Call of the hour: BC & DR

CIOL Bureau
Updated On
New Update

NEW DELHI: Building a secure, reliable and resilient IT infrastructure is only one facet of business continuity (BC). In addition to disaster recovery (DR), risk management and security elements, a well-defined BC strategy should also include components from facilities management, supply chain management, crisis management and communications, health and safety, quality management and knowledge management.


This was the uptake at the Security and Continuity Conference 2005 'Fail to Plan vs. Plan to Fail — Keeping Your Enterprise Secure and Continuous', which is being organized by IDC.

Speaking on the occasion, HP Asia/Pacific HP management services senior technology consultant Paul Marshal said, "BC is a way of doing business that ensures the infrastructure has the ability to maintain operations in the event of a significant adverse event (physical calamity, sabotage, natural disaster, etc.)." However, he added that risks such as power/network failure, people or process error, application failure, etc. should not be discounted as they can also lead to risk and downtime.

Impact of risk is the cost of downtime, which could directly affect financials and customers, damage a company's reputation, etc. Indirect impact of risk could be more severe and unpredictable. According to Marshall, companies need to address risk and downtime by combining people, process and technology to achieve best practices across the disciplines of availability, security and business continuity.


Shedding light on the evolution of business continuity and availability (BC&A), Marshall said that it has moved from DR in 70's/80's to business recovery in the 90's and BC&A in 00's. He added, "A company should identify threats, understand risks and control the risks by taking proactive measures."

Talking on Internet protocol security, Nokia Enterprise Solutions Asia Pacific chief technologist Andrew Namboka said that with more and more businesses going mobile, there is a need for aligning IT security with corporate strategy. "The IT departments need to control, secure and scale for mobility," he added.

Speaking on business continuity and disaster recovery (BCDR), IDC Asia/Pacific Asia Pacific software group senior analyst Vivian Tero said that BC is not always affected by catastrophe but by anything that disturbs the normal working of an organization. She added that normally people confuse back up and archive solutions as BCDR, but this is not so. She also added that BCDR doesn't apply in vacuum and having a holistic, updated and tested BCDR plan for businesses is important.


According to Tero, "As businesses mature and with globalization, the complexity of the networks also increases. Top three threats to a business include introduction of virus, corruption if data and external hacking. To counter these threats companies undertake measures like antivirus, firewall, Internet security policy and DR."

According to IDC research, 19 percent of Indian companies who undertake BCDR use all four measures. India also has the highest frequency of updates (6.7 times/year) of these BCDR solutions. According to Tero, this proves that the awareness in India about BCDR is high and many companies are taking steps towards implementing a BCDR plan.