Conducting a structured downtime business impact analysis (BIA) is the foundation you need to understand how…
“Downtime” – the threat to business continuity that every company fears most. Despite this threat, IT managers tend to grossly underestimate the causes and consequences of downtime. That’s why it’s essential to assess what can take down your datacenter, the damage it can cause, and what you can do to minimize this risk.
1. Determine internal and external threats
The threats to your datacenter can be both man-made or technological, accidental or intentional, and internal or external. Many threats aren’t even strictly IT issues.
About 90% of downtime is relatively controllable – from causes like planned maintenance – but the other 10% of unpredicted downtime tends to be significantly more damaging. Internal causes of unpredicted downtime include server power supply burnouts, a RAID controller crash, or even something as simple as an employee spilling coffee on a piece of hardware. Common external issues include power failures or natural disasters, but unfortunately, some uncommon causes must also be taken into consideration – after 9/11, companies located in big cities might take precaution against extreme external events, like terrorism.
2. Identify the probabilities
Is your city prone to blackouts or brownouts? Have other companies in your sector or on your profile been hacked recently? Is there a season where certain natural disasters are more likely to occur in your area?
Create methods of gathering reliable data on the probability of any scenario that can impact your company. This can usually be accomplished easily online, and can even be as simple as receiving automated e-mail alerts about severe weather.
3. Determine key issues within data security and compliance
Once you’ve identified how probable each event is, estimate how severe they would be if they happened. Would regulatory compliance be violated? Could the security of your data be put at risk? Not every common problem will have a severe impact on your company (like a power surge, if your company already has surge protectors). Meanwhile, some unlikely events, like Hurricane Katrina, could wipe your company off the map without reliable backups or a hot site.
Especially for industries like healthcare and financial services, downtime can lead to serious compliance violations. Unfortunately, any threat that puts the availability of your systems at risk can also put the security of your data at risk. In this case business continuity (BC) and disasters recovery (DR) solutions go hand in hand – availability issues will become both security and compliance issues.
4. Weigh the costs
Weigh the costs of downtime against the costs of different business continuity (BC) and disaster recovery (DR) solutions.
Some consequences are more costly than others, but this can be mitigated by prioritizing your critical applications and datasets. You can prioritize by determining the order that your data is restored after a crash, how frequently your backups occur (according to your recovery point objective, or RPO), and how frequently your data is replicated to a hot site. About 90% of downtime is caused by planned and predictable events, and with failover solutions in place these costs can be eliminated.
5. Develop protocols to quickly re-evaluate threats regularly
The threats to your systems are constantly changing. Simply taking on a new client can affect what servers must have 99.9% uptime, and running off of an old assessment puts your availability, security and reputation at risk.
Consistently reevaluate your IT environment and ensure that there are no holes in your DR plan. Did you add a larger workload to a pre-existing server, or were servers added to your environment? These also affect the threats to your systems, and how you should prioritize your data stores.
Finally, make sure your company knows the logistics of what will happen after a disaster occurs. For instance, if you must relocate during or after a disaster, you don’t want to find out the day of that there wasn’t enough bandwidth connecting you to the site for seamless failover.
For more information on how to assess the threat of downtime for your unique environment, contact us today at 317 – 707 – 3941 or use the form below.