02.09.15
by

Recovery Time is a Critical Element of a Financial Institution’s Business Continuity Plan

Data Recovery time is a critical part of meeting the FFIEC IT exam for financial institutions.

The Business Impact Analysis was a section added to the FFIEC (Federal Financial Institutions Examination Council) Business Continuity Planning Booklet in 2008. The Business Continuity Planning Booklet is one of 12 that, in total, comprise the FFIEC IT Examination Handbook.

Banking regulation

 

According to the FFIEC, a business impact analysis (BIA) is the first step in the business continuity planning process and should include the:

  • Assessment and prioritization of all business functions and processes, including their interdependencies, as part of a work flow analysis;
  • Identification of the potential impact of business disruptions resulting from uncontrolled, non-specific events on the institution’s business functions and processes;
  • Identification of the legal and regulatory requirements for the institution’s business functions and processes;
  • Estimation of maximum allowable downtime, as well as the acceptable level of losses, associated with the institution’s business functions and processes; and
  • Estimation of recovery time objectives (RTOs), recovery point objectives (RPOs), and recovery of the critical path

The last two points are of special importance. Being able to recover your data is not the whole issue. Being able to recover your data in a time frame that meets business objectives is critical.

As we have stated in our post Don’t Forget These Things When Data Backup And Recovery Processes Are Being Developed, a major part of the backup and recovery process is the physical network. To name just a few of the factors that impact the infrastructure design would be the frequency of the backups, the required time for the restore to be completed for effectiveness, the medium the data resides, the proximity of the backup location to the original site, etc. Networks may be under-powered to meet data backup and recovery requirements.

Recovery depends on more issues than just recovering from a catastrophic event. Data backup and recovery strategies must also meet company policies regarding regulatory requirements, data breaches, ability to respond to court orders, and more. This requires coordinated strategies and testing. Data Backup strategies must be planned and tested to assure all company requirements regarding data retention and recovery are met.

Outsourcing data backup processes is an approach that can be considered to have expert guidance from Data Backup specialist that know their field. Outsourcing to an American managed service provider is often the preferred choice; especially if the data can remain within the control of the company and only the backup and recovery procedures are performed remotely by the data backup and recovery MSP.

To discuss data backup and recovery processes further, as they apply to regulatory requirements, contact Salvus Data Consultants. Salvus uses Tivoli Storage Management (TSM) remotely to manage Data backup and recovery while you maintain control of your data.

01.28.15
by

Server Replication Using Cloud Computing Is Not The Total Solution for Disaster Recovery

Cloud computing is providing opportunities for faster disaster recovery processes. These opportunities are causing companies to leap before they they have considered all aspects and objectives of their Disaster Recovery processes.

Restore BackupWith cloud computing, the data backup can be accomplished by encapsulating the entire server through virtualization. Then this virtual server can be copied to the off-site location. This seems to be a very attractive alternative to the traditional method of disaster recovery due to its ease and speed. However, there are further considerations that must be considered.

Richard Cocchiara, who is CTO and the Managing Partner of Consulting for IBM’s Business Continuity & Resiliency Services states in an article called Cloud computing causing rethinking of disaster recovery “So in addition doing replication of data to another server, we still recommend backup because you can recover individual files to a point in time.”

There are real life situations that require the ability to “look back in time”. Data backup and recovery strategies must meet company policies regarding regulatory requirements, data breaches, ability to respond to court orders, and more.

Consider that data is not only to be backed up for protection of a catastrophic event, but, it also needs to be restored in different ways for different purposes and meet varying requirements. This requires coordinated strategies and testing. Data Backup strategies must be planned and tested to assure all company requirements regarding data retention and recovery are met.

When the term “cloud” is mentioned, we visualize an “all or nothing” scenario. We think that the data must be replicated to its backup site. We also imagine that the management of the DR processes and the data together must be in the cloud. But, these models are not the only that are possible.

In the case of data backup and recovery, for instance, the data can alternatively remain within the customer’s network and deployed off site at the customer’s choice location. The DR processes can be managed in the cloud. The data does not have to be in the cloud with the data backup administration. These two entities can be distinct.

There are Data Backup/Recovery Managed Service Providers that provide remote management of the Backup process, along with professional Disaster Backup and Recovery consultation. To further discuss the subject of cloud data backup and recovery management, contact Salvus Data Consultants.

 

01.13.15
by

The Internet of Things Creates the Demand for Big Data Solutions

The Internet of Things (IoT) is generating a demand for the management of Big Data. There is a need for data from specialized devices and applications be made available to business applications for increased corporate value.  Businesses are integrating these specialized devices and applications with core business processes for analytics and advanced business processing. This data is a mix of varied data types and has now become corporate data. This complex data creates the demand for new technology.

HadoopHadoop has arrived to answer the challenge. The global market revenue, which was estimated at $2.0 billion in 2013, is rapidly expanding and may grow up to a staggering $50.2 billion by 2020.

While Hadoop is offering answers to the need to handle Big Data, Hadoop requires skills and training. Finding those human resources can be challenging. Another issue is to be able to backup Big Data for the purpose of regulatory requirements or recovery of a catastrophic event.

A Big Data implementation using Hadoop presents a need for even more focus on the ability to recover from a catastrophic event quickly. However, the SMB is not often staffed or tooled to design and execute a backup strategy of this level of complexity.  The other consideration is that since the attractiveness of Hadoop is to use local servers, there is a further need to implement a data backup and recover strategy that can be managed remotely but not have a requirement that the live data be transferred to or running in a cloud environment.

There are Data Backup/Recovery Managed Service Providers (DB/R MSP) that provide remote management of the Backup process, along with professional Disaster Backup and Recovery consultation. Contracting an DB/R MSP with the model of remote DB/R management allows the SMB to maintain their data locally without the need to hire new staff or train existing staff in sophisticated data backup and recovery processes. Additionally, the SMB can have a comprehensive Data Backup and Recovery strategy while housing their Big Data locally.