Agenda for today’s session - Disaster Recovery …...Protecting your business against downtime and...

IBM Global Technology Services

Earthquake and Hurricane in the Northeast:Time to Rethink our Assumptions on Risk Richard Cocchiara, CTO, IBM Business Continuity & Resiliency Services

© 2012 IBM Corporation© 2012 IBM Corporation

IBM Business Continuityand Resiliency Services

Agenda for today’s session

2011 in review

The state of business resilience today

Taking a holistic approach

The future of business resilience and the role of cloud

Barriers to cloud adoption and considerations when

© 2012 IBM Corporation© 2012 IBM Corporation22

Barriers to cloud adoption and considerations when selecting a cloud services provider

Observations and recommendations


90% of WW BT resin supply stopped

The increasingly connected world has magnified the impact on every aspect of life, including its disruptions

The Iceland volcanic eruption cost airlines $1.7 billion with more than

10 million people affected

Visitors to Japan dropped 60% in April

BT Resin Shortage Mobile Circuit Production Issue

Decreasing Tourism

WW impact to Car Production

Car Parts Shortage

Nuclear Plant Explosion

Earthquake and Tsunami

Volcano

WW car production was down20-30% for some major auto

manufactures during April and May


Personal information leaks have cost millions of dollars, led to class action law suits, and damaged corporate reputation

10 million people affected

Hosting provider service outages affect PaaS and SaaS for other vendors

Airlines Discontinuation

Personal Information StolenClass Action Lawsuit

Downstream Service Provider DisruptionPlatform Outage

Flight Cancellation

Game site attacked by hacker

Servers shut down by human error

Hosting provider service outages affect PaaS and SaaS for other vendors


Globally and in the U.S., economic losses from all types of natural disasters are escalating rapidly; 2011 was a record year

Economic cost of natural disasters worldwide

Number of U.S. weather/climate disasters with economic impact greater than $1B

$115B

$190B

$280B

3 84.6 4

12

$14B*$33B** $8B

$52B


1980s(avg

per yr)

1990s(avg

per yr)

2010 2011 2005 2010 20112000s(avg

per yr)

3.8 4

1.2

$8B

*Hurricane Andrew $27B **Hurricane Katrina $125B; Hurricane Rita $16B; Hurricane Wilma $16; Hurricane Ike $27B

Sources: National Oceanic and Atmospheric Association (NOAA); Münchener Rückversicherungs-Gesellschaft, Geo Risks Research, NatCatSERVICE


U.S. implications: regional disasters had national scope and large metro areas like NYC were threatened like never before

In one three-day h i A il

Precipitation in the Ohio Valley stretch in April,

343 tornadoes struck from Alabama to Virginia

the Ohio Valley exceeded normal levels by 300%, causing flooding along the Mississippi River

Drought fueledHurricane Irene

d 3 l df ll

Photo: ISC NewsroomPhoto: Scott Olson/Getty Images


Drought fueled wildfires burned more than a million acres (400,000 hectares) in Texas alone

made 3 landfalls, with torrential rainfall and severe flooding; evacuation orders covered 2.3M people

Photo: agreenliving.orgPhoto: Reuters


2011 saw an unprecedented number of large-scale U.S. weather-related events that cost at least $1billion each

Flooding, summer

Drought, heat wave, spring/fall

g$2 billion

Tornadoes, July $1+ billion

Tornadoes, June$1+ billion

Tornadoes, April $2.2 billion

$10 billion $9.1 billion $10.2 billion

$7.3 billion

Blizzard, Jan/Feb $1.8 billion

Tornadoes, April

Hurricane, August

Tropical storm, Sept. $1+ billion


Wildfires, spring/fall$1 billion

Flooding, spring/summer $4 billion

Tornadoes, May

Tornadoes, April$3 billion

Tornadoes, April$2.1 billion

Source: National Oceanic and Atmospheric Association (NOAA)


Orange County, NY Director of Operations Richard Mayfield described Irene's effect in one word: "Devastating"


Main St.Washingtonville

Orange County, NY


Protecting your business against downtime and disruptions is crucial for competing in today’s marketplace

Would your company survive a major outage?

Increasingly high volumes of data, applications

Geographically-dispersed facilities

Evolving industry and government regulations

Expectations and demands from stakeholders

Support continuous data and operational availability

Improve your competitive position and reputation

Improve operational efficiency

Reduce risk

Why you are increasingly vulnerable: Why a robust resilience solution:


stakeholders


Business resilience refers to the ability of enterprises to adapt to a continuously changing business environment

Business resilience helps organizationsBusiness resilience helps organizations maintain continuous operations and protect their market share in the face of disruptions such as natural or man-made disasters.

It requires the engagement of everyone in the organization and often means a change in corporate culture to instill awareness of risk.


Business resilience planning is distinguished from enterprise risk management (ERM) in that it is more likely to build capacity to seize opportunities created by unexpected events.

placeholder


The 2011 IBM risk study showed that companies value the need for risk management planning and execution

Well-crafted and communicated plan

Disagree NeitherAgree

53% 29% 18%communicated plan

No formal plan, but plan to develop one


No formal risk management function


53% 29% 18%

30% 53% 17%

30% 59% 11%

2011 2010


Risk management on the rise:In the 2010 study, 42% said they had no formal risk management function.

2011 2010

Source: 2011 IBM Global Business Resilience and Risk StudyStudy comparison: 2010 IBM Global IT Risk Study


From traditional challenges … … to better outcomes

Effective risk managed requires a holistic approach to better manage risk, security and compliance across the enterprise

S it b h d b iEver-increasing security and resiliency threats

Security breaches and business disruptions are mitigated automatically

Unexpected downtime that throttles business performance

Continuous business operations are maintained with a responsive and highly available infrastructure

Inability to meet regulatory and industry requirements associated

ith it d ili

Regulatory and industry requirements are addressed with confidence


Foundational capabilities

Integrated risk management | End-to-end security | Business continuity and resiliency

with security and resiliency


Risk management

Start with a plan that takes a structured approach to assessing business and IT risks

Align and integrate IT risk into the business’ enterprise risk management framework

Identify key threats and compliance mandates

Implement and enforce a risk management process

ggovernance methodology


g pand common controls framework

Execute incident management processes when crises occurs


IBM offers a comprehensive approach to achieving resilience that extends across the enterprise

Resilience FrameworkBusiness

drivenData

drivenEvent driven

Links IT service delivery to business objectives with an expected level of service

Provides a holistic view of IT service delivery and links the impact of the risk to business value

Provides a model for defining and integrating IT service delivery

l t t hi t t i

Strategy and vision

Organization

Process

Applications and data

Technology


elements to achieve target service levels and risk tolerances

The ability to deliver total resilience is no greater than the minimum resilience capability at any one of the layers — “the weakest link in the chain”

Facilities


The need to protect applications and data is the overriding concern for most organizations

What constitutes an organization’s business resilience strategy?

Data and application security

Data protection

Infrastructure security

Security governance and risk management

85%

79%

77%

75%


Identity and access management

Compliance management

74%

69%

Source: 2011 IBM Global Business Resilience and Risk Study


RPO=near zero, RTO <1min, AutomaticServer/Workload/Network/Data SYSPLEX

Continuous Availability

Of course, not all applications and data require the same levels of recovery — or the same level of investment

ighe

r

RPO > 15 min. RTO= 4+ hours, Manual PiT or SW Data Replication.

RPO=Near zero, RTO <1Hr. to 4 hours, AutomaticServer/Workload/Network/Data Automatic Site Switch

RPO=Near Zero, RTO <1Hr. to 4 hours, ManualDisk or Tape Data Mirroring

Multi-Site Failover / Fallback

RPO=4+ hours, RTO=8 to 24 hours, ManualData Base Log Replication & Host Log Apply at Remote

RPO<24 hours RTO=8 24 hours

Active Secondary Site

HC

ost


Recovery Point Objectives (RPO) & Recovery Time Objective (RTO)

Minutes Hours

Point-in-Time Backup to Tape / Disk

RPO<24 hours, RTO=8-24 hours Electronic Tape Vaulting

Site

Days

Low

er

RTO=>24 hours, RPO=24 hours Hot Site & Tape

RTO=Days, RPO>24 hoursTape, HW ATOD


Cloud computing-based resiliency offers an attractive alternative to traditional disaster recovery in terms of cost and performance

IT: proactiveBusiness: proactive

CloudcomputingBusiness

continuity

Businessresiliency

Virtualized model

Recovery time:seconds or always up

IT: proactive Business: reactive

Recovery time: minutes or hours

IT: reactiveBusiness: none

Recovery time:


Syndicatedhardware

DedicatedhardwareDisaster

recovery

Shared recovery model

Traditional recovery model

days or weeks


A range of cloud resiliency solutions are available to meet the varied needs of mission- and business-critical applications

IBM SmartCloud

System and Data Mirroring

System and Data Failovero

n P

erfo

rman

ce

IBM SmartCloud

Archive

Co

mp

lian

ce

IBM

SmartCloud Virtualized Server

Recovery


System and Data Restore

(imported media)

Availability

Ap

plic

ati

o

Retention

Dat

a C

SmartCloud Managed Backup


In the 2010 IBM Global IT Risk Study, cloud for business resilience and risk management was viewed as risky

Study comparison: 2010 perceptions of cloud

Extremely risky/risky

Somewhat risky

A full 77% of 2010 study

respondents viewed cloud as somewhat to extremely risky

42%

35%


Moderately/not at all risky

42%

Source: 2010 IBM Global IT Risk Study


In our 2011 study, we’re seeing that organizations are still cautious, but that they see the value of moving to cloud

Offers promise once technical and security issues have been addressed — 28%

Study comparison: 2011 perceptions of cloud

addressed — 28%

Benefits outweigh the risks — 21%

Traditional methods are best — 6%

IT execs will never give up control of data assets — 5%


Data security risks are too great — 21%

Key strategicaspect of risk management — 18%

Source: 2011 IBM Global Business Resilience and Risk Study


Here are some of the potential barriers to the adoption of cloud-based disaster recovery

Concerns about security, compliance, and control issues in the cloud

Questions about whether applications will seamlessly run in a cloud environment

Perception that there isn't a trusted vendor in the market offering the service

Concerns over bandwidth requirements


Lack of buy-in from either IT or business leadership or decision-makers

To learn more, visit the IBM booth to see the results of a recent study conducted by Forrester Research: Cloud-Based Disaster Recovery Barriers And Drivers


By selecting a trusted cloud-based disaster recovery service provider, you can move beyond the barriers to cloud adoption

Web portal access with fail-over and fail-back capability facilitates improved control by DR professionalsp y p

Built-in support for disaster recovery testing builds confidences and refines DR plans

Tiered service levels optimizes application recovery times

Support for mixed and virtualized server environments improves control


Global reach and local presence enables bandwidth savings

Support for migration from and co-existence with traditional disaster recovery methods eases transition


Observations and recommendations

Cloud computing is a disruptive change to the C oud co put g s a d s upt e c a ge to t eway IT services are delivered, backed up and restored

Without a strategy, Cloud computing can seen as a threat to the IT team


With a strategy, Cloud computing is a huge opportunity for the CIO and IT team



Thank You!

Date post:	25-May-2020
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times

Agenda for today’s session - Disaster Recovery …...Protecting your business against downtime and...

Documents