Data, stored digitally, has become critical to a business’s ability to function. However, major catastrophes — from fires to earthquakes to floods — can cripple hardware and put terabytes of a company’s data at risk, making it vital to have a business continuity plan in place to protect digital information.

“A business continuity plan is insurance for your data,” says Pervez Delawalla, president and CEO of Net2EZ. “It ensures that your business can sustain a disaster that affects your ability to access data at your main site.”

Smart Business spoke with Delawalla about data security and the role it plays in a business continuity plan.

What is a business continuity plan and how can it impact a business?

From a technology perspective, a business continuity plan is your strategy for resuming business following a natural or man-made disaster in as short a period of time as possible. Your plan should be based on the type of data you create on a daily basis, how it is being maintained and the amount of time your business can operate without being able to access it.

Business plans differ from company to company. But generally, if you can’t sustain being without access to particular data for more than a few minutes, that data is critical, and that plan will look different than plans that pertain to data you can live without for hours or days.

Business continuity can save a business even when there is no disaster. Accidental removal or deletion of certain data sets can be very damaging to a business. However, if you have a business continuity plan and regularly back up your data, you will have less reason to worry.

What are the elements of a business continuity plan?

First, determine how you will back up your data. Critical information should be backed up every hour. Less critical data can be backed up more infrequently.

Make sure data is being backed up and secured off-site so that, if you can’t get to your office, the data is available to you. Your backup site should be outside of your primary location.

Second, you need a plan to restore your data when things come back online. Test your off-site server to understand how much lag time there is until data can be restored and employees can start using it.

Third, outsource your primary server farm or infrastructure to an outsourced data center. Outsourcing your server to a data center means it is housed in a facility with multiple levels of redundancy designed to sustain power outages and has multiple, high-speed connections coming from diverse entrances so data can be accessed even if the fibers are cut in the street. You can use facilities such as these as your secondary server, no matter where your business is located. Then, if something happens, you will have access to your data.

When should a business continuity plan be implemented?

The minute you have critical data, you need a plan to back it up. However, with the economic downturn, many companies cut the aspects of their business continuity plan that dealt with data protection because it doesn’t get used until a disaster hits, and it is an easy area to squeeze the budget. Businesses are saying they have a limited budget and they have to continue to operate, so they will just deal with it when it happens. But by then, it is too late.

How does geographical diversity play into business continuity?

Consider what a disaster can mean to your operations and what your business can sustain in terms of cost. The farther your backup servers are from your primary site, the more it costs to transfer information from one place to another. Smaller companies could likely use a public connection to transfer data without incurring too much cost.

The farther away you keep your data, the more redundancy you can create with a solid plan. However, the more redundancy you create, the more costs increase. It is less expensive if you keep your data closer to your primary location, but it also increases your risk, for example, in the event of an earthquake or hurricane. But, ultimately, the question you should ask is, ‘How long can I afford to go without access to my data?’

Pervez Delawalla is president and CEO of Net2EZ. Reach him at (310) 426-6700 or pervez@net2ez.com.

Insights Technology is brought to you by Net2EZ

Published in Los Angeles

Hundreds of businesses were recently destroyed or severely damaged in the Joplin, Mo., tornado, and if statistics hold true, fewer than 20 percent of those will be up and running again within three years.

If that happened to your business, would you be in the 20 percent or the 80 percent?

“Too many business owners fail to obtain business interruption coverage, or, if they do have it, are surprised in a disaster to find it is not written to properly cover their needs,” says Parker Berry, an executive vice president with SeibertKeck Insurance Agency. “If your plan is not properly designed, you may find you don’t have the coverage you assumed you did.”

Smart Business spoke with Berry about how having the right business insurance coverage can mean the difference between rebuilding and going out of business.

What is business interruption insurance?

A business interruption occurs when you have a physical loss to your location. For instance, if there is a fire at your manufacturing plant, there will be a loss of income because you are no longer able make a product.

The insurance will pay for loss of business income, expenses such as moving to another location while the building is being rebuilt or repaired, and continuing to pay your employees until they are able to work again.

Business owners should look at it as disability insurance for the business itself.

What types of businesses need this insurance?

Most should at least have the extra expense piece of it. For example, contractors make most of their money in the field, but if they have office operations, and something happens to that physical location, they will still have those extra expenses, and some lost income.

With a manufacturer, restaurant or retail location, all revenue comes from the physical location. So there are certainly some classes of businesses that need it more than others.

How does a business determine how much coverage it needs?

There are formulas your agent can use to give you a good idea of the amount of coverage you need. Other businesses will use monthly multiples of sales.

For example, if you are a manufacturer that uses certain machines and they are destroyed, you’ll need to replace them. But there may be a six-month build-out time. You are never going to start loss adjustment from day one because you have to clean up and take inventory. Then you have to order new equipment and it’s a minimum of six months before it arrives.

Do you have a contingency plan? Is there disaster planning? How quickly can you replicate what you’re doing somewhere else? Those are all items for discussion when determining the amount of coverage.

Each business is different, and it’s an art to figure out the right number. This is why an experienced agent is critical when working through the process.

What questions should business owners ask their agent to make sure they’re getting the right coverage?

Are there coinsurance limits? Are there time limits? Is the coverage paying for a regular work force? Is it covering ordinary payroll — because if it’s not, your employees are not going to wait for you to start paying them again. Is it paying fixed bills like utilities and rent? For what length of time is the coverage?

The agent should be asking questions of the business, as well. While most businesses have some form of business income coverage, it may be poorly written because the coverage isn’t designed specifically for them, or the agent isn’t asking enough questions.

Without a true understanding of your business, the agent won’t be able to design the best coverage for your needs.

What other areas should a business consider when buying business interruption coverage?

You can have ordinance or law issues, or power interruptions. For example, an ice storm could cause a manufacturer to be out of business for weeks without power. Or if a restaurant loses water service, it’s out of business until that is restored. The building itself may not be physically damaged, but the business has sustained a business interruption loss.

There is also a form of contingent business income. Say you have a large vendor or client that is damaged by a fire. That can have an impact on your ability to do business.

Or you may have a retail business anchored by another large business that pulls in a lot of traffic. If that business is damaged and no longer operating, causing a loss of traffic and, as a result, income, you can recover that through dependent property coverage.

How can an agent work with a business to minimize the chances of a disaster and increase its odds of recovering if one does occur?

An agent can do a risk management audit, trying to find the weaknesses in coverage and where the company is weak in loss control. Risk management can help prevent bad things from happening, but if they do occur, it can help ensure you have the right coverage in place.

Business owners can do a lot to make sure that if a claim does happen, it will move quickly and in the way they want. If data are backed up offsite, they will be easier to recover than if everything is inside those four walls.

You will recover much more quickly if you truly spread your risk and have a disaster plan. If you lose your physical plant and don’t have a plan, it’s going to be a long road back.

Parker Berry is an executive vice president with SeibertKeck Insurance Agency. Reach him at pberry@seibertkeck.com or (330) 867-3140.

Insights Business Insurance is brought to you by SeibertKeck Insurance Agency

Published in Akron/Canton

Companies are discovering that high-performance connectivity is more than just plumbing; it also provides a competitive advantage. Connectivity is no longer just a business expense. It’s now vital to being competitive in today’s ever-changing world. Several trends are contributing to the demand for high-performance networks, including bandwidth-intensive applications, business disaster recovery and virtualized resources.

“Increasingly, organizations see employing high-performance network connectivity solutions as not just a way to cut expenses or reduce total cost of ownership, but also as a critical enabler of competitive advantage in the global economy,” says Mike Maloney, regional vice president, Comcast Business Services.

Smart Business spoke with Maloney about how connectivity solutions are affecting business performance.

Why is the right type of connectivity so important in today’s economy?

Demand for high-speed, high-performance connectivity solutions is increasing, fueled by growth in mobility that requires more bandwidth-intensive, always-on applications, and emerging technologies such as virtualization and cloud services. Remote workers expect the same functionality and performance on their mobile devices that they do on their desktop systems. These trends are driving new demand for scalable, reliable and secure network connectivity solutions. To meet this demand, IT professionals are showing a clear preference for Ethernet/fiber network solutions over T1, T3, frame relay and other networking technologies.

Business and IT professionals increasingly view high-performance connectivity as a strategic or transformational asset for their business — a significant change over two years ago. Part of the reason for this shift in perception is that organizations are developing a better understanding of the business and technology benefits of high-performance computing. Beyond just lowering connectivity costs — which remains an important consideration — high-performance networking can improve productivity, increase efficiency and enable new applications that improve customer service and help grow the business.

Surveys show Ethernet/fiber as the top-performing connectivity technology across all evaluation criteria, including reliability, ease of use/support, scalability and security.

Lowering total cost of ownership remains an important piece of network connectivity investment, but IT professionals are finding an even more powerful story: how high-performance Ethernet solutions can improve workforce productivity and connections to customers, suppliers and remote sites. Building a strong business case for high-performance network connectivity can help CIOs in their ongoing quest to reposition IT as a strategic enabler of sustainable business growth.

How are economic conditions affecting these vital upgrades?

Technology budgets have been tight over the past few years. Network connectivity investments, however, appear to be somewhat insulated from recent economic pressures. About 25 percent of businesses have increased investments in connectivity solutions during this time. The larger the company, the more likely it is to be spending on connectivity. Investments in Ethernet/fiber solutions are expected to increase in the near term. These investment dollars appear to be coming, at least partially, at the expense of T1 technology.

What is the best technology solution in today’s market?

As organizations embrace the potential strategic benefits of network connectivity, choosing the right high-speed solution becomes increasingly important. IT professionals use several criteria to evaluate connectivity technologies. Most professionals rate reliability, security, high availability and cost-effectiveness as critical or highly important evaluation criteria for network connectivity technologies.

Ethernet/fiber is establishing itself as a best-of-breed solution that meets all of these criteria — in some cases by a wide margin. Ethernet/fiber connectivity solutions are the most common technology choice for data centers today. An increase of Ethernet/fiber in the data center will come at the expense of T1, T3 and ATM/frame relay technologies, all of which are expected to decline in the next 24 months.

This is because Ethernet/fiber is the ideal solution to support data-rich and increasingly virtualized environments. It’s scalable, reliable and its secure architecture lends itself to the nuances of the current and future information technology environment.

How is the view of technology by senior managers changing?

Although cost management is still an important part of any IT department’s mindset, we’re also seeing signs that IT and business professionals are beginning to realize how technology can drive business performance. The majority of business leaders view network connectivity as either a strategic asset or a transformational asset. That wasn’t the case two years ago. With greater reliance on complex applications, the continued data explosion, and the growth of private and public clouds, organizations need to make smart investments in their infrastructure, including advanced network connectivity. Network connectivity has evolved from an operational necessity into something that actually enables business improvements.

Is there an example that illustrates how connectivity upgrades can save money?

At Eastern Bank, a Boston-based bank with 123 locations throughout New England, a switch from SONET to metro Ethernet network services in 2010 enabled it to shorten response times and deploy new applications that have improved customer service and enabled new-product roll¬outs across its contact center, ATMs and branches. The bank’s leadership estimates that the Ethernet network provides nine times the old network’s bandwidth at a lower price, saving the bank more than $75,000 annually.

Mike Maloney is regional vice president of Comcast Business Services. Reach him at Michael_Maloney@cable.comcast.com.

Insights Telecommunications is brought to you by Comcast Business Class

Published in Philadelphia

There’s been no shortage of threats to business continuity over the past decade; terror attacks, hurricanes and tornadoes are constant reminders of the need for a well-honed disaster recovery plan. But the era has also featured two devastating recessions and a rash of corporate downsizings, leaving executives with fewer resources to guarantee the timely restoration of critical business operations and databases.

“The events of the past decade have taught us that businesses must deal with disaster recovery in a pragmatic way,” says Kerwin Myers, senior director of product management at SunGard Availability Services. “Otherwise, companies may make critical mistakes and may never recover from a disaster. Conversely, overspending on disaster recovery can also pose a threat to your company.”

Smart Business spoke with Myers about how to ensure business continuity by taking a realistic approach to disaster recovery.

How have the events of the last decade impacted disaster recovery?

Executives seldom thought about disaster recovery before Sept. 11. Now, they recognize the need for planning, but restoring a network and recovering data require professionals with specialized skills, and the rigorous process often takes a back seat to day-to-day operations. Additionally, companies must now adhere to governmental regulations and industry mandates designed to ensure organizations develop business continuity plans.

What are the typical pain points that organizations face when recovering from a disaster?

Recovering from a disaster hinges on accurate and current disaster recovery procedures. Many organizations fail to recover or take longer to recover because these procedures are not accurate or not current. Production Information Technology environments are constantly changing. This means that an effective change management practice that includes a process for updating recovery procedures and recovery configurations is a crucial component to successful restoration. Changes in the production environment happen daily, impacting recovery. As a result, the recovery plan must be kept up to date with day-to-day production changes.

In many cases, organizations depend on the same staff for production and disaster recovery. This requires production to be redeployed to restore critical applications and data during a disaster. But the event may prevent workers from reaching the facility or inflict personal hardships or injuries that keep them from working.

Last, IT professionals spend most of the time maintaining and updating applications, so restoration efforts may be hampered by a lack of knowledge of restoration practices.

What are the key planning elements to help ensure a seamless recovery?

Recovery plans should be customized to individual businesses but should include these critical steps to ensure effective recovery.

* Create specific and sequential recovery processes and procedures. Employees need  clear procedures to restore critical IT services.

*Establish priorities. Some mission-critical applications and technical functions must be restored immediately to minimize financial loss. Consider cost/performance trade-offs, estimated recovery times and business needs when establishing post-event priorities.

* Close skill gaps. Staff members must take on specific roles and duties during recovery, but there’s no time for training once disaster strikes. Inventory the required skills to execute the plan and close gaps through training or by contracting with external providers.

* IT organizations must ensure production changes are being replicated in recovery configurations and procedures.

What mistakes may impede or prevent a complete recovery?

An outdated recovery plan can stymie recovery. Companies need to reconcile the plan with the changing technical configuration and update procedures and priorities to align with the business requirements on a quarterly or semi-annual basis, as recovery may fail if the plan elements aren’t  tested and refined.

Should all data be recovered in the same way?

Most data centers are a collection of new and legacy systems and applications from multiple vendors, which means all data can’t be recovered in the same way. For example, data from critical tier-one applications may be replicated on servers in other locations, which is expensive, but the investment practically eliminates down time after a disaster.

Applications that run in the cloud can be accessed from any location and the provider assumes responsibility for disaster planning and recovery. Tier-two apps could run on separate servers and are restored from tape backups or a virtualized environment.

How are virtualization and cloud-based solutions impacting backup and recovery processes?

The emergence of the cloud and virtualization has created new rapid recovery options at a better price point. Applications that run on Web-based platforms can be supported by third-party providers with hundreds of servers, so recovery can be as simple as switching to another site. The best providers take a holistic approach by considering the interdependency between legacy and Web-based applications and offer a comprehensive solution.

What should an IT manager look for in an outsourced disaster recovery service provider?

Beyond price and equipment, an IT manager should evaluate the following criteria.

* Experience and expertise in processes and procedures.

* Commitment and conviction backed by guarantees and SLAs.

* Track record. Has the firm been tested by a real disaster? Was the recovery successful?

* Testing and audits. A provider should conduct hundreds of tests and audits each year, so ask to review its documentation before committing.

Kerwin Myers is a senior director of product management for SunGard Availability Services. Reach him at kerwin.myers@sungard.com.

Published in Philadelphia

The importance of disaster recovery has not changed. However, the term itself and the impact a disaster can have on your business has changed dramatically, especially now that businesses rely so heavily on technology.

“Not too long ago, a disaster could simply be defined as inclement weather,” says Joe Hovancak, manager, Enterprise Ethernet Division, Comcast Business Class. “Today, the term takes on a whole new meaning.”

Smart Business spoke with Hovancak about the changing field of disaster recovery and how to be ready when disaster strikes.

How has disaster recovery changed and how can a business develop a recovery plan?

Today’s businesses are not limited to just natural disasters, such as floods, storms and fires. There are also man-made disasters like computer viruses, sabotage, negligence, software failure, power outages, gas or chemical leaks. Those factors all have to be encompassed in disaster recovery.

Conducting business today demands a much greater reliance on technology and communications solutions. Being without either of them is significant. That is why disaster recovery plans are now a fundamental part of business to protect a company’s sensitive information and production environments from catastrophic outages and ensure that your organization stays up and running, no matter the situation.

Businesses should start by identifying the business processes that are the most critical. Then, they must determine what the impact to the business would be if those processes were interrupted or failed. For example, how much would it cost your business if you experienced an outage? You have to consider lost revenue, time to recover, any impact to your reputation and your brand and, depending on your industry, even financial penalties for noncompliance with regulatory requirements such as HIPAA, PCI and SAS70 Type II.

Once you understand how a disaster can impact your business, then you can prioritize your business processes and begin to identify the means to maintain your uptime. So if you lose utility power, do you have a contingency plan in place to failover to a back-up power source? If you lose communications do you have an alternative communication provider contracted to re-route traffic? If you experience a denial-of-service attack, do you have a back-up and recovery solution in place to recover your data?

What steps should companies have as part of their disaster recovery plan?

Develop a business continuity plan to address events that cause disruption to your business. Review and revise the plan annually as changes to the business develop. Designate a company disaster recovery coordinator to develop and implement a corporate response and recovery plan along with a current contact list of all team members. Then, distribute that list to all employees. Outline how your critical resources, e.g. power, telecommunications and computer equipment, can be restored. Again, it’s crucial to identify your critical business services to include:

  • Communications — voice and data
  • Facility — power, cooling and security
  • Administrative, product and customer support

Ensure that you have a plan in place to keep those critical services functioning. Identify an alternate work location and administrative procedures, and media communications.

Some people create a recovery plan, but then never look at it again. You have to update, test and validate the plan regularly to make sure it works. If you have an alternate carrier to cover your communications, test the failover on an annual basis to confirm they can support current bandwidth requirements.

Make sure all departments are informed about the plan and receive necessary training.

Why is backing up communications important?

As leaders in the industry, Comcast’s Doak Field, senior director, Enterprise Fiber Services, and Steve Schmitz, vice president of Business Services, drive the message of delivering superior customer experience and assisting customers with growing their business. If your communications were interrupted or if your data were compromised, can you deliver superior customer service, achieve your growth  goals and recover critical files and applications? Not backing up your communications and data can adversely impact many parts of your business, from sales to customer confidence.

What can be done to prevent a complete shutdown of communications?

You have to develop, implement, update and test your disaster recovery plan on an annual basis to avoid the loss of communications. Understand your carrier network. When looking at a backup solution, make sure you invest in a true redundant network connection. For instance, your main network carrier utilizes a Tier 1 provider and your backup carrier is a company that may brand itself as a redundant carrier, but its network rides on the same Tier 1 backbone and it resells services. You may think you are on a redundant path, but if a disaster occurs and the Tier 1 provider is affected, both connections will go down.

Make sure your primary and failover connection is from a true redundant Tier 1 provider. Many companies still rely on legacy technology, but today everyone’s business is growing faster than the speed of T1s (1.544 Mbps). Today, private fiber optic networks are providing the reliability, security and faster speeds that companies are demanding.

When looking for a partner, make sure they provide high network availability, minimal latency and low packet loss, and that they have a self-healing, redundant core network architecture. Then, if there is a break somewhere there is a true redundant route to use. Also, look for manageable services that grow with your business and provide bandwidth in flexible increments from 10 Mbps up to 10 Gbps. And one of the most important elements is to ensure that your communications partner owns and operates their network from the first to the last mile. One great place to look for true network redundancy is Comcast Ethernet Business Services.

Joe Hovancak is a manager of the South Florida Enterprise Ethernet Division with Comcast Business Class. Reach him at (954) 514-8650 or Joseph_Hovancak@cable.comcast.com.

Published in Florida

If a disaster struck your company, could you recover? Do you have a place to store your data so it’s safe and accessible, and do you have a way to recover it after a disaster without bankrupting the company?

Investing in redundant infrastructure and hiring specialized staff to protect yourself is hard to justify in today’s business climate, especially when the rising cost of disaster recovery pushes other critical projects to the back burner. But the answer may be in the cloud, says Ram Shanmugam, senior director of product management for Recovery Services at SunGard Availability Services.

“Recovery in the cloud is offering customers reliable and cost-effective options to increase application availability,” says Shanmugam. “It’s no longer a matter of do you need higher application availability but how can you do it effectively and efficiently compared to traditional recovery models.”

Smart Business spoke with Shanmugam about the advantages of outsourcing disaster recovery to the cloud.

Why is the cloud advantageous?

Organizations require consistent and reliable availability of their recovery infrastructure to match the business value of their full range of applications and data. These range from mission-critical to less critical. Disruption and outages in the availability of mission-critical applications do the most damage to organizations financially and in terms of impact on quality of service, lost reputation and competitive advantage. To design and implement a recovery plan, the IT organization must determine the recovery point objective (RPO) and recovery time objective (RTO) for each mission-critical application. The RPO is the amount of down time and data loss the company is willing to sustain after a disaster, and the RTO establishes the timeline and priority for restoring critical business processes and applications. Finally, to meet the RPO and RTO requirements, the IT organization must invest in space, capital equipment and software, and hire experienced staff to replicate or back up data, then try to ensure recovery by executing rigorous testing protocols.

In contrast, cloud-based recovery offers a reliable and affordable alternative for achieving RPO and RTO requirements and ensuring higher availability for mission-critical applications. Cloud-based recovery solutions offer access to low-cost or pay-as-you-use recovery infrastructure, which can be provisioned on demand to recover mission-critical applications in the wake of failure events, with sufficient security and guaranteed performance.

What should executives consider before outsourcing disaster recovery to the cloud?

  • Cost savings is a significant driver.
  • RPO/RTO. Companies often forsake their RPO/RTO requirements because in-house solutions are cost prohibitive. The cloud offers the ability to significantly improve application availability in a cost-effective manner.
  • Reliability. The ROI of a recovery environment is in the reliability of its performance at the time of disaster. Compared to in-house solutions, managed cloud solutions offers higher reliability in recovery of mission-critical applications after failure events, with sufficient security and guaranteed performance.
  • Skilled resources. In-house recovery solutions require investment in talent to support the infrastructure. In contrast, the cloud eliminates the need for that investment, freeing up resources to focus on value creation.

Does migrating to the cloud create a loss of flexibility?

No. In fact, the cloud allows IT organizations to optimize their investment and resources by offering configurable options to meet the individual availability objectives of each application or business process.

IT organizations also have the flexibility to customize a cost-effective hybrid recovery environment by integrating cloud with dedicated internal infrastructure to support availability of large, complex applications and business processes.

What should CIOs consider when evaluating prospective partners?

Ask these questions to evaluate potential cloud partners when considering cloud-based recovery options.

  • Does it offer meaningful service level guarantees for recovery of mission-critical applications? Can it reliably recover mission-critical applications in the wake of failure?
  • Does it support heterogeneous computing platforms (e.g. Windows, Linux) and hybrid architectures that meet the recovery needs of the entire IT portfolio?
  • Does the staff have hands-on disaster recovery experience? Has it recovered from a disaster? Does it understand the entire disaster recovery lifecycle? Can it provide audit-ready test reports?
  • Can the partner support a broad portfolio of RPO/RTO requirements in its cloud solution? Does it provide options for high availability, as well as less critical applications, in a heterogeneous environment?
  • What is the range of options supported for moving data to the cloud? Does it use monitoring and automation tools to ensure rapid and effective response to failures?
  • Can the cloud partner handle your current and future needs? Can it expand and contract on demand, handle sudden growth or support large amounts of application data?
  • Can clients pay as they go?

Is data in the cloud secure?

A cloud partner should offer multiple levels of security and service options to fit your needs. For those concerned that some data are too sensitive for the cloud, despite security, they can use a private cloud, while selecting a shared cloud for everything else.

One size doesn’t fit all, so a cloud partner should offer a range of private, hybrid and physical environments to make sure your data is secure and can be recovered after a disaster.

Ram Shanmugam is the senior director of product management for Recovery Services at SunGard Availability Services. Reach him at ramanan.shanmugam@sungard.com.

Published in Philadelphia

If your business isn’t completely dependent on technology, then you are in the minority these days. Given this dependence, protecting your business from an IT failure should be at the top of your priority list.

“Having been in the IT business now for 16 years, I’ve seen my fair share of close calls and, unfortunately, my fair share of outright disasters when it comes to IT,” says Zack Schuler, founder and CEO of Cal Net Technology Group. “There are three particular disasters that stick out in my mind. In each of these three cases, the companies were taking nightly backups of their data, and they thought this was enough.”

Smart Business spoke to Schuler about how businesses can avoid these kinds of mistakes.

What are some of the worst disasters you’ve encountered?

The first case was a company that had a sprinkler break right above its servers. They were taking a daily backup, however, they left the tapes on top of the servers, and the tapes were drenched and basically unusable after the downpour. The server hard drives were sent to data recovery, and after several days the company was up and running again. Had the tapes been taken off site, the downtime would have been significantly less, though they still would have had a day or two of being down, which in most cases is not acceptable.

The second case was a company whose building burned down. Their current tapes were stored on site; however, they had an older set that was taken off site. After a painful data reconstruction process, and several months later, they were able to get back on their feet.

The last case was a company whose Internet went down for a week, due to a major telephone company issue that had their T1 down. This was their only connection to the Internet, and their business was highly dependent on e-mail, so this outage had a significant impact on their business. They lost a percentage of their revenue as a result of the outage.

Needless to say, none of the above companies were prepared for the type of disaster that they suffered, yet all of them were backing up their data. I’ve seen too many companies think that a simple backup of their data, whether it be to tape, disk, or the cloud (a.k.a., the Internet), is sufficient.

How can businesses avoid costly downtime?

Here are three important questions that you can pose to whoever manages your IT, and some tips that will get you one step closer to being truly prepared in case of emergency.

1. What is your plan in case of a lengthy Internet failure? The smart thing to do is to make sure that you have multiple connections to the Internet, over different mediums. Having a connection via a T1 and a DSL line is not a smart move, as they both traverse over the strands of wire. An Internet connection through a telephone company and another through a cable provider is the way to go. This requires some complex routing and firewall work in order to maintain a seamless connection, but all of that will be well worth it when one of the two connections goes down.

2. What is your plan in case of a physical site failure, such as a fire, earthquake, etc.? Something as simple as a long-term power outage in your building can be a lot more common than one would think. On more than one occasion we’ve seen a building lose power for several days, and companies basically send their employees home. We had a client who was prepared in this scenario. They sent their employees to work from home, as they had a hot-site set up that employees were able to connect to from home and continue on with their work.

3. What is your plan in the event of a major hardware failure? Even if your equipment is under warranty, if a particular part fails on a server, and the vendor is out of stock on that part, you could see some downtime. I’ve seen this happen more than once.  In this scenario, you should have a transition plan documented whereby you can easily move the data from this server’s backup over to another server, perhaps in a virtualized environment, to keep running.

What is the most common issue you’ve encountered with companies’ backup plans?

Perhaps the biggest overall error that I’ve seen companies make is that they don’t have any documented plan in place to recover from any of the above scenarios. Executives have been told that it’s all taken care of; their backups are off-site, and maybe they happen in real time up to a cloud provider utilizing state-of-the-art technology.

However, most companies simply don’t test their backups by going through a simulated failure. They assume that the backup is running, as they’ve been told. The No. 1 smartest action that you can take is to go through a simulated failure. Pretend that any of the above scenarios has happened, and try to recover from them. You’ll quickly realize that your IT department hasn’t thought everything through. Going through this exercise will be a great first step for them to figure out what they don’t know.

We assist IT departments with this type of work frequently, and we’ve never walked into a disaster recovery test whereby we didn’t make a tweak of some sort to make the plan better, thus more recoverable. Hiring an outside expert is certainly a great idea, but if you lack the resources to do so, another good move is to have one person in your IT department own the process of setting up the recovery plan, and then have another person in your IT department own the process of testing the recovery plan. If one person can test someone else’s work successfully, then you are well prepared.

Zack Schuler is the founder and CEO of Cal Net Technology Group. Reach him at ZSchuler@CalNetTech.com.

Published in Los Angeles

There’s been no shortage of threats to business continuity over the past decade; terror attacks, hurricanes and tornadoes are constant reminders of the need for a well-honed disaster recovery plan. But the era has also featured two devastating recessions and a rash of corporate downsizings, leaving executives with fewer resources to guarantee the timely restoration of critical business operations and databases.

“The events of the past decade have taught us that businesses must deal with disaster recovery in a pragmatic way,” says Kerwin Myers, senior director of product management at SunGard Availability Services. “Otherwise, companies may make critical mistakes and may never recover from a disaster. Conversely, overspending on disaster recovery can also pose a threat to your company.”

Smart Business spoke with Myers about how to ensure business continuity by taking a realistic approach to disaster recovery.

How have the events of the last decade impacted disaster recovery?

Executives seldom thought about disaster recovery before Sept. 11. Now, they recognize the need for planning, but restoring a network and recovering data require professionals with specialized skills, and the rigorous process often takes a back seat to day-to-day operations. Additionally, companies must now adhere to governmental regulations and industry mandates designed to ensure organizations develop business continuity plans.

What are the typical pain points that organizations face when recovering from a disaster?

Recovering from a disaster hinges on accurate and current disaster recovery procedures. Many organizations fail to recover or take longer to recover because these procedures are not accurate or not current. Production Information Technology environments are constantly changing. This means that an effective change management practice that includes a process for updating recovery procedures and recovery configurations is a crucial component to successful restoration. Changes in the production environment happen daily, impacting recovery. As a result, the recovery plan must be kept up to date with day-to-day production changes.

In many cases, organizations depend on the same staff for production and disaster recovery. This requires production to be redeployed to restore critical applications and data during a disaster. But the event may prevent workers from reaching the facility or inflict personal hardships or injuries that keep them from working.

Last, IT professionals spend most of the time maintaining and updating applications, so restoration efforts may be hampered by a lack of knowledge of restoration practices.

What are the key planning elements to help ensure a seamless recovery?

Recovery plans should be customized to individual businesses but should include these critical steps to ensure effective recovery.

  • Create specific and sequential recovery processes and procedures. Employees need  clear procedures to restore critical IT services.
  • Establish priorities. Some mission-critical applications and technical functions must be restored immediately to minimize financial loss. Consider cost/performance trade-offs, estimated recovery times and business needs when establishing post-event priorities.
  • Close skill gaps. Staff members must take on specific roles and duties during recovery, but there’s no time for training once disaster strikes. Inventory the required skills to execute the plan and close gaps through training or by contracting with external providers.
  • IT organizations must ensure production changes are being replicated in recovery configurations and procedures.

What mistakes may impede or prevent a complete recovery?

An outdated recovery plan can stymie recovery. Companies need to reconcile the plan with the changing technical configuration and update procedures and priorities to align with the business requirements on a quarterly or semi-annual basis, as recovery may fail if the plan elements aren’t  tested and refined.

Should all data be recovered in the same way?

Most data centers are a collection of new and legacy systems and applications from multiple vendors, which means all data can’t be recovered in the same way. For example, data from critical tier-one applications may be replicated on servers in other locations, which is expensive, but the investment practically eliminates down time after a disaster.

Applications that run in the cloud can be accessed from any location and the provider assumes responsibility for disaster planning and recovery. Tier-two apps could run on separate servers and are restored from tape backups or a virtualized environment.

How are virtualization and cloud-based solutions impacting backup and recovery processes?

The emergence of the cloud and virtualization has created new rapid recovery options at a better price point. Applications that run on Web-based platforms can be supported by third-party providers with hundreds of servers, so recovery can be as simple as switching to another site. The best providers take a holistic approach by considering the interdependency between legacy and Web-based applications and offer a comprehensive solution.

What should an IT manager look for in an outsourced disaster recovery service provider?

Beyond price and equipment, an IT manager should evaluate the following criteria.

  • Experience and expertise in processes and procedures.
  • Commitment and conviction backed by guarantees and SLAs.
  • Track record. Has the firm been tested by a real disaster? Was the recovery successful?
  • Testing and audits. A provider should conduct hundreds of tests and audits each year, so ask to review its documentation before committing.

Kerwin Myers is a senior director of product management for SunGard Availability Services. Reach him at kerwin.myers@sungard.com.

Published in Philadelphia

disaster recoveryNearly every business relies heavily on technology, with critical operations and processes that are dependent on information technology (IT). But if disaster strikes, how can a business ensure that it stays up and running to remain competitive in the marketplace?

The answer is a comprehensive business continuity plan, which every business should have in place, says Derek Dalton, a sales engineer for Time Warner Cable Business Class.

“Not long ago, business continuity required millions of dollars in redundant systems, facilities and bandwidth,” says Dalton. “Now, more cost-effective solutions have been introduced, helping organizations ensure that their business will always be up and running.”

Smart Business spoke with Dalton about how to craft an effective business continuity plan.

What is business continuity?

While business continuity and disaster recovery work in tandem, they are separate and distinct disciplines. Disaster recovery refers to the protocols and procedures that an organization follows to activate backup servers and alternative facilities should an unforeseen event disable critical IT systems. When most people think of disaster recovery, they think of natural disasters or terrorist attacks, but something as simple as a broken water pipe, tripped circuit breaker or computer virus can constitute a disaster for a business and thus require a recovery plan.

Business continuity extends the concept of disaster recovery to reflect the processes and procedures that organizations put in place to ensure that critical business functions continue, despite an event that disrupts normal business operations. This can be as simple as identifying alternate resources when employees are unable to work, or as complex as recovering servers and mainframes with network backups in the event of a system failure.

Why is business continuity so important in today’s business world?

Business continuity means your company stays up and running, no matter what happens. And with today’s businesses relying heavily on the Internet and other technologies, constant connectivity is vital.

Forrester Research reports that 76 percent of companies experience at least one disruption in any five-year period, and that 27 percent have to declare at least one disaster, meaning mission-critical IT systems were disabled long enough that recovery procedures had to be executed. It’s not if a disaster will strike, it’s when it will strike and how you will be able to deal with it. And, according to the Meta Group, one hour of systemwide downtime, depending on the company, can cost a business from $330,000 to $2.8 million.

It is important for business owners and IT staff to identify potential risks, figure out the costs of downtime, choose the most effective technology and work together to implement recovery services. These calculations fall into direct costs and indirect costs.

A direct cost could be the amount of business lost if a network experiences an outage. If the system handles a certain amount of business every hour, the organization can know exactly how much an hour of downtime will cost.

Indirect costs are no less important. For example, what would the cost be to a company’s reputation or relationships should a disruption render customer service or supply chain management systems inoperative? What might the penalties be if the company’s financial or customer data systems were compromised?

Awareness and qualification of these cost factors highlight how companies that have effective business continuity plans can quickly recover from system outages, which can be a competitive advantage and an opportunity to take revenue and market share from companies that cannot.

How do cable Multiple System Operators (MSOs) tie in to business continuity?

Organizations seeking to implement business continuity plans recognize cable MSOs as reliable and cost-effective alternatives to traditional telecommunications providers. Because cable MSOs operate over one network, their infrastructure offers advantages such as security, scalability and the ability to support multiple communication solutions.

Cable MSOs deliver availability and redundancy. Because their networks were designed to provide bandwidth-intensive video services to broad areas, cable operators can offer high-bandwidth services regardless of a premise’s distance from a central office. This access to reliable connectivity allows even rural backup sites to be incorporated into business continuity plans and ensures that employees telecommuting can access the same resources available from headquarters.

Cable MSO infrastructures are independent from traditional telecommunications companies. They can provision services with their own resources, delivering new services more rapidly than many traditional telecommunications providers, an important capability in an emergency, when time is critical. They also provide the important alternative routing component of a business continuity solution, as the networks are separate from traditional telecommunications providers that may share common infrastructures.

How are telecommuters protected by business continuity plans?

A key to a comprehensive business continuity plan is ensuring that employees can work remotely in the event of a disaster. This includes telephone and broadband Internet to facilitate communications between employees and management and provide access to enterprise applications. Because the technology is not distance sensitive, cable broadband options offers scalable Internet access options, up to 10 Mbps of throughput speed, allowing you to connect to a virtual private network for enhanced communication and collaboration, with bandwidth to facilitate videoconferencing and database file transfers. Solutions include scheduled backup of desktop files to off-site, secure storage, with backed-up files available from any desktop computer, allowing employees displaced by an emergency to work from any location.

Derek Dalton is a sales engineer for Time Warner Cable Business Class. Reach him at (614) 255-2762.

Published in Akron/Canton