Seven Habits of Highly Resilient Organizations

Here are seven habits that CDW Government LLC (CDW-G), a provider of information technology solutions to business, government and education, advises organizations adopt to ensure they are prepared for any business contingency and that they remain resilient in the event of unplanned interruptions. These habits can help organizations prevent costly downtime, reduce inconvenience to customers and minimize damage to an organization or agency’s reputation. These habits are provided by CDW-G’s team of technology specialists and systems engineers.

1. Conduct a business impact assessment. Because even the most thorough disaster preparedness plan won’t be able to justify the cost of including every mission process – especially for small organizations with limited resources – it is important to inventory and prioritize critical processes for the entire organization.

Organizations should tier data based on its import to operations. For example, processes that need to be resumed within 24 hours to prevent serious mission impact, such as citizen service delivery, or that will have major effect on stakeholders could receive an “A” rating, while those that need to be resumed within 72 hours could receive a “B” rating followed by those “C” functions that can be restored in more than 72 hours.

In addition, several software packages can help an agency or institution assess its disaster preparedness and map out strategies that fit the organization’s needs and goals.

2. Take steps to protect data. Aside from people, information is the single most critical asset for virtually any organization. Organizations frequently should back up data to ensure records are kept, and consider upgrading the backup equipment to a faster version to reduce the time it takes to complete a backup cycle. Automated, remote backup services are available from many vendors.

Organizations also should store multiple copies of data off site and a long distance from the primary data center. Outsourcing this service may make sense for small and mid-sized organizations that currently do not operate in a suitable, alternative location.

There are a few different approaches to backing up data that are increasingly affordable for smaller agencies and institutions. They include:

• Tape rotation: Information on servers is copied to storage media (typically tapes) on a set schedule. These tapes are then removed to an off-site location for safe storage. This is the most basic approach to data backup.
• Data replication: Information on servers in one location is copied – either in real time or on a set schedule – to servers in another location. As a result, the data in one location has an exact mirror image in another location – often at a great distance. The off-site server then takes over operations if the primary server is damaged.
• Appliance backup: Like data replication, the information on servers in one location is copied – either in real time or on a set schedule – to a storage appliance in another location. This does allow for a mirror image of the data on the server, but does not include off-site facilities should the primary server infrastructure be destroyed.
• Data vaulting facilities: Information on servers is copied to an on-site central depository, which then is replicated to an off-site data vaulting facility typically owned by a third-party organization.

 

Once data is backed up, organizations will need to carry out a practical and well-tested plan to retrieve the information. The same IT architecture should frame both the organization’s disaster recovery site and the primary data center, reducing complications. If the organization uses a wide-are network (WAN), the Internet, an intranet portal and telephones to provide citizen services, the same infrastructure should be built at its backup facility, for example.

Organizations focus so much on protecting and backing up network server data that they often fail to take steps to ensure their employees can remotely access that data if they are unable to work in the office. Remote-access software, such as products provided by Citrix and Microsoft, can enable employees to access networked server or desktop information offsite.

3. Review power options. Organizations should add uninterrupted power supplies (UPS) for critical servers, network connections and selected personal computers to keep the most essential applications running.