The Next Big Thing
Posts about next generation technologies and their effect on business.

The shifting world of business continuity

disaster2.pngI was in an exchange this week with an individual talking about business continuity. The view that business continuity needs to focus on:

An organizations business continuity approach need to be reassessed in a world of high levels of automation, contracting for services and reduced latency. The very definition of foundational terms like ‘work location’, ‘services’ and ‘support’ are changing. Diversity of perspective is likely to be a critical component of any kind of timely, situation response.


“The management of business continuity falls largely within the sphere of risk management, with some cross-over into related fields such as governance, information security and compliance. Risk is a core consideration since business continuity is primarily concerned with those business functions, operations, supplies, systems, relationships etc. that are critically important to achieve the organization's operational objectives. Business Impact Analysis is the generally accepted risk management term for the process of determining the relative importance or criticality of those elements, and in turn drives the priorities, planning, preparations and other business continuity management activities.”


In today’s environment, business impact analysis is becoming ever more technical and the interconnection between environmental factors more complex. We have seen situations recently with program trading that an entire financial institution has been placed at risk when their automated trading responds in an unforeseen fashion or their governance breaks down. We’ll be seeing similar techniques applied throughout organizational processes.


The response to almost any situation can be enabled by techniques like VOIP and other approaches that allow additional levels of abstraction. Simulations can be used to understand the implications of various scenarios as part of business continuity planning.


As I mentioned back in March:

Having an effective, robust approach to business continuity is part of management, security and many other roles within an organization.  It is important to remember that there is a cost for being unable to respond to an incident.

Business Continuity Week - the last day

bcaw.jpgNow that we have officially entered spring, a time for tornados and thunderstorms here in Texas, it is a good time to think about business continuity.


This week is business continuity awareness week. The theme this year is Counting the Costs – looking at the possible cost of not addressing business continuity.


Having an effective, robust approach to business continuity is part of management, security and many other roles within an organization.  It is important to remember that there is a cost for being unable to respond to an incident. There are a number of business continuity webinars that bring this issue home.

2013 Survey of topics important to IT

results.pngRecently a survey was taken by the Society for Information Management for the IT trends for 2013.


The top 5 IT management concerns in 2013 (page 60) were:

1                     Alignment of IT and/with and/with the business

2                     Business Agility 

3                     Business Productivity 

4                     Business Cost Reduction / Controls 

5                     IT Cost Reduction / Controls


But the top 5 issues that were of concern to the person taking the survey (page 63) were:

1                     Alignment of IT and/with and/with the business

2                     Security

3                     Talent/skill shortage

4                     Business continuity / Disaster Recovery

5                     Prioritization process for IT projects


I don’t know about you but this difference of perspective between the individual thinking about the priorities of the group and their own priorities is pretty significant. It looks like the management concerns are value and cost, yet the individuals are concerned more about safety.


This is an interesting survey that with almost 500 senior IT professionals participating across a diverse cross-section of the economy.


I am surprised that IT productivity isn’t pulled out to the same extent that business productivity is for the management concerns. Since that would address some of the talent shortage, cost reduction and controls/quality concerns.

Disaster recovery, your business and the cloud

disaster.pngI received a notice the other day about an upcoming webcast (April 21st) from Innovation INSIGHT titled: Disasters Happen: Is Your Enterprise Protected in the Cloud? It’s free, so check it out.


We tend not to think about it much but unpredictable and sometimes even unthinkable -- disasters happens. Mission critical IT systems require mission critical protection, no matter the platform or the supplier who may be operating the underlying hardware. It is not just a matter of the systems, but the network connections and the integrated applications that are important. No one cares if the lights are flashing and the disks are spinning if the end-to-end transactions can’t take place.


When moving to cloud this level of system interaction needs to be understood and failover or business continuity options tested. Cloud vendors will need to participate in these tests (at least to some degree).

No protection means no chance for quick recovery. The result? Your enterprise’s business will be deeply impacted and in unpredictable ways.


This webcast will likely look at some of these issues and assist those attending in understanding alternatives – before you need them. No one wants to go down with the ship!

Technology Strategies Every Enterprise Should Consider

automation.pngTwo of the other HP fellows contributed to an article about Technology Strategies Every Enterprise Needs. In it they focus on:

  • On-line testing
  • Master Data Management
  • Cloud Computing Security

When I think of these three areas, I am surprised at how these are overlooked and what new opportunities are available that are not discussed. In the testing space, most organizations have a fully occupied testing organization and may not realize the extent of testing that needs to occur when moving to the cloud. Even if it is just a move to an IaaS service, performance and functionality testing is required, let alone if they want to actually take advantage of the clouds parallel processing capabilities to perform functions more quickly. Many times the in-house organization will need to supplement their testing capabilities during the transition period. These extra resources allow for higher quality testing and can help with understanding of the new environment as well.

The MDM space has always been an issue organizations need to address. Having systems of record and ensuring consistency between systems takes unnecessary confusion out of the organization – at a minimum. If an enterprise is moving to higher level of cloud capabilities like Software as a Service or even BPO, this linkage need can be easily overlooked in the planning process. Having live links with external systems will be difficult to maintain, but that is a price to pay for access to the SaaS Intellectual Property. If it doesn’t look like you can maintain the links, you’ll likely need to rethink your strategy – eventually. This kind of Enterprise Architecture activity is more important in the cloud than ever.

Cloud security is the one area that really worries organizations. In many cases it is because they have relied on the physical structures of the compute center to provide a (false) feeling of security. Although this is an important issue to everyone, some industries have their own set of rules and regulations (e.g., Hipaa, PCI) . Understanding those rules and what they are trying to address will strengthen everyone’s security understanding. Security thoughts need to be expanded to disaster recovery and business continuity as well. Just because a cloud provider has 99.99% availability within their data center, it doesn’t mean your service has that level of availability end-to-end.

The one area that I don’t think is getting adequate coverage in the cloud area is the user interface consistency needs. We can’t expect to put a hodgepodge of in-house and vendor provided interfaces in front of the user community and expect high productivity. There are cases when it can happen and the cost of consistency may be too high, but I rarely hear organizations plan for it as an issue.

Although cloud activities may have a great deal of similarities to the current IT environment, numerous active decisions will need to be made, don't expect a passive approach to cut it.

Showing results for 
Search instead for 
Do you mean 
Follow Us
About the Author(s)
  • Steve Simske is an HP Fellow and Director in the Printing and Content Delivery Lab in Hewlett-Packard Labs, and is the Director and Chief Technologist for the HP Labs Security Printing and Imaging program.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.