources Data provided by Varolii Corporation, 2008 – 2009 and 2009-2010 Preparedness, Security, & Crisis Communication Survey
- 4. Degree of Coverage What we can do: What we cannot do: Deter Common Threats Predict Occurrence of • Two “Nines” Recoverability Catastrophic Threat State of the Art • Little to None Recovery redundancy features Focus • Preventative/Reactive Controls Available Assess Value of Loss Alternate Recovery Site Revenue Mitigate Vulnerabilities • Cost/Benefit Analysis • Broke/Fix controls at the • Return on Investments vs. ready Loss Tolerance Data Centers, Alternate • 52% of critical services Sites, are DR prepared/ready Equipment/Hardware Business Expectations Increase Pool of Business Continuity Plan Readiness
- 5. Protection What’s Being Protected: The Cost of Protection: Minimize 1/10th of Annual Consequences Revenue • $12.6 billion annual • Data Center operating revenue (2010)* cost $11.6 mil. • “The Balance” Values Recovery Site - $2.1 Customer Satisfaction mil. Reputation (Culture Data Center operations Compass) - $ $9.5 mil Product Growth • 52% of Services Profitability Recovery Ready 2/10 of Annual • Productivity against Revenue after disaster adversity recovery implementation * Projections from organization financial statement
- 6. Protection Against Adversity Minimize Consequences DC Operating Cost 1/10 of Revenue Primary Recovery 2/10th of Revenue - Center Daily Operating Cost after Implementation of Primary Data Center Recovery Pr n Secondary Data Center tio of ita ta pu bi $12.2 lit Re y Billion 52% Service Recoverability Revenue The Balance Productivity Core Values Customer Satisfaction Growth What’s Being Protected?
- 7. Threat Tolerance and Sustainability Common Threat Source < 4 Days • Operational Disruptions Power Outage Preparedness Network/Telecom Preventative/Reactive Controls Maintenance • Human Local Broke / Fix (BF) Recovery Cyber Attack/Data Breach 52% Disaster Recovery Plans Physical Security • Natural Recovery Site All other DC’s Tornado Flooding Heat wave Fires Unprepared Earthquake (low grade) Catastrophic Threat Source Lack or Limited Controls • Terrorist Beyond Local B/F Functionality • Biological 48% Non DR Plans • Nuclear (Dirty Bombs, Reactors) Recovery Site All other DC’s • Industrial/Chemical Accidents • Earthquake (high grade) > 7 Days
- 8. Data Center Sustainability Matrix Recoverability Extended 99.99 % or 99.9% or 99% or 98% or < 52.5 Min’s < 8.75 Hrs < 3.65 Days > 7 Days Customer Satisfaction Alt. Reputation Catastrophic Production Growth Protection – “The Balance” Values Profitability 1st Limited - No Controls to Counteract 2nd Data Center Sustainability Customer Satisfaction Alt Reputation Natural Production Growth 52% Plan Readiness 1st 2nd Customer Satisfaction Reputation Human All DC’s + Alt. Customer Satisfaction All Broke/ Fix Internal DC’s $ $$ $$$ $$$$ = One off supportability Cost of Outage
- 9. Questions Thank you
Editor's Notes
- We often ask ourselves “what degree of readiness are we at to circumvent threats against our organization?” This question is the most challenging for BCM SME. What we attempt to provide you today is just a short assessment to answer that question.
- First we need to examine a snapshot of economic affect caused by disasters. A research analysis by the Forrester Research firm, reviewed data complied by the Centre for Research on the Epidemiology of Disasters (CRED) stressing that, “we are now beginning to understand the economic impact of disasters and events”. Between 2000 and 2008, an average of 392 disasters per year resulted in an annual average of $102.6 billion in economic losses (Worldwide) In 2009, the average has reduced slightly, but the economic dollar loss still remain high, especially for the US – noting $6.2 billion economic loss due to tornado activity. Further, the National Oceanic and Atmospheric Administration (NOAA) cites a 29 year period report covering 1980 – 2009, showing $88.7 billion in damages due to extreme heat/drought in the state of Missouri for 1988, 2002, 2005, and 2007. Numerous entities (government, non profits, organizations, media) are being drawn to information provided by authoritative resources and recognizing the affects disastrous events have within the business environment.
- From a granular perspective, our business constituents are focused on the most common threats in which to induce Business Continuity. The Varolii Corporation conducted an industry survey in 2008 and 2009 to discovery what influences effects or are being addressed within the business environment. (Industry respondents – 415 to 727 with a varying percentage of employee base.) For comparison to a typical organization, 19% to 21% (1000 to 5000 employees), 11% to 12%(20K employees) and 30% to 43% with more than 20 locations) While Natural Disasters continue to be on the mindset of business as the key disrupter of operations, what has dynamically changed in one year is the addition of Pandemic and Cyber Attack awareness. Natural Disasters, Structural Damage, and Physical Security concerns remain somewhat static, while Data Center Disruptions, Power Outages, and Security Breach have reduced by an average of 22%. The survey data offers an great illustration that having data center management and controls in place increases their operational stability . However, Natural, Structural and Physical elements still remain a high level concern to be continuously addressed.
- With that in mind, let us ask ourselves the Degree of Coverage: “What we can do”, and “what we cannot do” WHAT WE CAN DO Using authoritative data on common threats for the US and UK that focused on our primary concerns for data center operations, we recognize that we have controls in place, state of the art data centers and alternative recovery services to establish recovery status of less then 4 days or 99% achievable recovery. Vulnerabilities are mitigated utilizing “broke/fix” approach plans that are “at the ready” with many high-level systems, including a 52% system readiness that have comprehensive DR plans WHAT WE CANNOT DO However, we have not been able to calculate or provide stable analysis of catastrophic events and our strength in recovery. We have not been able to calculate the cost/loss analysis acceptable by the organization, as well as the business expectations We cannot imposed extensively to the organization to increase its BCDR plan readiness and an adoptive culture or policy
- LAYER OF PROTECTION Yet, what we offer is some layer of protection to minimize the consequences towards the organizations multi billion dollar revenue We can offer some layer of protection to the core values of the organization This layer of protection provides a safeguard (in a minimal degree) to productivity verse adversity The cost of protection! = a mere fraction of the revenue cost. With at least 52% of services ready, the protection in place could achieve a greater percentage of revenue recovery than not having any protection at all.
- Yet, what we offer is some layer of protection to minimize the consequences towards EHI multi billion dollar revenue We can offer some layer of protection to the core values of EHI This layer of protection provides a safeguard (in a minimal degree) to productivity verse adversity The cost of protection! = a mere fraction of the revenue cost. With at least 52% of services ready, the protection in place could achieve a greater percentage of revenue recovery than not having any protection at all.
- We have assessed, based on the common threat sources, that with the existing controls and plan readiness in place the data centers and alternate sites can achieve at least a recovery within the established service level agreement policy guidelines. But this does not mean all systems or applications will be fully functional, since 48% of the organizations systems still lack disaster recovery plans and local broke / fix recovery plans. Also, in the event of a catastrophic event, we lack specific controls or influence over these events. However, with the use of the our “state of the art data centers”, we foresee at least some available functionality, in some form of “ad hoc” recovery.
- In summary, the following matrix provides the overall view of our data centers readiness and its protection it offers based on the level of recoverability. However, there are cost and supportiveness involved to move beyond what we can achieve now. The question remains “what degree of readiness are we comfortable with to circumvent threats against our organization?”