The same principle applies to every business in every market: continuity is essential. Production may never grind to a halt. A postal company must be able to deliver its mail and parcels every day. A hospital must always be able to provide care. When you purchase part of your functionality as a digital service, continuity is often guaranteed in a Service Level Agreement (SLA). Does this guarantee uninterrupted production? No, because the chain is as strong as the weakest link. This is why, after opting for a Hybrid IT concept, you will have to map out your weakest links with regard to continuity. Where are your dependencies?
Mapping continuity risks
Let’s assume that you purchase workplace packages as a service. Office 365 has high-quality SLAs, both in continuity and in security and functionality. The service is provided via the internet and linked to your internal systems. This service from Microsoft, the internet connection and the internal link to your systems all form a chain. To fully map out the risks for your primary processes, you will have to analyse the entire chain for continuity risks.
There are a number of questions you have to ask here:
- 1. If this functionality fails, what is the threat to my primary process?
- 2. How are the SLAs interrelated? If 100% uptime is guaranteed, but the internet line has an uptime of 99%, the service may have a certain level of downtime. Do I want this and, if not, how can I resolve it?
- 3. Are the internal systems scaled for the continuity this service should provide? For example: which internal disruptions can prevent the entire organisation from sending emails? Examples are Firewall environments, Active Directory environments, power cuts, back-up and restore environments and procedures, etc.
- 4. How can I manage these environments, who is responsible for them and who coordinates this? Is this management strategy compatible with the SLAs from the service provider and the most important aspect for you as a business: how do I remain in control?
- 5. What is my continuity risk if my service provider goes bankrupt?
Responding to emergencies
When setting up their business continuity management, organisations often focus on the operational aspect, e.g. the presence of an alternative location in case of a calamity. However, these kinds of measures will only become effective once the critical business processes are disrupted. Simply responding to calamities is not sufficient. It is also about preventing calamities. Apart from operational measures, this requires forward thinking and a proactive approach. Business continuity is a strategic topic and must be discussed on a managerial level.
In conclusion: a proper risk analysis at all business levels is an absolute must when analysing the continuity of your IT environment. This will reveal all the risks and allows you to assign the right priorities to the various subjects. You can then map out all the mitigating measures. After all, you don’t just want to prevent risks; you also want to know what to do to minimise the consequences of these risks, should they become reality after all.
Outsourcing Hybrid IT environments
A growing number of organisations are currently opting for outsourcing constructions. For the vast majority, it is comforting to place the entire responsibility for IT as a service in the hands of a single party. This is obvious, as a hybrid IT environment has a higher risk in terms of assigning responsibilities if the service is disrupted. Choosing a single supplier generally makes the outsourcing process clearer and improves its quality, as such a party is specialised in this kind of service. Whatever client-specific wishes or processes they may face, it’s basically just more of the same to them. And this in turn benefits the continuity of the client organisation.
And its performance.
In this blog we discussed the first two core values pitfalls and recommendations in Hybrid IT management. This blog is part of a series. These blogs give information for everyone who has plans to change to a Hybrid-IT concept, or who already has a Hybrid-IT concept, but wonders if this still fits. In the next blog the core values safety and complience will be discussed.