Business Continuity
BSG's Business Continuity (BC) Service provides technology continuity management solutions to meet the individual needs of organisations
On this Page
The Service
BSG combines bespoke designs with pre-designed solutions for a range of common IT applications as follows:
| Bespoke IT Business Continuity Solutions |
Pre-designed IT Business Continuity Solution |
- WAN
- LAN
- R&D servers
- E-Business applications
- E-Commerce applications
- Other inward and web facing applications
|
- Internet connectivity
- Storage
- File and Print servers
- Messaging application including Microsoft Exchange
- Databases (Microsoft SQL and Oracle)
- Home / Remote access to applications in the event of a premises disaster
|
Business Continuity Overview
What would be the cost, per hour, of major systems downtime at your organisation?
In a recent survey1, organisations were asked this question, one-quarter did not know, but one-quarter said it would cost a minimum of £10,000 an hour:
| Cost Per Hour of system downtime |
Percentage of respondents |
| Up to £1,000 |
23% |
| £1,000 - £5,000 |
16% |
| £5,000 - £10,000 |
11% |
| £10,000 - £20,000 |
7% |
| £20,000 - £50,000 |
3% |
| Above £50,000 |
3% |
| Not sure (don't know how to calculate) |
25% |
1Source: Downtime costs money, Infoconomy / APC, 2004
Disasters impact businesses of all sizes.
"Roughly one third of all UK businesses had a security incident that involved loss of data (excluding viruses). A quarter had accidental system failures, of which more than half (55%) had more than one such incident.61% of companies took more than a day to recover from their system failure" 2
2 Source: Information Security Breaches Survey 2004 - DTI / PricewaterhouseCoopers www.security-survey.gov.uk
The benefits of an effective BC strategy include:
- Increased customer satisfaction - effective business continuity planning ensures the availability and efficiency of customer related processes in the event of an IT system failure.
- Leverages new technology - business continuity capabilities may facilitate new ways of working e.g. mobile working, home working.
- Minimises risk to business - business continuity minimises risk in terms of litigation, competitor, regulatory and compliance issues.
How Does It Work?
Any company that is serious about its business is forced to think about Business Continuity sooner rather than later and plan for, and implement, measures to ensure that its business:
- is resilient to a disaster (i.e. prevent the disaster from happening whenever possible);
- can recover after a disaster (i.e. repair damage and reinstate the business to predefined levels within the demanded timeframe).
The elements which are required to ensure business continuity for a disaster event, vary from one company to the next and depend on the following:
- Recovery Point Objective (RPO) - The maximum time before the disaster happens for which the business is prepared to allow data to be lost - i.e. the time between data back-ups.
- Recovery Time Objective (RTO) - The maximum time the business can tolerate a discontinuity of service. This can vary from minutes, for example when a cluster fails over from one server to another, to days while new equipment is supplied, and applications and data restored.
Based on the above, the following represents typical risk events and examples of the proposed BC mitigation:
TECHNICAL AND DATA:
| Risk |
Example Business Continuity Mitigation |
| Server hard disc failure |
Redundant disks within the server |
| Corruption of messaging database |
Creation of multiple mail stores and individual mail backups |
NETWORK INFRASTRUCTURE:
| Risk |
Example Business Continuity Mitigation |
| Power cut |
UPS and generator backup |
| Loss of data communications to the main company building |
Redundant data connectivity |
BUILDING PHYSICALS:
| Risk |
Example Business Continuity Mitigation |
| Fire in the server comms room |
Duplicate comms room and server infrastructure |
| Catastrophic loss of the main company building |
Stand-by office space |
When deciding on the type of BC mitigation for a business, variables which impact the RPO and RTO include:
- Speed of response
- Certainty of the solutions workability
- Mechanism to ensure solution availability
- Security
- Accessibility
- Flexibility
- Budget
BSG's BC design has three classifications:
| BC Clasification |
Acceptable Data Loss |
Time to Recovery |
| Alpha Solution |
Nil |
Maximum 1 hour |
| Beta Solution |
Up to 1 day |
4 to 8 hours |
| Gamma Solution |
1 day plus |
1 day plus |
Why BSG
BSG provides an established framework of consultation for BC design and proven delivery processes, which incorporate predesigned solutions and bespoke designs for IT business continuity. Because BSG uses business continuity design processes and solutions that are proven, our clients benefit from a solution that greatly reduces risk, whilst being highly cost effective.
Bespoke Application Assessment
All bespoke applications are assessed to ensure full data integrity during replication. This enables full testing of the BC system prior to the service going live. Should system administration intervention be required to fail over the system, the time to achieve this is defined within the Service Level Agreement for the BC service.
Resources and Experience
As your business continuity partner, you immediately have access to that wealth of resource and experience and can take advantage of our philosophy that everything we do is designed to be more cost effective than doing it yourself.
ISO27001
BSG attained the ISO27001, Information Security Management System (ISMS) certification for its data centre and managed hosting operations in 2002.
The most widely recognised security standard accreditation in the world, ISO27001 comprises ten detailed control disciplines including: information security policy, security organisation, asset classification controls, personnel security, physical security, communication management, access controls, system deployment, continuity planning and compliance.
These disciplines demonstrate BSG's ability and commitment to delivering the highest quality managed security services to customers, and its ability to guarantee the highest levels of assurance to individuals and organisations using or relying upon its services.