Storing files in the cloud is already a common practice among web users. Google, for example, allows you to save documents, pictures and other data from anywhere with an internet connection. So, start editing a Word document at home and bring it to work has become more simple: just send to a server and access it without having to walk in the company with pen drives from one side to the other.

In January, when the Megaupload was closed by U.S. authorities, many users felt hurt. Not because of the fact that copyrighted files were taken from the network, but because the service was also used to store information of legal users, much like the Google. Of a sudden, millions of documents and photos were lost when access to Megaupload was interrupted, and thus a cloud storage option was lost.

This event raised a question: how safe are the files that are stored in the cloud? Is there any guarantee that they will not be lost or if the cloud service is taken offline, as users can do to recover the holding?

For more sites and servers that can be closed, the cloud is hardly impaired. The cloud computing, as the internet, there is a system dependent on a single connection. The scenario that every cloud will disappear is practically impossible.

A single server can fail, but, according to the experts, the great cloud computing companies have plans for possible disasters. Large corporations have backup plans and disaster recovery plans in case of floods, earthquakes and other natural disasters. Thus, if more than one server is damaged, the files are stored on some other server as well, thus preventing users from losing their data.

Another concern is regarding the safety of the cloud. Not everyone feels confident when leaving important files with personal information stored in a place that they do not know exactly where it is, despite knowing how to access them easily. The biggest risk is not confidential data, but the possibility of losing data. If you rely on a single provider, you need evidence that they are keeping your data offline.

My recommendation is to make a second copy of your files elsewhere. It’s a good idea to save the data on your own computer, for example, to avoid losing important data.

And cloud computing as described in a word, “the other side of the cloud world (at the side of the Internet) using the huge processing facility provided. Generic term for technologies that is, Cloud computing is classified into three types.

SaaS : A service that provides software services
PaaS : A service that provides a platform
IaaS  : To provide infrastructure services

Cloud Computing and BCP (Business Continuity Planning)

Cloud computing is one of the solutions to support the implementation of the organization’s business continuity.

All you need to achieve your organization’s business continuity, “responsiveness” and “resiliency”. “Responsiveness” refers to the ability to minimize the impact on business itself when damaged. For example, a large earthquake going on, etc. Perhaps it reduces the damage to the system. In addition, “resiliency” refers to the ability of the business to quickly recover even if it is affected by the disaster.

“Responsiveness” in order to avoid the disaster after earthquake, for example, base isolation system (is suppressed without affecting the equipment to absorb the shaking of an earthquake) will include measures such as using some non-combustible building materials in the server room.

In addition, “resiliency” as an example for a fast recovery solution using data replication technology. Should also have disrupted the original data, in that they allow activities that will be made available to recover data quickly.

Thus, the key to achieve the organization’s business continuity, “responsiveness” and “resiliency” is right in the improvement of cloud computing, this “responsiveness” and “resiliency” contribute significantly to have the power.

The second, Cloud computing, DR services are combined to provide a backup system (Depending on the IT service provider).

BCP is the answer to cloud computing?

Cloud computing is not a valid BCP, it is one of the options for establishing a highly effective disaster recovery service.

However, cloud computing is also a universal need that you do not know. The biggest concern is the black box of IT Services.

Organization, therefore, after considering the advantages and disadvantages of cloud computing carefully, we think the key is to consider the best measures.

Today, we will discuss about the criteria that managers of a company should consider to make sourcing decisions effective for disaster recovery.

Basic Considerations

• Continuous pressures of senior management to improve the promptness of the recovery in times of tight budgets are forcing many companies to evaluate all the alternatives of data center services to reduce cost and risk of recurring recoveries.
• Fierce competition between providers of disaster recovery (DR) is causing a reduction in the price of services for customers who choose to evaluate the alternatives of service before the expiration of their current contracts.
• The more diverse the platform (e.g., combinations of Z and P series IBM, along with the heritage of midrange systems, UNIX, Linux and Windows), the more likely the continued use of rehabilitation services providers represents a more realistic approach to maintain a policy of mitigation consistent.

Recommendations

• Determine the changes in service and infrastructure necessary to meet Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs) in 24 hours or less, is most important.
• Before the expiry of current DR contract, analyze alternative service provider to find out what is the best option to manage the service levels required for recovery.
• Manage the expense of disaster recovery to ensure that the infrastructure, processes and human resources are necessary to achieve and maintain the goals of RTO and RPO of applications that are available.

WHAT YOU NEED TO KNOW

In the last three years, we have seen several clients doing analysis of DR services long before their contracts expire. It is increasingly common because vendors want to know (up to six months in advance) if the service contract will be maintained or end. If a company chooses the second option, it is important to ensure that the transition from old to new provider should be performed promptly.

Due to the inherent complexity of web applications and the continuing effects of changing data centers, the need for a longer period of testing is also included in the essential criteria for an analysis of alternatives, especially for the evaluation of alternative demand and exclusive service.

ANALYSIS

In the last five years, a lot of people have started sourcing DR and emerging data center technologies like server virtualization and private cloud computing. These and other alternatives help to reduce the barriers of investment and operation for the use of disk-to-disk-replication, and have easy choices for specific services.

More important is that, many companies believe, a longer period of testing is necessary for IT to provide the best guarantee of recovery for complex services and applications online. This is because complex online applications require a higher level of dependence on software testing and data, mainly due to the accelerated pace of change in their datacenter. However, it is advisable to schedule a test period months in advance.

As these requirements keeps on changing, an increasing number of companies are starting evaluations of alternative DR before their current service contracts of DR expire. If a company decides to discontinue service, it is crucial to ensure that the process of transition from an old to a new provider  is defined and coherent.

However, simply evaluating alternative internal services, hosted or cloud-based does not imply a reduction in the cost of management. It is also important to ensure that the correct criteria is guiding the evaluation.

This include:

• Availability of data center for continues recovery.
• Availability of equipment and configuration of infrastructure required (for example., Server, storage and network).
• Support for failover (automated access to servers only when required) network services quickly, if necessary.
• Availability of production data in a period, consistent with the goals of RTO and RPO.
• Results of recovery tests consistent with RTO and RPO goals.

Choosing a disaster recovery services provider after doing proper research is clearly a more appropriate choice.

However, it is more likely that you may need more than one provider for effective management of recovery. For example, an external provider host may be the logical choice for the case of continuous availability of data center, a direct supplier of equipment is the most appropriate alternative for IT infrastructure equipment, the simultaneous use of multiple telecommunications providers is the best option for failover of network services, as well as test management, as it has professionals with practical knowledge of business applications and the priority of data recovery, and better understand what levels of recovery test will be effective and consistent.

At the same time, we found that the mix of internal computing platforms can often play a key role in determining the most viable approach. In conversations with customers, we found that the more diverse the mix of platforms, the easier it will define which vendor best suited to the case. This is because the task of providing hardware systems for medium and large companies, as well as managing a data center for recovery is not feasible for many companies, which makes the traditional approach of separate services for disaster recovery much more practical.

Moreover, the growing use of server virtualization may also mean that a smaller number of physical servers can expressly be needed in the recovery of a site to keep the workload of a specific application balanced. Regardless of how diversified is the corporate computing environment, certain issues should always guide sourcing decisions.

They are:

• The choice of sourcing basically need to provide the means by which levels of RPO and RTO services are effective and predictable critical applications are defined and maintained.
• We recommend that companies should use the 80/20 rule pragmatically to ensure that current budgets are allocated to support DR infrastructure, processes and human resources needed to achieve the goals of RTO and RPO, and at least the most important applications.

Ideally, the choice of sourcing should be based on a combination of sensible economic criteria of effectiveness and efficiency, as well as technology and vendor-specific advantages and disadvantages of management operation.

Often the question arises as to what stage of maturity must be in the company and its IT infrastructure in order to use cloud services. The answer is simple. After all, the main goal of transition to cloud – is to increase speed access to the service with minimal management effort. With cloud, small companies can  minimize the cost of purchasing the equipment, licenses, salaries of IT staff, and large and middle – make it possible to improve the reliability of the information assets and quality of interaction with customers and partners.

Stairway To Heaven

The transition to cloud services for the well-established IT infrastructure, at first glance, may involve significant financial costs and risks. However, the path to the cloud can be phased. And then there will be an opportunity to assess the effect of each stage and develop a future strategy.

If the company has a geographically distributed structure to information assets given on different territorial areas, the first step on the path to the cloud will be consolidation, minimizing the points of concentration of information resources. A good option might be to create a single data center based on the parent company or central office (ideally should think about creating a backup data center for disaster recovery). Consolidation of resources within a single center will improve the reliability of information systems, cloud providers will provide a higher level of safety and reduce maintenance costs components of the IT infrastructure at branch offices.

The next step might be to move to energy efficient technologies. Virtualization (not just dedicated server, but also jobs, applications, and disk space), in addition to direct cost savings on hardware, software and maintenance costs, allow to abstract business applications and data from the physical execution environment. At the same time it will set the stage for easy transfer of information assets (both within the IT infrastructure of enterprise and beyond) and their transfer under external management.

A physical model representation of IT enables businesses to move to a service-oriented management, that is to have the board not the individual components of IT infrastructure and business services. In this model, be crucial to standardize the quality requirements of service (SLA), on which there is a choice on provider of IT services. They can be both internal IT service and external service providers. In the presence of SLA, it can be easily transferred or shared services between providers, which allows us to create a cloud services.

Considering the way to the clouds is not the only possible variations. In any case – if passed this way until the end or the company decides to stop at any step – at every stage they can learn for themselves both about economic and qualitative benefits.

Large or small, every successful company must ensure that your data and information are protected in the best possible way. If already decided to outsource the data center, check that the company has hired a disaster recovery plan on a higher priority. Thus, even if there is any incident, the recovery of all the intellectual and strategic customers will be assured. Otherwise, everyone’s life becomes a nightmare.

There are few businessmen who feel that there is no need to hire a service of DRP, or a disaster recovery plan. Mainly because it takes time and investment. Only if the loss of information happens, it is invaluable. At worst, the company may go bankrupt.

In recent years we have seen many reactions to the nature of global warming, resulting in floods, fires, earthquakes, etc. invasion of urban pests. Poorly managed cities, then, without enough points for the flow of water, are the first to have their homes and businesses flooded. Not to mention the security problems with assaults that are multiplying. Sometimes the criminals are behind cables and wires and end up destroying an entire heritage.

In short, the business continuity plan analyzes each company area and points, including the most vulnerable areas. It is important to indicate where you can count on a secure storage to install, if any, the system of information security, facilitating the back-up journal.

In addition to these incidents, disasters in technology also relate to data loss due to domestic spying, viruses, blackouts, and – very importantly – human error. Imagine running out of a machine for more than ten days. Financial losses may never be fully restored. Contracts can be broken, unfulfilled agreements, deliveries not made, there may be delays in payments to suppliers and employees … All because they did not have a business continuity plan that provides for disaster recovery.

These are some nightmares that can be avoided when the company prioritizes the security of information and knowledge generated by their human capital. So the next board meeting, the smart entrepreneur should not forget to discuss proposals to outsource data center comprising a good business continuity plan.