Cloud Technologies for Enterprise Risk Management
We live in a world where instantaneous access to information is taken for granted. We base our personal and professional activities on the ability to remain in contact with devices that provide us with the latest data available. Imagine how concerned and restricted we would be making informed decisions or contacting others should accurate and current information no longer be available during a crisis.
That is the everyday concern of business continuity professionals who are vested with the responsibility of providing uninterrupted information access. It is the job of these professionals to maintain the viability of the operational process regardless of the circumstances that may present themselves as an impediment to providing goods and services to those who depend upon them.
While there are many aspects of business continuity required to continue function under duress, one element is consistently required regardless of industry—the need for current and accurate information. We have seen the implications of massive data loss not only to corporations, but to the economy as a whole.
“Not only has cloud technology revolutionized the way we work, it has begun to solve the very serious problem of data loss”
When the World Trade Center fell, along with the loss of lives and property, there was an inordinate amount of lost data. Typically, backups were done on a nightly basis with information being copied to magnetic media and transported off-site to secure facilities via truck. Even organizations that used electronic backups typically transmitted information at prescribed intervals and therefore did not maintain a perfectly synchronized duplicate set of data.
The repercussions of this were almost disastrous to the U.S. economy when traders of treasury securities were unable to settle transactions. This occurred when data records were restored and large portions of information were missing. If one major brokerage failed to cover their position, there would be a domino effect that would have caused the collapse of the banking system (with banks acting as a clearing agent). The situation was so severe that the President of the Federal Reserve System, Alan Greenspan, went on national television to reassure investors that the federal government would maintain liquidity in the marketplace by providing interim funding.
The need for better backup became apparent
At the same time, remotely storing data was becoming an issue; the need to be able to access data from various locations became more important. Data sharing for the purpose of collaborative work presented another challenge that had to be overcome to increase efficiency. Finally, the use of a myriad of network based devices, smartphones, laptops, tablets, and watches created an opportunity to be able to increase productivity, safeguard information, and provide workplace flexibility.
Enter the Cloud
Cloud technology provides organizations and their employees with the ability to upload files in a safe place, download data from collaborators around the world, and access information on any mobile device that is connected to a network. Not only has cloud technology revolutionized the way we work, it has begun to solve the very serious problem of data loss and the consequences that we had seen associated with data loss.
The degree by which a cloud computing environment can help business continuity professionals safeguard and ensure availability of current data varies based upon the level to which one deploys a cloud solution. At the very basic level, the cloud provides a place for uploading data from any broadband device for safe storage. This means that at the completion of a transaction or task, the data reflected on the local copy (C-drive for instance) is replicated on a cloud based server. At the same time, the data is then replicated to local drives on whatever broadband device a registered user has linked to the cloud account. Thus, the issue of providing automated backup can be accomplished with minimal effort.
However, what business continuity professionals are seeking during emergency situations goes beyond simply creating viable backups. They are truly seeking a means that enables organizations to recover a complete image of each virtual machine used by clouds. This means data, applications, operating systems; i.e., everything on the server. This does require organizations to purchase guaranteed capacity to restore processing machines from your cloud provider. Such DraaS (Disaster Recovery as a Service) can be a cost-effective strategy in ensuring the ability to resume providing technology services, potentially at an alternate site.
Like all outsourced services, a strong level of vetting cloud service vendors must be undertaken. Security is a major concern, especially in light of some of the breaches that occurred at the startup of many of the providers. Breaches have been notable in the companies that have suffered them; Adobe, Knight Capital, Microsoft’s Windows Azure, and Healthcare.gov to name a few. In fact, one of the most notable penetrations, SONY’s PlayStation Network hack launched from Amazon EC2, was aided by hackers contracting for service that were previously used by SONY.
The other consideration is reliability and this can be as devastating as a security breach. Customers expecting to be able to have access to online services have less and less tolerance when those services are not available. Cloud based customers have suffered major outages including companies such as Virgin Atlantic Airlines, Google Docs, Microsoft Office 365, Reddit and Hootsuite.
Cloud computing has become part of the very fiber of technology solutions. Its role in creating more resiliency through automated backup and failover recovery has provided an alternative to conventional hostsites and company dedicated facilities. Businesses who find the comprehensive suite of services and the economic advantages appealing will still have to perform the due diligence to determine if cloud technology is an appropriate solution for them.
When CIO Means Chief Insight Officer
Implementing a Cyber-Security Program - The Journey of True Partnership with IT
Collaborative Comprehensive Information Technology Risk Management
ERM for All
By Chris Tjotjos, VP, Cisco Solutions Practice, Black Box...
By Laura Jackson, Sr. Manager-Risk Management, ABS Consulting
By Jason Cradit, VP of Information Systems, Willbros Group
By Steve Garske, Ph.D., Senior Vice President & Chief...
By Roman Trakhtenberg, CEO, Luxoft
By Renee P Wynn, CIO, NASA
By Mike Morris, CIO, Legends
By Louis Carr, Jr., CIO, Clark County
By Andrew Macaulay, CTO, Topgolf Entertainment Group
By Dominic Casserley, President and Deputy CEO, Willis...
By Dave Nelson, SVP-Portfolio Lead, Avanade, Inc.
By Michael Cross, SVP & CIO, CommScope Holding Company Inc.
By Pauly Comtois, VP DevOps, Hearst Business Media
By Dan Adam, CIO, Extreme Networks
By Matt Schlabig, CIO, Worthington Industries
By David Tamayo, CIO, DCS Corporation
By Scott Cardenas, CIO, City and County of Denver
By Marc Kermisch, VP & CIO, Red Wing Shoe Co.
By Brian Drozdowicz, VP, Digital Services, Siemens...
By Les Ottolenghi, EVP and CIO, Caesars Entertainment