All systems go

As the pressure to provide around the clock availability mounts, Dave Adams looks at some of the options among managed hosting service providers in the UK

Organisations are under an increasing pressure to provide absolute availability of services, around the clock. In the Twitter age even a short outage can lead to a major corporate embarrassment. As a result, the managed/hosted services model is an attractive option for organisations seeking to meet recovery time and point objectives.

If an organisation needs to recover quickly, a move away from a manual or tape-based solution is a logical step, but can be expensive if run in-house. The alternative is to work with a service provider that is able to offer the required capabilities at lower cost. New technologies themselves are also boosting this trend. Fast, reliable broadband and network links, better storage solutions and more widespread use of virtualisation and cloud computing have all encouraged organisations to stop using large-scale recovery sites, using more remote working and more flexible IT facilities within service providers’ datacentres instead.

Business continuity specialist Phoenix provides a range of business continuity services to insurance/reinsurance could now access its data in the aftermath of a major continuity incident far more quickly than was possible using a tape-based solution. “We decided against having full replication of live services as there was not a business requirement for it, but it’s good to know we can get to that data so quickly compared to tape,” says Miller’s head of IT David Garwood.

The Phoenix solution also includes a virtual desktop staff can access from home. With 73 key staff using facilities at the disaster recovery site and 100 more working from home, just over a third of the company’s staff would have access to the full network, in contrast to the previous arrangement, where 90 per cent would be unable to access any systems.

James Carver, commercial director at Onyx Group, outlines some of the different strategies his company’s clients are pursuing. Users from the financial sector – especially hedge funds, brokers and asset managers, have particularly high availability requirements and onerous compliance obligations, so opt for full replication, with monitoring services and near real time switchover. The choice of managed service proposition is based on a consideration of RTOs, RPOs and risk profiles for different parts of the infrastructure. Companies may choose to use dedicated servers managed within the datacentre, or within virtual machines in the cloud, or in dedicated machines in the cloud. In each of the two latter scenarios cloud offers the capability to scale up or down as business requirements change. Others may keep their systems on premise, but use Onyx’s online data back-up services, or subscribe to virtual servers to be used in the event of an incident.

Mike Osborne, managing director at the business continuity unit for Phoenix, says his company is now doing more business with a greater number of smaller companies than in the past, alongside the much bigger organisations in its client list. Lloyd’s syndicate Marketform, which employs about 150 people, has replaced a tape-based recover system with a new solution designed by Phoenix. It has used a Netapp Storage Area Network (SAN) already in situ at Marketform’s London offices to create a SAN to SAN SnapMirror replication solution, with the second SAN located at Phoenix’s facilities in the West Midlands.

David Gissinger, head of IT at Marketform, explains that when using the previous system created when the company was smaller and produced far less data, RTOs had reached seven days, in part because it took around three days just to extract data from the tapes before full recovery processes began; and because recovery was based on a ‘big bang’ approach, bringing everything back at the same time. A phased Implementation of the Phoenix solution, just part of a broader review of the company’s business continuity and DR arrangements, will be completed in June. The initial target for RPO is six hours, but the company hopes to reduce that further. The prioritisation process that will determine RTOs for each of its business solutions continues.

One reason cloud-based solutions are cost-effective is that they can hold data much more efficiently. Osborne says Phoenix is capable of reducing the effective size of data by up to 70 per cent through the use of compression, encryption and common file elimination. With a cost per GB of storage, cost savings for 100GB of data reduced to 30GB are significant. Another reason why this is possible, he points out, is that while in the past around 70 per cent of an organisation’s data would be important and 30 per cent would be flotsam and jetsam generated by users, in an age of BYOD and all manner of extraneous online activities those proportions have all but reversed in many cases. This can make it harder to segregate important data that the business actually needs, so companies have ended up having to back up everything. Helping clients sift through data to find out what needs the most protection is another increasingly important task for service providers.

For some organisations the use of managed services for business continuity functions may be part of a broader IT outsourcing strategy. SunGard Availability Services is providing a series of services to logistics services company Transics, helping the company to develop a new, more efficient and cost-effective IT platform. It also now provides Transics with a recovery data centre, thus increasing system and data availability and resilience.
Koen Uyttenhove, vice-president, customer services, at Transics, says the company has always followed the doctrine of managed services, but had reached a stage in its development where it felt the use of shared cloud infrastructure had become too risky from a systems/data availability and reliability perspective. “We wanted a dedicated infrastructure, but with the ability to scale up very fast,” he says.

Organisations that seek to use cloud technologies must take all necessary precautions to ensure that data in the cloud is stored in accordance with all relevant compliance requirements. It can be hard to obtain assurance proving a cloud provider can provide the necessary security, but simply encrypting data properly before it leaves in-house systems wipes out a host of security issues immediately.

Chris Ducker, head of proposition marketing for Europe at SunGard Availability Services, dismisses suggestions that using these services increases risk by making companies over-reliant on the service provider, or adding complexity to business continuity processes. “I think actually things are becoming simpler: customers are looking to us to help them pull together the whole business continuity structure and bringing in people who are experts in those fields,” he says. “With better visibility control is increased and risk reduced.”

Osborne agrees, although he does warn companies to consider practical difficulties that could arise if the business continuity strategy is not effectively integrated. For example, this may mean that getting encrypted data out of a cloud-based back up, decrypting it and transporting it to recovery facilities could take at least as long as use of tape-based recovery.

The biggest practical issue of all is cost. Although most industry observers agree that business continuity budgets are now loosening after several years of relative austerity, the most important priority for organisations across all sectors is to try to do more with less. The flexibility and range of service options that managed services based on cloud and other advanced technologies means many organisations have actually been able to break out of the old procurement cycles for business continuity and disaster recovery technologies, claims Mark Thomas, solutions architect at Databarracks. It seems that the additional flexibility that new technological options offer to companies and organisations of all kinds, enabling multiple different service models to be developed, should help ensure the trend towards increased use of managed services increases for the foreseeable future.

Download this article as a PDF

Contact the editor

    Share Story:


Modelling and measuring transition and physical risks
CIR's editor, Deborah Ritchie speaks with Giorgio Baldasarri, global head of the Analytical Innovation & Development Group at S&P Global Market Intelligence; and James McMahon, CEO of The Climate Service, a S&P Global company. April 2023

Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.