Areas of denial
As of this morning, there are 73,332 confirmed cases of COVID-19 worldwide, and 1,873 infected people have died. And, as of this morning, there are 15 confirmed cases in the United States with another 60 pending. We are no longer watching from afar.
It’s frightening, and each day we’re inundated with information (this blog notwithstanding) that illustrates how little there is we ourselves can do to control the situation.
But, let’s take this opportunity to review the control that we actually have—the ability to understand and prepare our business for the moment when disaster strikes.
When COVID-19 hits the Colos
Today, there are 79 colocation data centers (Colos) throughout China. And, on February 13, 2020, every province in China reported at least one confirmed case of COVID-19—many of which are in the 100s with many of the provinces under severe travel restrictions. Those Colos support infrastructure for the country’s highly regulated industries and shared cloud services, as well as hosting for more than 710 million internet users.
So, what happens to the data...the businesses...the people...the world...when the globe’s second-largest economy is threatened? It’s important to remember that per the US Federal Emergency Management Agency (FEMA), 40% of businesses never reopen after a disaster, and only 29% were still operating after two years.
The answer: no one knows...at least not as of the moment I write this sentence.
Here’s what we do know
Effects on business operations during similar disasters fall into three buckets: areas of denial, human resources, and physical failures.
Whether it’s due to pathogen exposure, structure damage, or travel restrictions, we may find ourselves in a
situation where we simply cannot access our offices, paper, data centers, or colos. Looking at the data centers in China alone, there is potential for thousands of businesses to experience restricted physical access to their data centers.
While the situation in China is uniquely devastating, widespread power outages or “superstorms” can be catalysts for regional disruption. Therefore, proactively planning for such situations is key.
Bottom line (and, there’s no sensitive way to put this, I’ve tried): If the workforce is dying, sick, or stranded, work will be slowed or even come to a halt. With the loss of key personnel, “tribal” knowledge is often lost. If detailed SOPs, documentation, and authentication credentials are no longer available, recovery will be compromised.
Whether by chance or disaster, systems fail. No matter how much of your data is stored “in the cloud”, the “cloud” is physically stored somewhere. If your processes do not take into account the Cloud Services shared responsibility model, you could be placing your data at risk. Understanding your company's responsibility for protecting your data is paramount.
If you or your team are unable to physically or virtually reach a failed system, restore data, your business is at risk.
Wow, that’s grim. So, what do we do?
No matter how optimistic you are, when it comes to business continuity, you’re better off planning for worst-case scenarios.
If you consider nothing else (but, YOU SHOULD), comprehensive, standardized processes must be at the center of business continuity planning. Risk-aware standard operating procedures (SOPs) for business operations, disaster recovery, and operational processes ensure that your team is abreast of strategy, responsibilities, and communication in the event of an emergency.
If workforce is the issue, as compared to access to a facility, audited SOPs allow new or remaining team members to pick up where business operations ended. And, auditing these SOPs will uncover any gaps in the overall skillset or missing information that may need to be addressed.
The time to draft, audit, and complete SOPs for business continuity vary by business type, but is, in all cases, possible and necessary. As far as the big picture is concerned, several months of buckling down could avoid the unraveling of years of economic success.
While a relatively “local” colo is convenient, it’s best to settle on redundant data centers housed in different regions of the state or country. This planning increases the likelihood that your business can continue to operate in the aftermath of a disaster. The leading practice is that 300 miles between data centers is sufficient.
As far as infrastructure security and business continuity are concerned, location isn’t the only ruling factor. When choosing a data center solutions provider, it’s imperative to select a contract that includes on-site support, as well as “smart hand” services that can operate and repair issues within the data center itself.
To end on a more positive note, all is not lost. Instead of looking hopelessly into possible loss of control, it’s important to instead grab the reins and begin to tackle business continuity one piece at a time.
Don’t know where to start? We at Azzur Technology Consulting Services can help answer any questions you have. Let’s chat today.
Following are incredibly helpful links when learning more about COVID-19: