Which Cloud Service Provider Gives You the Best Peace of Mind?
By Khoong Hock Yun, Assistant CEO and Chief Data Officer, InfocommMedia Development Authority of Singapore (IDA)
Cloud adoption is the new norm. Many enterprises, seeing the business benefits of agility, elasticity, utility-based models and cost savings, have embarked on the cloud. A 2015 Cloud Security Alliance report stated that about three quarters of enterprises then were ready or hopeful to migrate to the cloud, or realize a need to adapt to the new business model.
Alongside its benefits there have however come new challenges to prepare for, including a need for greater clarity on Business Continuity Management (BCM) and Disaster Recovery (DR) when services transition to the cloud.
“A compiled report by Data Centre Knowledge in 2015 showed that a key reason enterprises continue to hesitate migrating to the cloud include uncertainty and concern over downtime of critical services – especially due to outages.”
Major cloud outages across the globe have driven home the need for clear guidelines and contingency plans on the part of both enterprise users and cloud service providers (CSPs).
The major difference between the past and present lies in how much more must be done now for BCM and DR. Where past practices were clear, concise and simple due to their relatively straightforward nature – hardware was generally on-premise and within the control of the enterprise for backup and recovery – the current needs of a cloud system require holistic solutions planned from the start on how best to handle a cloud outage “before, during, and after” to ensure continuityfor both the enterprise as well as its new partner, the CSPs.
This is compounded by today’s real-time, on-demand, instant nature, which requires minimal downtime and impacts significant loss of revenue and risk, should an outage occur. For instance, who pays in the event of a cloud outage?While large MNC enterprises can afford to build (expensive) redundancy plans in the event of a cloud outage, smaller SME’s – the ones who most benefit from a shift to the cloud – are oft ill-prepared to meet with this disruption to services.
There are ways to prepare for such eventualities, and they do not have to break the bank. For example, a set of cloud outage incidence responses (COIR) guidelinescan be used by enterprises for their own risk assessment systems, in turn guiding their BCM and DR needs and procurement of services against those offered by CSPs.
The InfocommMedia Development Authority of Singapore, together with industry representatives, have created one such set of guidelines. This multi-tiered frameworkis one small portion of how Singapore’s Smart Nation drive is leveraging cutting-edge technologies to keep its economic competitiveness as well as overcome impending megatrends, while ensuring the way forward is being supported by progressive education and best practices for all.
COIR is divided into four tiers of responses based on projected impact of outages.The most severe impact is systemic and life-threatening in nature. The least severe impact will be, for example, on hosting non-sensitive applications for which there are alternatives, longer duration of outages are tolerable, and restoration should generally occur within two working days.
No enterprise wants the worst to occur, but it should be prepared for the eventuality. Strong yet flexible frameworks will help them to weather the storm when it occurs, and Singapore’s COIR guidelines are another brick to prepare for the storm.