Posts

Risk and Reward – Protecting the Value of Your Business

Business ContinuitySeveral weeks ago, in a town not far from our headquarters, a massive fire destroyed a building housing six small businesses.  Our local business journal followed up a few weeks after the disaster with a poll asking business owners how prepared they are for a major disaster.

  • Fewer than 50% of responding business owners feel that they are fully insured, have an emergency plan, and could be up and running in a few days.
  • 39% feel that it could take a month or so, but they could eventually reopen
  • 17% felt they would be out of business or would required state and local aid to survive

While not a scientific sampling, the results are alarming.  Alarming for a few reasons:

  • Even with insurance, it can take days or weeks to get authorization so you can move forward with your emergency plan.  Securing a new location and replacing fixtures, inventory, etc. takes time, as does recovering computer systems and data.
  • More than 50% of businesses closed for 7 days due to a disaster fail within 6 months of reopening.  While many businesses might re-open in a month, the future will be challenging.

Your Risks are Yours

A major fire in a block of retail and service businesses creates specific challenges, as do storms and floods.  Many more businesses, however, experience disasters equal or greater in scope even if they do not have the same level of physical damage. Some examples we have seen.

  • A distributor of customized office supplies lost all electronic business records for the past three years when they where hit by ransomware. The attack corrupted their on-site backup servers as well as their main file and database servers.
  • A news publisher lost all of their physical servers, firewalls, and networking equipment when a sprinkler head failed in their small equipment room.
  • A small plastics manufacturer lost the ability to use their process control systems when embedded Windows workstations were corrupted by a malware attack.

In each of these examples, businesses with customer commitments, production schedules, and deadlines were idled for days. For some, full recovery can take months.  Beyond the hard cost of recovering systems and data, these businesses suffered from soft cost losses.  Missed customer commitments, delayed invoicing and collections, and the time employees spent on the recovery effort all have lasting impacts on your business.

Business Continuity is a not just a good idea, it is a responsibility. 

As business owners, our employees, vendors, and customers count on us.  While people can empathize with the impact of a fire, there is less understanding for businesses that fall victim to cyber crime.  Malware, phishing, ransomware and other attacks are generally preventable when your team is alert and aware of the risks and when you put reasonable identity, data, and system protections in place. And since no protection is perfect, you need to be able to recover quickly enough for your business to continue operating smoothly.

Here is some food for thought:

  • Know Your RTO:  Understand how quickly your business needs to Return to Operational.  Maybe you can work on paper for a few days. Maybe you need to be up and running in a few hours because you are at a standstill until systems are back online. Your RTO goal will guide your decisions on what protection and recovery/continuity services are the right match for your needs and budget.
  • Assess Your Risk: Understand the different disaster scenarios and how they may impact your business.  Think about physical issues, such as loss of power and catastrophic system failures, as well as other disruptions, such as cyber attacks and potential actions by a disgruntled employee.
  • Watch Your Flank: Asses how different types of threats could impact your business.  We are beyond hiding our computers behind firewalls. We still have physical threats, but we also have threats focused on networks, user identities, access control, third party services, and data sources and services. Each threat vector needs a plan for protection, response, and recovery.
  • Factor in Humanity: We used to talk about balancing security with ease of use.  Today, the humanity equation is different as most IT disasters take advantage of human factors like our fundamental desire be helpful when asked. In many ways, your team is your best defense. They need to understand the risks, the methods of manipulation, and the signs that something is not quite “right”.  Your team needs to understand the value of inconveniences like multi-factor authentication and enhanced privacy and access controls — that these protect them as well as the company.

Your next step.

Contact us.  It is time for a serious conversation about protecting the value of your business.  A basic assessment of your business continuity profile will identify risks and gaps. From there, we can discuss improvements and their business value so you can make informed decisions that balance your risks, needs, and budget.  Business Continuity solutions — from disaster prevention through recovery — do not need to bust your budget.   For most business, changes in security settings on existing systems paired with modest, incremental services provide the protection and recover-ability you need.

Inertia: The Science of Business Continuity

Newtons CradleTo paraphrase Newton’s Laws of Motion (with credit to Galileo) …

Absent an unbalanced force, an object in motion will stay in motion and an object at rest will stay at rest.

While this holds true for objects in a friction-less environment, it holds true for our businesses as well. Our businesses are in motion, working each day to service our customers with rhythms and cycles throughout each day, week, month, and year.

Our business cycles continue, until we meet an unbalanced force.

Some forces we expect, like changes in the economy that occur over a period of weeks or months.  Others forces are event-driven, such as storms, cyber attacks, and key employee departures. The sudden nature of event-driven forces can catch us by surprise, cripple our businesses in the short-term, and disrupt our normal cycles for the long-term.

A Case in Point

A company here in the northeast manufactures and distributes a customized product that customers generally replace or re-order every 2 to 3 years.  80% of the firm’s business is repeat, creating a strong and stable business. The company was hit by ransomware twice in a 3 month period.  The first attack, scrambled their files and their servers, but left their financial system in place.  They lost a day’s worth of data.  The immediate recovery took 3 days; the full recovery took nearly two weeks.  After three days of cleaning systems and restoring data, the company’s systems were up and running. They then had to enter the initial day lost data and all of the business activity for the 3 days their systems were down.  They allocated 1/3 of everybody’s time to recover the data, reducing productivity by 33% and impacting their responsiveness to customers. To enter the 4 days of missing data took over 10 days with the team working part time.

Inertia Takes Hold

This initial event changed the cycles and motions of the company. Whenever dealing with any business activity during the outage and recovery periods, they need to double check to make sure the information entered was complete and correct. And since some activities, like shipping and invoices related to prior activities, they need to double-check these connections.  Long after the two week recovery period, productivity is still down as the company’s daily motion now includes double-checking information that they are not sure they can trust.

Lesson NOT Learned

With so much focus on getting the business back into its normal rhythm, and the additional cost involved, the company did not act on recommendations that could help prevent a future attack and better ensure their ability to recover should a future attack occur. Whether the second attack was a different attack or they had failed to fully clean their systems does not matter.  The second attack was not caught until after the company’s backup server was hit, rendering their backups useless.  The company lost three years of data.

Inertia Creates a New Cycle

To recover from this attack took more than balancing data entry and on-going business. It was not feasible to manually recreate three years of data. While entering about 6 months of data for the fiscal year, they settled for a solution that created new methods and rhythms with long-term effects. They recalled all of their paper records from storage into an expanded warehouse space.  When a customer calls to re-order product they ordered 2 or 3 years ago, they search and retrieve the physical paperwork so they can create the new order. Every returning customer creates a scramble to find the paperwork in short order. Actions required in an emergency become part of the new normal. Inertia.

What You Can Do

You can be prepared with solutions that balance external forces beyond your control.

  • An educated and aware workforce balances the human manipulation that enables cyber attacks
  • Advanced threat, DNS, and web protections balance the forces of cyber attacks hitting us daily.
  • A robust backup/recovery and continuity system balances the forceful impact of disruptive events, giving you the ability to be up and running in hours not days.

If the company in our case study had implemented the recommended solutions after the first attack, they second attack would have disrupted the business for less than half a day — and may not have happened at all. The investment in communication, prevention, and recovery, while not trivial, was minor compared to the short term recovery and long term impact on the business.

If you are not ready or willing to have your business’ inertia redirected by forces beyond your control, now is the time to act.


Contact us for a free, no obligation, Cloud Advisor Session to discuss your business recovery and continuity needs and plans.


 

Pending Storm; Pending Doom

A quick scan of the weather headlines late on Thursday afternoon: a “Nor’easter” storm going through rapid escalation, know as “Bombogenisis”, looks ready to hit New England tomorrow with rain, snow and hurricane force wind gusts. Now it is Sunday, and many small and midsize businesses along the northeastern coast are wondering when, or if, they will be able to reopen. The impact of disasters is increasing. We can argue about climate change versus weather. We can discuss our aging infrastructure. We can debate whether to plan for disaster causes or effects. If we do not, however, make our businesses more resilient, the quantity and severity of disruptions will continue to grow.

The coming storm should not foretell coming doom.

By taking advantage of proven cloud services, most small and midsize businesses can protect themselves from disruption. Many businesses in coastal areas of New England may be without power and other utilities for 2 to 4 days. Businesses with no continuity plan are down and out. Given that about 50% of businesses shut down for a week will fail within six months, “down and out” can be fatal. If you rely on VPN or remote desktop to on-premise systems, you are still at risk — no power means no on-premise networks or servers.

Businesses with key systems in the cloud, however, can be up and running if employees have power and Internet access.

So what are your next steps?

First, measure the impact on your business of a disruption lasting one day, three days, and five days?  As you do, consider the full cost of recovery, including post-disaster productivity loss as your work to recover lost data and time while keeping things moving forward.

Second, consider the value of keeping your business running rather than having to recover and regroup. Beyond the dollars and cents, understand the value to your customers, to your reputation.

Third, contact us for a complimentary Cloud Advisor Session to discuss your cloud and continuity strategies.

Overconfidence in Disaster Recovery: Common and Costly

support-liferingAs reported in CloudTech, a recent study in the UK of 250 businesses finds that 95% experienced outages or data loss in the past year, with 87% needing to go to failover systems.

There is a mismatch between expectation and reality when it comes to disaster recovery.

Of the 87% that executed a failover, 82% were confident it would go well, but 55% encountered problems. And while 69% stated outages lasting minutes would be “highly disruptive” or “catastrophic”, only 27% were able to recover all systems immediately following an outage. With 37% of respondents indicating they do not regularly test their DR capabilities, many organizations have no basis for expecting a smooth failover.

Outage Sources

While we often focus on the “big disaster” that could interrupt our businesses, 53% of the outages were to mundane system failures and 52% were due to human error (more than one response was possible). Cyber attacks and environmental issues caused 32% and 20% of the outages, respectively.

Three Things We Can Learn

  1. Comprehensive disaster recovery and business continuity costs money. Running infrastructure and systems in the cloud and/or using cloud-based DR and Business Continuity solutions can help mitigate these costs.  You will, however, need to assess potential downtime and time to recover, the impact of downtime, and the cost to create the right balance for your organization.
  2. Testing your DR/Business Continuity solutions should be easy and cost-effective. Plan on testing at least twice per year.
  3. Your DR/Business continuity solution should help reinforce your overall data protection and business operations. Shifting from a “recovery”-centric strategy to one of resilience can lower costs and minimize the risks and impacts of unplanned outages.

If you want to improve your business’ resilience and lower your IT costs, contact us for a free Cloud Advisor session.


 

Rethinking Risks and Responses

Malware, Ransomware, Natural Disasters and More Keep Hitting SMBs Hard

Never have we had a greater ability to work together to get things done than we do right now. As our cloud and hybrid environments expand, the ease-of-use encourages us to share ideas and information and to collaborate in new and exciting ways.

Never have we been under attack from so many directions. Changing weather patterns and aging infrastructure leave businesses without power for days instead of hours. Fading employee loyalty means more chances for information to walk out the door. The same features that let us easily share information also let us accidentally share information we shouldn’t. Malware and viruses have evolved from a nuisance to potentially existential threats with the increase in ransomware and advanced persistent threats.

Our Businesses, Employees, and Customers Need and Expect Protection

With the risks and impacts on the rise, we as small and midsize business owners and technologists should rethink how we both prepare and respond. Since the dawn of business computing, large enterprises have built expensive solutions to ensure that their businesses keep running “no matter what”.  Now that we are in the cloud, and solutions are incredibly affordable, we need to adopt the same approach.

Business continuity is no longer just being able to keep your business running after a disaster.

Business continuity means that you are able to prevent business disruptions and distractions, regardless of the cause. Business continuity means …

  • You actively work to minimize the chance of a ransomware attack, and that you can respond and recover quickly should it happen.
  • You have systems and procedures in place to prevent data loss and privacy breaches, and that you can detect and mitigate issues quickly and effectively.
  • You and your team are no longer tethered to the hardware, Internet access, and electricity in your offices.

For SMBs, now is the time to consider the tangible and intangible costs of business interruptions of all types and to see the value in solutions to prevent and recovery. Understand the value proposition of that goes beyond dollars and cents to include the customer relationship impact and the toll that business disruption has on your team.

Food for Thought:

Prepare Your Business for Hurricanes and Storms With Our 3 Effective Models

Storm Preparedness Tips for Your Small Business
What can often begin as a mild tropical storm season can quickly become quite active, with multiple significant storms expected to impact the southeast and Atlantic coast and the Hawaiian islands. And while every storm may not be a major hurricane, your business is at risk because our infrastructure is at risk, making it vital to prepare your business for hurricanes.

Power outages, local or regional flooding, and disruption of communication services continue to increase in frequency as our infrastructure ages faster than our upgrades and as our economy rewards utilities for trimming staff and services rather than trimming trees and keeping current with maintenance.

Are you protecting your business from the damage and risk of disruption?

You have seemingly infinite choices on the types and cost of business and data protection, each with benefits and limitations. Your challenge: pick the solution that is most cost-effective, meaning the time it takes to Return to Operations (RTO) is acceptable given the cost.

To simplify your search for a solution, we propose you consider one of three models to help prepare your business for hurricanes:

  • Restoration
  • Recovery
  • Continuity

3 Ways to Protect Your Business from The next Hurricane

1. Restoration

Restoration is the least expensive option to protect your business from a hurricane.  You backup all of your data and critical systems, including full system images, off-site.  In the event of a disaster, you restore your systems once you have fixed or replaced any damaged or lost equipment.

  • Cost Structure:
    • Scales with the size of your system images and the amount of data you keep in offsite backup
  • RTO:
    • 1 to 3 days once replacement equipment arrives
  • Admin:
    • Must ensure backups include all images and data needed to recovery, including Bare Metal Restore (BMR) for key servers and systems.
    • Must periodically test restore for data integrity and to ensure the recovery process is documented and understood.

2. Recovery

In addition to keeping an off-site or cloud backup covering all of your data and critical systems, you have the ability to access replicas of your network and servers in a remote data center.  In the event of a disaster, you “spin up” your latest system snapshots and restore any incremental data. You access your mirror network via remote desktop, VPN client, or LAN-to-LAN VPN.

  • Cost Structure:
    • Scales with the size of your system images and the amount of data you keep in offsite backup
  • RTO:
    • 1 to 18 hours, depending on your configuration and needs.
  • Admin:
    • Must ensure backups include all images and data needed to recovery, including Bare Metal Restore (BMR) for key servers and systems.
    • Must periodically test recovery for data integrity and to ensure the recovery process is documented and understood.
    • Once primary systems are repaired or replaced, snapshot backups and recovery move your data back for normal operations.

3. Continuity

Continuity means your IT and cloud infrastructure keeps running, even in the face of disaster or significant local events.  You have multiple options for continuity, including: mirrored networks and systems in remote data centers, remote desktops, virtual desktop infrastructure (VDI), and Desktop-as-a-Service (DaaS) models. In each scenario, your servers, applications, and data live in a redundant, remote cloud data center. You access your environment via remote connection, using a web browser or a small local app known as a receiver.  In the event of an emergency, you only need to provide a browser and Internet connection to be up and running.

  • Cost Structure:
    • Scales with the size of your systems and networks
    • Offsets day to day costs of owning and managing on-premise hardware and software
  • RTO:
    • Immediate, based on Internet availability
  • Admin:
    • Providers typically include standard server admin and management, reducing local need for IT resources
    • Application and data management are similar to on-premise systems
    • Backup/restore capabilities are still recommended to protect against application and/or human error.

Bottom Line on Preparing Your Business for Hurricanes and Storms

Using these models as a guide, you can select a solution that balances cost, convenience, and complexity against the operational needs of your business. We’re happy to help you come up with the best plan to prepare your business for hurricanes based on your budget and needs.


Want to setup or improve your disaster recovery/business continuity capabilities? Contact us for a free, no-obligation consultation.


 

When the Single Point of Failure Actually Fails

 

While the heavy, wet snow continues to fall and cling to the power and fiASA5505ber optic lines in our area, today’s Internet outage was not due to the first real storm this winter. Being fully in the cloud, any Internet outage could be a disaster, bringing business to a halt. In reality, the “single point of failure” really isn’t. True, we do not have multiple routers. Nor do we have multiple broadband connections.  What we do have, is the ability to work over any form of Internet connection. Here is our case study (still in progress).

Late yesterday afternoon, our trusted Cisco 5505 stopped working. Poof. Red Status light on; activity lights on the embedded switch ports blinking; no traffic. A few reboots and a few attempted hard resets later, we are still not working. A quick call and discussion, and our Cisco guru tells us “it’s a brick”. Covered by warranty and a solid support/service plan, a new unit will arrive in several days. In the meantime, we must continue to service our customers.

Quick Fix

The immediate response is to get our staff connected to the Internet in any way possible.  A few mobile hotspots activated on our phones and one MiFi device booted up, and we are back in business. Performance is acceptable, not great, and we will plow through our data plan, but we are in business with only a few minutes disruption.

Interim Fix

Our FiOS service enters our office through a service unit that converts the Fiber to Gigabit Ethernet.  We split this signal through a switch to 2 routers — one provided by our VoiP service and the FiOS router/cable modem that comes with our service.  The now dead Cisco ASA plugs into the FiOS router.

Why two routers in sequence? Having 2 routers in sequence creates a physical DMZ: a network that can receive traffic from inside and the outside while letting us stop traffic from going all the way out or coming all the way in. It’s “old school” as virtual DMZs are the trend.  We use the DMZ and the FiOS router for a guest network and wireless.  Guests can gain access to a physical or wireless connection while staying completely outside our secure network. The Cisco ASA, at the secure end of the DMZ, manages our inbound traffic, NAT, and legacy DMZ services (let over from the days when we had a few systems on-premise and needed remote access). Our secure WiFi runs off a Cisco/Linksys WAP inside the secure border of the ASA router.

With a few minutes of work, we reconfigured the FiOS router, removing the DMZ and mimicking the settings and security configured in the ASA.  Moving a few wires, we are up and running until the new ASA comes in.

Lessons Learned

Our focus has always been on the FiOS service as the single point of failure at greatest risk.  Outages have traditionally been short and as we have been able to adapt by using hotspots, MiFi, and working from home or other locations, we have not seen the need to bring in another ISP as an alternate service. The ASA failing was never really a consideration.  The box is not yet out of warranty and our prior Cisco routers lasted much longer than the 5 year extended warranty (we upgraded for features, not out of necessity).

Not having seen this scenario coming, we had to rebuild the FiOS router from scratch. Going forward, we have now saved this “emergency configuration” for future use.  Once our new Cisco ASA arrives, we will create an emergency configuration that will let us remove the FiOS router from the network.  Finally, we will build a configuration for the Cisco/Linksys WAP, as this has routing features and could replace the FiOS router in a pinch.

The biggest lesson, however, is the value of a cloud-based infrastructure with respect to business continuity. Storm or no storm, hardware failure or not, we know that we will always have options to keep our business up and running. Even when the “single point of failure” happens to fail.

Cloud Resiliency: Overview, Benefits & Steps for Implementation

business resilienceWhat is Resiliency in Cloud Computing?

In today’s rapidly evolving digital landscape, where businesses increasingly rely on cloud computing for their critical operations, the need to ensure uninterrupted services and data availability has become paramount. This is where “Cloud Resiliency” steps in as a fundamental aspect of modern IT strategy.

Cloud resiliency refers to the ability of a cloud-based system or infrastructure to withstand and recover from unexpected disruptions, whether they arise from hardware failures, software glitches, cyberattacks, natural disasters, or any other unforeseen events. It involves designing and implementing a robust framework that can promptly detect issues, gracefully handle failures, and swiftly restore normal operations without significant downtime.

The unexpected will happen. It is inevitable. Sometimes the unexpected is a good thing. In technology, the unexpected is usually bad.  It may be small … or big … or catastrophic.

Part of our role as IT professionals is to expect and prepare for the unexpected. We backup data so that we can restore files that are accidentally deleted, overwritten, or damaged.  We backup systems so that we can recover them in case of hardware or software failures. Many business designs and implement disaster recovery plans. These plans provide the means for companies to recover from larger incidents, ranging from burst pipes and building fires to blizzards and hurricanes.

In recent years, the focus has been on “Business Continuity” planning. Business continuity intends to prevent disruption to operations, even in the face of larger incidents or disasters. While great in concept, most small and mid-size enterprises cannot afford to fully duplicate systems in redundant data centers and provide alternate work sites for employees.

Cloud Resiliency in Business

Business Resiliency is based on the objective of enabling a business to continue (or rapidly resume) operations with some accommodations.  In other words, you may not be running 100%, but you will be running soon enough and well enough, given the situation. Resiliency is about bending without breaking.

Consider Hurricane Sandy which devastated parts of the US Eastern Seaboard.  Many businesses were physically destroyed by the flooding. Many others were shut down by the indirect effects of the flooding as some areas along the coast lost critical infrastructure — including water and sewer. Businesses left physically intact but without power for days considered themselves lucky as some areas waited months for reconstruction.

Consider the ice storms and blizzards throughout the Northeast US in recent years.  For many businesses, the only disruption was loss of power.  And while in many of the storms, outages where generally localized, some businesses went without power for as long as three weeks.

The same holds true for businesses in “tornado alley” in the Midwest. A tornado may leave your business unscathed, but it may take days or weeks for power and water to be restored.

In each of these scenarios, backup/restore/recovery is not enough to get the business back up and running. And, again, most small and mid-size businesses cannot afford to maintain disaster recovery systems and sites.

Benefits of Cloud Resiliency

Cloud resiliency offers a wide range of benefits to businesses and organizations that rely on managed cloud-based services and infrastructures. These advantages contribute to the overall stability, availability, and security of digital assets, ensuring uninterrupted operations and safeguarding against potential disruptions. Here are some key benefits of cloud resiliency:

  1. High Availability: Cloud resiliency ensures that critical applications and services remain available even in the face of hardware failures, software glitches, or other unforeseen events. Redundancy and failover mechanisms enable seamless transitions to backup systems, minimizing downtime and maintaining continuous access for users.
  2. Disaster Recovery: Resilient cloud architectures provide robust disaster recovery capabilities. Regular data backups, real-time data replication, and well-defined recovery processes allow businesses to recover quickly from data loss, cyberattacks, or natural disasters, minimizing potential data and revenue loss.
  3. Reduced Downtime: With cloud resiliency in place, businesses experience reduced downtime during system failures or maintenance activities. Quick detection and automatic recovery mechanisms help prevent prolonged service interruptions, enhancing productivity and customer satisfaction.
  4. Business Continuity: Cloud resiliency ensures business continuity by allowing organizations to maintain essential operations even during disruptive events. Critical business functions can continue operating, meeting customer commitments and minimizing financial losses.
  5. Cost Efficiency: While implementing cloud resiliency may involve upfront investments, it ultimately proves cost-effective in the long run. The ability to prevent extended downtime or data loss reduces potential revenue losses and protects a company’s reputation.
  6. Scalability: Resilient cloud infrastructures are designed to scale dynamically to meet changing demands. As businesses grow or experience fluctuating workloads, the cloud resiliency framework can seamlessly adapt, ensuring optimal performance and resource utilization.
  7. Enhanced Security: Cloud resiliency often goes hand-in-hand with robust security measures. Proactive identification and mitigation of vulnerabilities help protect against cyber threats and unauthorized access, safeguarding sensitive data and intellectual property.
  8. Improved Customer Trust: Reliability and continuous availability of services build trust with customers and partners. Knowing that their data and operations are in safe hands, clients are more likely to choose a resilient cloud service provider, giving businesses a competitive advantage.
  9. Regulatory Compliance: Resilient cloud architectures often adhere to industry-specific regulations and compliance requirements. Meeting these standards is critical for businesses operating in regulated sectors, ensuring legal adherence and avoiding potential penalties.
  10. Faster Recovery Times: In the event of a disruption or disaster, cloud resiliency enables faster recovery times compared to traditional on-premises solutions. Automated recovery processes and failover capabilities reduce the time required to restore services and operations.
  11. Geographical Redundancy: Resilient cloud infrastructures can be distributed across multiple data centers in different geographic locations. This geographical redundancy further enhances data protection and disaster recovery capabilities, minimizing the impact of regional outages or natural disasters.

Cloud Resiliency Requirements

Achieving cloud resiliency involves careful planning, robust architecture design, and the implementation of various measures to ensure the system can withstand and recover from unexpected disruptions.

Most businesses can afford to move IT systems into cloud computing and hosted solutions.  And in doing so, businesses can affordably build resiliency.

With all of these disasters, you did not have to travel too far inland to be out of the damage zone.  Businesses with on-premise equipment had to purchase and wait for delivery of replacements, rebuild their systems, and (hopefully) recover their data from their off-site backups. Certainly doable, but costly and time consuming.  It can take 2 to 4 days just to get the equipment in place and ready to restore.

Businesses in the cloud faced a different scenario and outcome. Moving to an area with power and Internet, businesses running in the cloud were up and running in hours (some in minutes) and some were never “down” at all.

Take the Next Step Today to Implement Resilience in Your Cloud Computing Strategy


To discuss how cloud computing can improve the resiliency of your business, contact us for a no-obligation conversation or click here to learn about our RestartIT solutions.


 

 

 

In IT, Every Season is Hurricane Season

Hurricane
June 1st is the official start of Hurricane Season for North America. Every year, we hear predictions for the number of storms and the number of major storms expected to hit landfall here in the U.S. And yet, every year we seem to over-prepare for storms that never become a major problem and under-prepare for storms that become truly dangerous.

Such is the life for IT Hurricanes

Unlike physical hurricanes that can cause power and system outages, IT “Hurricanes” are climate changes that impact your business, and its IT needs and priorities.

As with physical hurricanes, IT Hurricanes often start out as smaller disturbances that are seen and identified well in advance. Some lose their energy and dissipate, some get carried off by changing currents, and some turn into storms.

Even with the advanced notification, dare I say warning, we often struggle to assess the size, scope, and impact of IT Hurricanes until just before they are about to hit. All too often, IT Hurricanes gain unexpected power and momentum as they approach landfall. Decisions on how best to prepare are often made too late for effective planning and execution, leaving IT staff scrambling to mitigate the impact and repair the damage.

For many businesses, our infrastructure and systems are not well-prepared to withstand IT Hurricanes. They are too rigid to adapt to changing winds and tides, too difficult to move to a safer place, and/or unable to withstand the tidal surge of change forced upon us.

Look to the Cloud for a Better Way

Rather than just focusing on improving our warning time and how well we can predict the direction, size, and strength of IT Hurricanes, we should create IT infrastructure and systems that can adapt to changing conditions more easily, with less time required.

Moving to cloud solutions can …

  • Simplify your IT infrastructure — your network and systems — making it easier and less expensive to adapt to changing currents
  • Reduce the amount of capital captured in physical assets with sunken costs that resist change
  • Let you raise or lower you capacity and utilization as needed to ebb and flow with the tide of your business
  • Add, or modernize, applications and systems without having to airlift in a solution
  • Improve mobility, so your team members are never displaced by geography or device
  • Provide a platform, that lets you create an IT ecosystem for your business focused on the future and not the past

While cloud computing cannot prevent IT Hurricanes, cloud solutions can help mitigate the impact and make it easier for you and your business to adapt and respond. After all, staying ahead of the storm is better than having to pick up the pieces.


Using the Google Apps for Work ecosystem, our CumuluSuite packages provide cloud computing platforms that are easily customized to keep you out of the storm.  Contact us to learn more.


 

Changing the Focus on Backup Protection

Recovery-Point-Objective-RPO
As we’ve stated before, “Backup is easy; Recovery is hard”.  Every business should, at this point, understand the risks of poor data backup and protection. The risks come from the types and amount of data that is lost and, if it can be recovered, how long that recovery takes. And remember, recovery often takes more effort than simply restoring files from a backup set.

Perspective = Priority

When looking at how well your backup system is protecting your business, two factors should be top of mind:

RTO: Recovery Time Objectives — How long will it take to return to normal operations. RTO is not just the time it takes to load your data back onto your systems, RTO includes the time it takes to repair and recreate damaged information and data created or modified since the last backup.

RPO: Restore Point Objectives — Your RPO determines how much data you are willing to lose, or can afford to lose. Most small and mid-size businesses backup daily. On average, a system failure will result in half a day of lost data. For an office worker editing a report, this is traumatic and inconvenient. For a manufacturer or retail business, half a day can represent hundreds or even thousands of orders and financial transactions.

As always, quicker RTOs and smaller RPOs come with trade-offs.  Recovery methods like image snapshots, for example, can provide rapid RTOs and small RPOs. In exchange, you are likely losing granularity — the ability to recovery individual files.

Understand the reasons  you are protecting your data.  Protection from system failure, in which you need to recovery a full server, lends itself to imaging and other snapshot methods.  Recovery of files or data lost to program error, malware, or user activity, needs a solution with granularity.

Start with an understanding of the type of protection you need and your RPOs and RTOs.  From there, you can pick the solutions (yes, you may want or need more than one method) for recovering data and your business.


We offer  a range data protection solutions, with a range of products, for on-premise and cloud-based data. Contact us for a free assessment of which type of solution is best for you.