Posts

Pending Storm; Pending Doom

/in

A quick scan of the weather headlines late on Thursday afternoon: a “Nor’easter” storm going through rapid escalation, know as “Bombogenisis”, looks ready to hit New England tomorrow with rain, snow and hurricane force wind gusts. Now it is Sunday, and many small and midsize businesses along the northeastern coast are wondering when, or if, they will be able to reopen. The impact of disasters is increasing. We can argue about climate change versus weather. We can discuss our aging infrastructure. We can debate whether to plan for disaster causes or effects. If we do not, however, make our businesses more resilient, the quantity and severity of disruptions will continue to grow.

The coming storm should not foretell coming doom.

By taking advantage of proven cloud services, most small and midsize businesses can protect themselves from disruption. Many businesses in coastal areas of New England may be without power and other utilities for 2 to 4 days. Businesses with no continuity plan are down and out. Given that about 50% of businesses shut down for a week will fail within six months, “down and out” can be fatal. If you rely on VPN or remote desktop to on-premise systems, you are still at risk — no power means no on-premise networks or servers.

Businesses with key systems in the cloud, however, can be up and running if employees have power and Internet access.

So what are your next steps?

First, measure the impact on your business of a disruption lasting one day, three days, and five days?  As you do, consider the full cost of recovery, including post-disaster productivity loss as your work to recover lost data and time while keeping things moving forward.

Second, consider the value of keeping your business running rather than having to recover and regroup. Beyond the dollars and cents, understand the value to your customers, to your reputation.

Third, contact us for a complimentary Cloud Advisor Session to discuss your cloud and continuity strategies.

Overconfidence in Disaster Recovery: Common and Costly

/in ,

support-liferingAs reported in CloudTech, a recent study in the UK of 250 businesses finds that 95% experienced outages or data loss in the past year, with 87% needing to go to failover systems.

There is a mismatch between expectation and reality when it comes to disaster recovery.

Of the 87% that executed a failover, 82% were confident it would go well, but 55% encountered problems. And while 69% stated outages lasting minutes would be “highly disruptive” or “catastrophic”, only 27% were able to recover all systems immediately following an outage. With 37% of respondents indicating they do not regularly test their DR capabilities, many organizations have no basis for expecting a smooth failover.

Outage Sources

While we often focus on the “big disaster” that could interrupt our businesses, 53% of the outages were to mundane system failures and 52% were due to human error (more than one response was possible). Cyber attacks and environmental issues caused 32% and 20% of the outages, respectively.

Three Things We Can Learn

  1. Comprehensive disaster recovery and business continuity costs money. Running infrastructure and systems in the cloud and/or using cloud-based DR and Business Continuity solutions can help mitigate these costs.  You will, however, need to assess potential downtime and time to recover, the impact of downtime, and the cost to create the right balance for your organization.
  2. Testing your DR/Business Continuity solutions should be easy and cost-effective. Plan on testing at least twice per year.
  3. Your DR/Business continuity solution should help reinforce your overall data protection and business operations. Shifting from a “recovery”-centric strategy to one of resilience can lower costs and minimize the risks and impacts of unplanned outages.

If you want to improve your business’ resilience and lower your IT costs, contact us for a free Cloud Advisor session.

 

Rethinking Risks and Responses

/in ,

Malware, Ransomware, Natural Disasters and More Keep Hitting SMBs Hard

Never have we had a greater ability to work together to get things done than we do right now. As our cloud and hybrid environments expand, the ease-of-use encourages us to share ideas and information and to collaborate in new and exciting ways.

Never have we been under attack from so many directions. Changing weather patterns and aging infrastructure leave businesses without power for days instead of hours. Fading employee loyalty means more chances for information to walk out the door. The same features that let us easily share information also let us accidentally share information we shouldn’t. Malware and viruses have evolved from a nuisance to potentially existential threats with the increase in ransomware and advanced persistent threats.

Our Businesses, Employees, and Customers Need and Expect Protection

With the risks and impacts on the rise, we as small and midsize business owners and technologists should rethink how we both prepare and respond. Since the dawn of business computing, large enterprises have built expensive solutions to ensure that their businesses keep running “no matter what”.  Now that we are in the cloud, and solutions are incredibly affordable, we need to adopt the same approach.

Business continuity is no longer just being able to keep your business running after a disaster.

Business continuity means that you are able to prevent business disruptions and distractions, regardless of the cause. Business continuity means …

  • You actively work to minimize the chance of a ransomware attack, and that you can respond and recover quickly should it happen.
  • You have systems and procedures in place to prevent data loss and privacy breaches, and that you can detect and mitigate issues quickly and effectively.
  • You and your team are no longer tethered to the hardware, Internet access, and electricity in your offices.

For SMBs, now is the time to consider the tangible and intangible costs of business interruptions of all types and to see the value in solutions to prevent and recovery. Understand the value proposition of that goes beyond dollars and cents to include the customer relationship impact and the toll that business disruption has on your team.

Food for Thought:

Prepare Your Business for Hurricanes and Storms With Our 3 Effective Models

/in

Storm Preparedness Tips for Your Small Business
What can often begin as a mild tropical storm season can quickly become quite active, with multiple significant storms expected to impact the southeast and Atlantic coast and the Hawaiian islands. And while every storm may not be a major hurricane, your business is at risk because our infrastructure is at risk, making it vital to prepare your business for hurricanes.

Power outages, local or regional flooding, and disruption of communication services continue to increase in frequency as our infrastructure ages faster than our upgrades and as our economy rewards utilities for trimming staff and services rather than trimming trees and keeping current with maintenance.

Are you protecting your business from the damage and risk of disruption?

You have seemingly infinite choices on the types and cost of business and data protection, each with benefits and limitations. Your challenge: pick the solution that is most cost-effective, meaning the time it takes to Return to Operations (RTO) is acceptable given the cost.

To simplify your search for a solution, we propose you consider one of three models to help prepare your business for hurricanes:

  • Restoration
  • Recovery
  • Continuity

3 Ways to Protect Your Business from The next Hurricane

1. Restoration

Restoration is the least expensive option to protect your business from a hurricane.  You backup all of your data and critical systems, including full system images, off-site.  In the event of a disaster, you restore your systems once you have fixed or replaced any damaged or lost equipment.

  • Cost Structure:
    • Scales with the size of your system images and the amount of data you keep in offsite backup
  • RTO:
    • 1 to 3 days once replacement equipment arrives
  • Admin:
    • Must ensure backups include all images and data needed to recovery, including Bare Metal Restore (BMR) for key servers and systems.
    • Must periodically test restore for data integrity and to ensure the recovery process is documented and understood.

2. Recovery

In addition to keeping an off-site or cloud backup covering all of your data and critical systems, you have the ability to access replicas of your network and servers in a remote data center.  In the event of a disaster, you “spin up” your latest system snapshots and restore any incremental data. You access your mirror network via remote desktop, VPN client, or LAN-to-LAN VPN.

  • Cost Structure:
    • Scales with the size of your system images and the amount of data you keep in offsite backup
  • RTO:
    • 1 to 18 hours, depending on your configuration and needs.
  • Admin:
    • Must ensure backups include all images and data needed to recovery, including Bare Metal Restore (BMR) for key servers and systems.
    • Must periodically test recovery for data integrity and to ensure the recovery process is documented and understood.
    • Once primary systems are repaired or replaced, snapshot backups and recovery move your data back for normal operations.

3. Continuity

Continuity means your IT and cloud infrastructure keeps running, even in the face of disaster or significant local events.  You have multiple options for continuity, including: mirrored networks and systems in remote data centers, remote desktops, virtual desktop infrastructure (VDI), and Desktop-as-a-Service (DaaS) models. In each scenario, your servers, applications, and data live in a redundant, remote cloud data center. You access your environment via remote connection, using a web browser or a small local app known as a receiver.  In the event of an emergency, you only need to provide a browser and Internet connection to be up and running.

  • Cost Structure:
    • Scales with the size of your systems and networks
    • Offsets day to day costs of owning and managing on-premise hardware and software
  • RTO:
    • Immediate, based on Internet availability
  • Admin:
    • Providers typically include standard server admin and management, reducing local need for IT resources
    • Application and data management are similar to on-premise systems
    • Backup/restore capabilities are still recommended to protect against application and/or human error.

Bottom Line on Preparing Your Business for Hurricanes and Storms

Using these models as a guide, you can select a solution that balances cost, convenience, and complexity against the operational needs of your business. We’re happy to help you come up with the best plan to prepare your business for hurricanes based on your budget and needs.

Want to setup or improve your disaster recovery/business continuity capabilities? Contact us for a free, no-obligation consultation.

 

When the Single Point of Failure Actually Fails

/in ,

 

While the heavy, wet snow continues to fall and cling to the power and fiASA5505ber optic lines in our area, today’s Internet outage was not due to the first real storm this winter. Being fully in the cloud, any Internet outage could be a disaster, bringing business to a halt. In reality, the “single point of failure” really isn’t. True, we do not have multiple routers. Nor do we have multiple broadband connections.  What we do have, is the ability to work over any form of Internet connection. Here is our case study (still in progress).

Late yesterday afternoon, our trusted Cisco 5505 stopped working. Poof. Red Status light on; activity lights on the embedded switch ports blinking; no traffic. A few reboots and a few attempted hard resets later, we are still not working. A quick call and discussion, and our Cisco guru tells us “it’s a brick”. Covered by warranty and a solid support/service plan, a new unit will arrive in several days. In the meantime, we must continue to service our customers.

Quick Fix

The immediate response is to get our staff connected to the Internet in any way possible.  A few mobile hotspots activated on our phones and one MiFi device booted up, and we are back in business. Performance is acceptable, not great, and we will plow through our data plan, but we are in business with only a few minutes disruption.

Interim Fix

Our FiOS service enters our office through a service unit that converts the Fiber to Gigabit Ethernet.  We split this signal through a switch to 2 routers — one provided by our VoiP service and the FiOS router/cable modem that comes with our service.  The now dead Cisco ASA plugs into the FiOS router.

Why two routers in sequence? Having 2 routers in sequence creates a physical DMZ: a network that can receive traffic from inside and the outside while letting us stop traffic from going all the way out or coming all the way in. It’s “old school” as virtual DMZs are the trend.  We use the DMZ and the FiOS router for a guest network and wireless.  Guests can gain access to a physical or wireless connection while staying completely outside our secure network. The Cisco ASA, at the secure end of the DMZ, manages our inbound traffic, NAT, and legacy DMZ services (let over from the days when we had a few systems on-premise and needed remote access). Our secure WiFi runs off a Cisco/Linksys WAP inside the secure border of the ASA router.

With a few minutes of work, we reconfigured the FiOS router, removing the DMZ and mimicking the settings and security configured in the ASA.  Moving a few wires, we are up and running until the new ASA comes in.

Lessons Learned

Our focus has always been on the FiOS service as the single point of failure at greatest risk.  Outages have traditionally been short and as we have been able to adapt by using hotspots, MiFi, and working from home or other locations, we have not seen the need to bring in another ISP as an alternate service. The ASA failing was never really a consideration.  The box is not yet out of warranty and our prior Cisco routers lasted much longer than the 5 year extended warranty (we upgraded for features, not out of necessity).

Not having seen this scenario coming, we had to rebuild the FiOS router from scratch. Going forward, we have now saved this “emergency configuration” for future use.  Once our new Cisco ASA arrives, we will create an emergency configuration that will let us remove the FiOS router from the network.  Finally, we will build a configuration for the Cisco/Linksys WAP, as this has routing features and could replace the FiOS router in a pinch.

The biggest lesson, however, is the value of a cloud-based infrastructure with respect to business continuity. Storm or no storm, hardware failure or not, we know that we will always have options to keep our business up and running. Even when the “single point of failure” happens to fail.

Cloud Resiliency: Overview, Benefits & Steps for Implementation

/in

business resilienceWhat is Resiliency in Cloud Computing?

In today’s rapidly evolving digital landscape, where businesses increasingly rely on cloud computing for their critical operations, the need to ensure uninterrupted services and data availability has become paramount. This is where “Cloud Resiliency” steps in as a fundamental aspect of modern IT strategy.

Cloud resiliency refers to the ability of a cloud-based system or infrastructure to withstand and recover from unexpected disruptions, whether they arise from hardware failures, software glitches, cyberattacks, natural disasters, or any other unforeseen events. It involves designing and implementing a robust framework that can promptly detect issues, gracefully handle failures, and swiftly restore normal operations without significant downtime.

The unexpected will happen. It is inevitable. Sometimes the unexpected is a good thing. In technology, the unexpected is usually bad.  It may be small … or big … or catastrophic.

Part of our role as IT professionals is to expect and prepare for the unexpected. We backup data so that we can restore files that are accidentally deleted, overwritten, or damaged.  We backup systems so that we can recover them in case of hardware or software failures. Many business designs and implement disaster recovery plans. These plans provide the means for companies to recover from larger incidents, ranging from burst pipes and building fires to blizzards and hurricanes.

In recent years, the focus has been on “Business Continuity” planning. Business continuity intends to prevent disruption to operations, even in the face of larger incidents or disasters. While great in concept, most small and mid-size enterprises cannot afford to fully duplicate systems in redundant data centers and provide alternate work sites for employees.

Cloud Resiliency in Business

Business Resiliency is based on the objective of enabling a business to continue (or rapidly resume) operations with some accommodations.  In other words, you may not be running 100%, but you will be running soon enough and well enough, given the situation. Resiliency is about bending without breaking.

Consider Hurricane Sandy which devastated parts of the US Eastern Seaboard.  Many businesses were physically destroyed by the flooding. Many others were shut down by the indirect effects of the flooding as some areas along the coast lost critical infrastructure — including water and sewer. Businesses left physically intact but without power for days considered themselves lucky as some areas waited months for reconstruction.

Consider the ice storms and blizzards throughout the Northeast US in recent years.  For many businesses, the only disruption was loss of power.  And while in many of the storms, outages where generally localized, some businesses went without power for as long as three weeks.

The same holds true for businesses in “tornado alley” in the Midwest. A tornado may leave your business unscathed, but it may take days or weeks for power and water to be restored.

In each of these scenarios, backup/restore/recovery is not enough to get the business back up and running. And, again, most small and mid-size businesses cannot afford to maintain disaster recovery systems and sites.

Benefits of Cloud Resiliency

Cloud resiliency offers a wide range of benefits to businesses and organizations that rely on managed cloud-based services and infrastructures. These advantages contribute to the overall stability, availability, and security of digital assets, ensuring uninterrupted operations and safeguarding against potential disruptions. Here are some key benefits of cloud resiliency:

  1. High Availability: Cloud resiliency ensures that critical applications and services remain available even in the face of hardware failures, software glitches, or other unforeseen events. Redundancy and failover mechanisms enable seamless transitions to backup systems, minimizing downtime and maintaining continuous access for users.
  2. Disaster Recovery: Resilient cloud architectures provide robust disaster recovery capabilities. Regular data backups, real-time data replication, and well-defined recovery processes allow businesses to recover quickly from data loss, cyberattacks, or natural disasters, minimizing potential data and revenue loss.
  3. Reduced Downtime: With cloud resiliency in place, businesses experience reduced downtime during system failures or maintenance activities. Quick detection and automatic recovery mechanisms help prevent prolonged service interruptions, enhancing productivity and customer satisfaction.
  4. Business Continuity: Cloud resiliency ensures business continuity by allowing organizations to maintain essential operations even during disruptive events. Critical business functions can continue operating, meeting customer commitments and minimizing financial losses.
  5. Cost Efficiency: While implementing cloud resiliency may involve upfront investments, it ultimately proves cost-effective in the long run. The ability to prevent extended downtime or data loss reduces potential revenue losses and protects a company’s reputation.
  6. Scalability: Resilient cloud infrastructures are designed to scale dynamically to meet changing demands. As businesses grow or experience fluctuating workloads, the cloud resiliency framework can seamlessly adapt, ensuring optimal performance and resource utilization.
  7. Enhanced Security: Cloud resiliency often goes hand-in-hand with robust security measures. Proactive identification and mitigation of vulnerabilities help protect against cyber threats and unauthorized access, safeguarding sensitive data and intellectual property.
  8. Improved Customer Trust: Reliability and continuous availability of services build trust with customers and partners. Knowing that their data and operations are in safe hands, clients are more likely to choose a resilient cloud service provider, giving businesses a competitive advantage.
  9. Regulatory Compliance: Resilient cloud architectures often adhere to industry-specific regulations and compliance requirements. Meeting these standards is critical for businesses operating in regulated sectors, ensuring legal adherence and avoiding potential penalties.
  10. Faster Recovery Times: In the event of a disruption or disaster, cloud resiliency enables faster recovery times compared to traditional on-premises solutions. Automated recovery processes and failover capabilities reduce the time required to restore services and operations.
  11. Geographical Redundancy: Resilient cloud infrastructures can be distributed across multiple data centers in different geographic locations. This geographical redundancy further enhances data protection and disaster recovery capabilities, minimizing the impact of regional outages or natural disasters.

Cloud Resiliency Requirements

Achieving cloud resiliency involves careful planning, robust architecture design, and the implementation of various measures to ensure the system can withstand and recover from unexpected disruptions.

Most businesses can afford to move IT systems into cloud computing and hosted solutions.  And in doing so, businesses can affordably build resiliency.

With all of these disasters, you did not have to travel too far inland to be out of the damage zone.  Businesses with on-premise equipment had to purchase and wait for delivery of replacements, rebuild their systems, and (hopefully) recover their data from their off-site backups. Certainly doable, but costly and time consuming.  It can take 2 to 4 days just to get the equipment in place and ready to restore.

Businesses in the cloud faced a different scenario and outcome. Moving to an area with power and Internet, businesses running in the cloud were up and running in hours (some in minutes) and some were never “down” at all.

Take the Next Step Today to Implement Resilience in Your Cloud Computing Strategy

To discuss how cloud computing can improve the resiliency of your business, contact us for a no-obligation conversation or click here to learn about our RestartIT solutions.

 

 

 

In IT, Every Season is Hurricane Season

/in ,

Hurricane
June 1st is the official start of Hurricane Season for North America. Every year, we hear predictions for the number of storms and the number of major storms expected to hit landfall here in the U.S. And yet, every year we seem to over-prepare for storms that never become a major problem and under-prepare for storms that become truly dangerous.

Such is the life for IT Hurricanes

Unlike physical hurricanes that can cause power and system outages, IT “Hurricanes” are climate changes that impact your business, and its IT needs and priorities.

As with physical hurricanes, IT Hurricanes often start out as smaller disturbances that are seen and identified well in advance. Some lose their energy and dissipate, some get carried off by changing currents, and some turn into storms.

Even with the advanced notification, dare I say warning, we often struggle to assess the size, scope, and impact of IT Hurricanes until just before they are about to hit. All too often, IT Hurricanes gain unexpected power and momentum as they approach landfall. Decisions on how best to prepare are often made too late for effective planning and execution, leaving IT staff scrambling to mitigate the impact and repair the damage.

For many businesses, our infrastructure and systems are not well-prepared to withstand IT Hurricanes. They are too rigid to adapt to changing winds and tides, too difficult to move to a safer place, and/or unable to withstand the tidal surge of change forced upon us.

Look to the Cloud for a Better Way

Rather than just focusing on improving our warning time and how well we can predict the direction, size, and strength of IT Hurricanes, we should create IT infrastructure and systems that can adapt to changing conditions more easily, with less time required.

Moving to cloud solutions can …

  • Simplify your IT infrastructure — your network and systems — making it easier and less expensive to adapt to changing currents
  • Reduce the amount of capital captured in physical assets with sunken costs that resist change
  • Let you raise or lower you capacity and utilization as needed to ebb and flow with the tide of your business
  • Add, or modernize, applications and systems without having to airlift in a solution
  • Improve mobility, so your team members are never displaced by geography or device
  • Provide a platform, that lets you create an IT ecosystem for your business focused on the future and not the past

While cloud computing cannot prevent IT Hurricanes, cloud solutions can help mitigate the impact and make it easier for you and your business to adapt and respond. After all, staying ahead of the storm is better than having to pick up the pieces.

Using the Google Apps for Work ecosystem, our CumuluSuite packages provide cloud computing platforms that are easily customized to keep you out of the storm.  Contact us to learn more.

 

Changing the Focus on Backup Protection

/in ,

Recovery-Point-Objective-RPO
As we’ve stated before, “Backup is easy; Recovery is hard”.  Every business should, at this point, understand the risks of poor data backup and protection. The risks come from the types and amount of data that is lost and, if it can be recovered, how long that recovery takes. And remember, recovery often takes more effort than simply restoring files from a backup set.

Perspective = Priority

When looking at how well your backup system is protecting your business, two factors should be top of mind:

RTO: Recovery Time Objectives — How long will it take to return to normal operations. RTO is not just the time it takes to load your data back onto your systems, RTO includes the time it takes to repair and recreate damaged information and data created or modified since the last backup.

RPO: Restore Point Objectives — Your RPO determines how much data you are willing to lose, or can afford to lose. Most small and mid-size businesses backup daily. On average, a system failure will result in half a day of lost data. For an office worker editing a report, this is traumatic and inconvenient. For a manufacturer or retail business, half a day can represent hundreds or even thousands of orders and financial transactions.

As always, quicker RTOs and smaller RPOs come with trade-offs.  Recovery methods like image snapshots, for example, can provide rapid RTOs and small RPOs. In exchange, you are likely losing granularity — the ability to recovery individual files.

Understand the reasons  you are protecting your data.  Protection from system failure, in which you need to recovery a full server, lends itself to imaging and other snapshot methods.  Recovery of files or data lost to program error, malware, or user activity, needs a solution with granularity.

Start with an understanding of the type of protection you need and your RPOs and RTOs.  From there, you can pick the solutions (yes, you may want or need more than one method) for recovering data and your business.

We offer  a range data protection solutions, with a range of products, for on-premise and cloud-based data. Contact us for a free assessment of which type of solution is best for you.

 

 

5 Ways Google Apps Will Help Your Business

/in

 

Not just an email service, Google Apps is a business platform that enables efficiency and productivity by giving your team better communication and collaboration tools.

In less than 12 minutes, Cumulus Global’s CEO Allen Falcon identifies 5 ways that Google Apps will help your business.

1) Improved Communications

2) Collaboration — More and Better

3) Secure Access — from anywhere at anytime

4) Business Continuity

5) Lower Operating Costs — instead of CapEx + OpEx 

The video is a recording of Allen’s Standing Room Only seminar at the Central Mass Business Expo in September 2014.  Click Here to view the recording and contact us for more information and a free assessment of your business’ cloud potential.

 

 

When FiOS becomes “Frequent Interruption of Service”

/in


We love the cloud.  We work and live in the cloud. So, when our Verizon FiOS service became unreliable, we had a plan.

The upside of cloud services is that they are available from anywhere you have Internet service.  The down-side is that downtime means disruption.

We Have Options

Redundancy is the most common option considered to avoid Internet service disruptions. In our location, we could add a Charter business connection along side our Verizon FiOS service, and reconfigure our Cisco ASA 5505 to load balance and manage fail-overs. The upside: we avoid outages and service quality issues; the downside is the setup cost and recurring fees.

For now, we have taken a tactical approach. Our service issues are frequent, but short in duration (the side effect of DDOS attacks elsewhere on the network).  When quality drops or the service is down completely, we switch to our MiFi and smartphone HotSpots for Internet access.  By disabling WiFi and relying on the 4G LTE service, we run a softphone client on our iPhones and Android phones, providing full telephony capability and coverage.

While we may deploy a redundant carrier in the future, the flexibility of our cloud-based services and our cellular based Internet access are sufficient in the short term.  Having options, and being able to work, is all part of our Business Continuity planning.