Printer Friendly
The Free Library
14,716,803 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Balancing the needs of data storage and business continuity.


Ever since documents became an integral part of business, preserving valuable records and documentation in the event of an accident have been a vital part of assuring that a business can continue to operate after the event. Today with businesses dependent on digital systems shared among employees, customers, and suppliers, and often updated in real-time, the risks have become much more complex. This increase in complexity is compounded by the increasingly large volumes of information that businesses access, hold, and depend upon to perform their activities. If these two factors were not enough, all businesses are faced with the increasing rate of change inevitable in a technologically-led society. Many companies today do not have the experience of managing the data security of a newly introduced mobile workforce, for example. Change always introduces uncertainty of outcome and thus risk, making it yet more difficult to pinpoint the risks to a business' data and information.

Despite these impediments IMPEDIMENTS, contracts. Legal objections to the making of a contract. Impediments which relate to the person are those of minority, want of reason, coverture, and the like; they are sometimes called disabilities. Vide Incapacity.
     2.  to a clear view of the risks to data and information, it is critical that these risks are understood if a good business continuance The adjournment or postponement of an action pending in a court to a later date of the same or another session of the court, granted by a court in response to a motion made by a party to a lawsuit.  management regime is to be established: certain business processes may initially be able to run without access to data, but in the long run, not having constant access could be severely detrimental det·ri·men·tal  
adj.
Causing damage or harm; injurious.


detri·men  to the business, sometimes to the point where it can no longer function.

Whereas most organizations categorize cat·e·go·rize  
tr.v. cat·e·go·rized, cat·e·go·riz·ing, cat·e·go·riz·es
To put into a category or categories; classify.


cat  certain core processes as critical, the actual risks they expose themselves to through these processes are often not considered carefully enough. The business may recognize that its livelihood depends on that process, but may not necessarily consider all the ways in which that process could be interrupted in·ter·rupt  
v. in·ter·rupt·ed, in·ter·rupt·ing, in·ter·rupts

v.tr.
1. To break the continuity or uniformity of: Rain interrupted our baseball game.

2. , or more importantly, how to minimize the impact of that interruption INTERRUPTION. The effect of some act or circumstance which stops the course of a prescription or act of limitation's.
     2. Interruption of the use of a thing is natural or civil. .

Risk Analysis

Risk analysis involves identifying the risks that the company is likely to face and then for each of the risks, assessing the likelihood of suffering any particular incident. Once these have been performed the risk to a given company can be measured.

Risk measurement can be both quantitative and qualitative. Qualitative risk measurement could, for example, use terms such as 'high', 'medium', or 'low' probabilities. This is good for classifying the nature or frequency of the risk. Qualitative measurement (using percentages for example) can also be used though this is usually harder to perform.

Identification of the risks can be on an internal, corporate basis or through third party consultants. If an internal process ensues, the meeting should consist of a brainstorming session involving representatives from all departments of the business. This could be users, executives, operations, systems administrators, database administrators, and business continuity experts. The aim of this meeting would be to construct a 'risk register', forming the basis tot protection that would be continually updated and reviewed. Establishing such a register necessarily involves prioritizing risks according to according to
prep.
1. As stated or indicated by; on the authority of: according to historians.

2. In keeping with: according to instructions.

3.  the application's business criticality.

Here it is also important to identify any interrelationships between processes, and therefore interdependencies between applications. This could occur if there were peak periods for example. When creating the registry it is often advantageous to create categories and sub categories.

For example, categories by application could be:

* human error

* human threat

* technical threat (hardware)

* technical threat (software)

* natural threat and their

various subcategories.

For human error, for example, one sub-category may be accidental deletion deletion /de·le·tion/ (de-le´shun) in genetics, loss of genetic material from a chromosome.

de·le·tion
n.
Loss, as from mutation, of one or more nucleotides from a chromosome.  of a file, or losing a laptop Same as laptop computer.

laptop - portable computer .

The 'risk registry' allows a detailed evaluation of the risks in terms of probability of occurrence and the range of likely consequences. This, in itself, is often enough in providing the company with impetus for creating and adhering to a business continuity plan.

Some companies have in the past been lulled into a false sense of security, being under the impression that disaster recovery only applied to natural disasters like floods or fires. Even if they did not take the attitude that 'it won't happen to us', the expense of a full disaster recovery plan was not justified as the probability of a natural disaster was viewed as negligible This article or section is written like a personal reflection or and may require .
Please [ improve this article] by rewriting this article or section in an . . But only six or seven percent of 'disasters' are actually caused by floods and fires, a far bigger proportion are of a hardware or software nature. And what is disastrous is actually the consequence of the hardware failure, rather than the incident itself. The 'risk registry' thereby encourages businesses to look at risks from a different perspective and points to potential disaster areas the business may not have considered.

Once the risks have been identified, they are then assessed in terms of their probability of occurrence and the associated 'minimum', 'most likely' and 'maximum' cost. Often this is the harder part, but estimates can provide a good rough idea. This is termed the three-point estimate. This is then fed into a Monte Carlo simulation Monte Carlo Simulation

A problem solving technique used to approximate the probability of certain outcomes by running multiple trial runs, called simulations, using random variables. , which will then run these numbers against the appropriate probability curve to provide a computer model. (Monte Carlo simulation routines are widely available as add-ins to Microsoft Excel (tool) Microsoft Excel - A spreadsheet program from Microsoft, part of their Microsoft Office suite of productivity tools for Microsoft Windows and Macintosh. Excel is probably the most widely used spreadsheet in the world.

Latest version: Excel 97, as of 1997-01-14. .)

Last of all, the business estimates the overall exposure to risk. In doing so, the calculated cost of the risks is compared to the probability of their occurrence. This almost certainly encourages a certain level of protection to be applied. As the potential costs of disasters can actually be established, the justification can be made to apply protective measures.

Once this has been created, the company has established a firm foundation for a business continuity plan. The business continuity plan is made up of two parts, avoidance strategies; to try and ensure that no processes are interrupted by the risks and threats identified, and contingency strategies; to make sure that if interruptions do occur, their effects are kept to a minimum.

Avoidance strategies usually involve some form of training and establishing procedures, business process reengineering See reengineering. , and technologies such as clustering, storage area networks (SANs), and software management. Contingency strategies involve disaster recovery planning and contingency situation planning, backup, and recovery. Once the plans have been drawn up, it is imperative for the company to test it. It is also advisable ad·vis·a·ble  
adj.
Worthy of being recommended or suggested; prudent.


ad·visa·bil  to delegate someone as responsible in the case of a disaster.

As the world becomes increasingly reliant on systems and data, it is apparent that business continuance management and planning is no longer just advisable, it is a necessity. And while a thorough investigation into the risks faced by a company may take time and effort, and perhaps some third party consulting, the end result will be a blueprint for protection that accommodates the change that the future will undoubtedly bring.

Nigel Williams Nigel Williams may refer to:
  • Nigel Williams (author)
  • Nigel Williams (ice hockey)
  • Nigel Williams (actor)
  • Nigel Williams (broadcaster)
  • Nigel Williams (comedian)
 is vice president for EMEA (Europe, Middle East, Africa) Refers to that region of the world. For example, one might see products packaged differently for the UK, EMEA and Asia Pacific markets.  Software Operations at Legato (Legato Systems, Inc., Mountain View, CA, www.legato.com) A leading provider of storage management and high-availability software founded in 1988 and acquired by EMC Corporation in 2003. Legato software, including Celestra data management (data mining, data migration, etc.  Systems (Mountain View, CA).

www.legato.com
COPYRIGHT 2002 West World Productions, Inc.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2002, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Storage Networking
Author:Williams, Nigel
Publication:Computer Technology Review
Date:Jan 1, 2002
Words:1093
Previous Article:iMerge 3.0 increases call capacity for cable telephony networks.(Internet)
Next Article:Optimizing network storage processing performance: programmable multi-processors and high-speed I/O enable new levels of flexibility and performance...



Related Articles
Design Considerations In Enterprise Storage Networks.(Industry Trend or Event)
LSI Logic Qualifies Volume Replicator For Data Mirroring Over IP.(VERITAS Volume Replicator, LSI Logic MetaStor E-Series storage arrays)(Product...
WorldCom offers new hosting services. (New Products).(Product Announcement)
Sun Microsystems and Nortel Networks Enterprise Continuity solution. (Top Technology Showcase).
Cisco Systems & Hitachi Data Systems selected by Euronext.liffe.
Are you ready to outsource your storage? (Tape/Disk/Optical Storage).
EMC delivers solution-oriented services throughout the information lifecycle.(EMC Corp.)
Data reacquisition vs. data restoration: a new model for business continuity.(Backup/Restore)
Pentagon awards EMC $40 million contract.
Is SMB disaster recovery really within reach?(Disaster Recovery & Backup/Restore)(small and midsize businesses)

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles