- September 20, 2019
Business process services is more than just about saving money. It can play a key role in establishing the IT agility that’s necessary for successful digital transformation.
By handing over repetitive tasks and workflows to a third party, including data-centric processes, business process services enable organizations and their IT teams to focus on more strategic initiatives, knowing they can scale as needed. They can easily and cost-effectively adjust based on the ebb and flow of their business without overprovisioning people and resources that could end up being idle.
Many processes are candidates
Businesses in any industry, no matter their size, can take advantage of business process services, including finance and insurance, transportation, health care, and even public sector organizations. This kind of service not only reduces costs, but also provides peace of mind that essential processes are getting done as the business focuses on its core products and service offerings as well as strategic initiatives on its digital transformation agenda.
A wide variety of workflows and business activities can be taken care of by business process services, including payroll, accounting, telemarketing, data recording, customer support and social media marketing. Some processes might be simple, while others more technical. Processes might take place in the front office, such as customer facing support, while back office processes that are often outsourced include billing or purchasing.
Business process services is a growth enabler
There are many benefits to business process services, not the least of which is reducing costs, but if you’re doing it strategically, you’re also fostering the IT agility necessary for digital transformation. Most of all you’re growing your business.
A common path to growth for many businesses is expanding their footprint at a regional, national or even global level. A business process services provider can reduce the investment and risk associated with serving multiple regions and time zones in multiple languages. A third-party is also able to scale up on demand more quickly in their business process services areas of expertise to support a company’s introduction of new products and services—they could easily add more customer support representatives, for example.
Just as your company has its core business offerings and expertise, so does a business process services provider, which means they can get quicker, more efficient and better results, as they have built up a track record of hiring specialists for specific workflows and processes. They can tap into the necessary talent and train new hires more quickly and effectively. They may also have expertise in regulatory framework and compliance obligations specific to certain industries.
As much as business process services offers more than just cost savings, it remains a chief benefit, as it lowers your internal labour costs, including the time and resources necessary for onboarding and training new employees, as well as office space. This is especially important for business processes that fluctuate in volume because of the seasonal ups and downs common in many industries.
Enable IT agility
Business process services relationships are often approached in a siloed manner in that processes and workflows are handed off on a case by case basis as means to save money.
While this approach does offer bottom line benefits, organizations should look at business process services to improve their IT agility and think bigger. As a managed IT services provider, Supra ITS isn’t content to just save customers money by taking over a workflow or two. We see our engagements as an opportunity to infuse key business activities with the technology levers that create IT agility.
As a Supra ITS company, FleetGain has expanded its offerings to deliver business process services with an initial focus on transportation companies. We provide offsite, extremely reliable and flexible data processing services, including order entry, billing, rating, POD entry and cube entry, coupled with experience using common transportation management systems, including popular transportation management systems such as TruckMate, Degama and Rose Rocket.
Transportation is just the beginning for business process services at FleetGain. We’re ready to work with a wide array of industries that want to hand of repetitive tasks so the can better focus on strategic initiatives. By looking at business process services as part of your larger digital transformation agenda, you can add significant value and direct business impact beyond the bottom line. Terry Holland is Director, Logistics and Supply Chain Services for Supra ITS.
- August 22, 2019
- Catagory Managed Cloud Services
Hybrid cloud environments are constantly evolving and today one cloud is no longer enough—diverse workloads mean you must be ready to embrace a multi-cloud model.
Whether it’s one, two or more of the public cloud such as Microsoft, Amazon, Oracle or Google, or turning to a managed IT services provider to help you leverage economies of scale, it’s likely you’re already facing the realities of multi-cloud, including the benefits and the challenges.
What is multi-cloud?
A hybrid cloud brings together an on-premise data center (a private cloud built on cloud technologies) with a public cloud, while multi-cloud brings together multiple cloud services from different providers, both public and private. In the same way organizations might have chosen a best-of-breed approach to their on-premise applications deployment, the multi-cloud paradigm allows for the selection of the best cloud provider for a given workload.
The multi-cloud model is driven in part by open source and the desire for organizations to leverage cloud technologies to best serve customers, suppliers, partners and even employees. Further accelerating the momentum of the multi-cloud is the ability to run services from providers such as Microsoft and Amazon Web Services (AWS) in a private data center thanks to Azure Stack and AWS Outposts. Add the ability to run VMware on AWS, and organizations can mix and match cloud services as much as they want to meet the specific requirements of any given workload.
The right cloud for the right workload
Like the best-of-breed approach to on-premise software applications, multi-cloud offers many benefits, including the ability to pick the right tool for the right job on a case by case basis, rather than just one provider that may excel on one capability while lacking robustness in others.
Similarly, it allows you to avoid being locked into a single cloud provider and take advantage of innovation from a variety of vendors, while also enjoying the flexibility and scalability you need as your business grows and your needs evolve. A multi-cloud strategy also gives you some measure of control, including cost governance, as public cloud strategy can sometimes cost more than a private cloud approach, depending on the workload.
More clouds, more challenges
Running a multi-cloud environment is not without its challenges, however. Not all clouds are equal and not all providers do things the same way. AWS and Microsoft Azure might offer the same service, but have different processes, so what the customer is responsible for on their side may differ depending on the provider.
Using a mix of cloud providers can add even more complexity to compliance and security too. Not only do you have to worry about your own data center being compliant with industry standards and regulatory frameworks such as privacy legislation, but you need to be certain your providers are up to snuff too by understanding all compliance requirements and creating the necessary policies.
While cloud providers may tout their security features, you still need to have the right in-house resources to manage application and workload security in a multi-cloud environment, which makes identifying and containing security threats even more complex. This includes securing connectivity across the multi-cloud environment—after all, data is the lifeblood of your business, and a multi-cloud environment means mean you need to securely and cost-effectively move data between one cloud provider and another, as well as to and from your own data center.
Get help with multi-cloud management
If you’ve already embraced the hybrid cloud, you’re in a good position to take advantage of multi-cloud. But as with all IT infrastructure demands, there’s a lot to be said for tapping the expertise of an experienced managed service provider to help you with some of the heaving lifting. They already have solid track record of managing, securing and optimizing multi-cloud environments, which enables you to focus on strategic initiatives without add more to your plate.
- July 25, 2019
- Catagory digital transformation
IT agility is a key element of successful digital transformation, and it means having the right people doing the right job. It may also mean not hiring a person, but a service provider instead.
Knowing when you should hire a full-time employee or when you should outsource an IT function requires a clear understanding of your IT strategy, what roles you have filled and what positions you’re missing. Most importantly, IT agility means recognizing that while some job titles haven’t changed, the work these people do day to day has changed over the years, and digital transformation will continue to influence the evolution of the IT department.
Digital transformation has redefined roles
Managing IT is a different job than it was decade ago, and digital transformation continues to spark changes to job descriptions, as well as the responsibilities of the entire IT team.
It’s no longer enough to keep the engine running. IT agility demands that you be more strategic and align with the organization’s overall business strategy while facing heavier workloads. In the late ’90s, a system administrator spent most of the their time supporting computer hardware and telecommunications for desktop users, but today a big part of the job is maintaining multiple endpoints, including user, access, and device policies, while also monitoring many physical and virtual environments, many of which are hosted in the cloud.
IT managers, meanwhile, are now tasked to do more than just develop and manage applications. They must also keep tabs on technologies around the corner that might deliver business value and justify their inclusion in the IT budget, as well as demonstrate how they can create competitive advantage. IT managers must also be more security focused than ever, and likely working with an IT security team, or even a Chief Security Officer (CISO).
And let’s not forget the CIO, a role that’s been on the rise the past 20 years and is probably the best example of how IT teams and jobs have evolved since the turn of the century. CIOs—and CISOs, as well—are spending more time in the C-suite, and their job has gone far beyond just keeping the lights on.
Support IT agility with automation
No matter what you’re called—CIO, CTO or IT director—your role is more dynamic and challenging than ever. You’re probably having to do more with less, including tackling a digital transformation agenda as well as keeping the organization secure.
Digital transformation involves some strategic thinking, but it also means you’re looking at how you can migrate away from legacy infrastructure to new technology systems that will be flexible and scalable over the longer term. It also means involves fostering cultural change.
To deliver value to the organization and keep it secure, IT leaders and their teams must be more agile. Developing IT agility means making the most of your staff and making sure they’re focused on strategic activities—not bogged down by repetitive tasks that can be automated. Automation enables you to get more done without adding to your headcount and can also give you some clarity as to what people need to be doing and what skills are needed to get the work done.
Having the right IT skills is a perennial problem, and a lack of skills, especially around security, puts an organization at risk. Filling the skills gap is a priority for any leader as it’s necessary for meeting their digital transformation goals as well as maintaining compliance in increasingly regulated business environments thanks to legislation such as the General Data Protection Regulation (GDPR).
Ideally, IT agility feeds itself—as you become more agile and identify where you need to improve, your team becomes more empowered to tackle new problems and come up with creative solutions.
The competitive advantage of “people on demand”
Beyond automating things people shouldn’t be and addressing the skills gaps in your IT team, you need to think about what might be done outside of the organization more cost-effectively.
Given your strategic goals including your digital transformation efforts, do you really want your IT staff trouble shooting end user problems? Do you want your IT people worried about keeping toners in copiers or the printers from being hacked? Can you afford to pay a premium to keep a database administrator on staff when they may be idle half the week?
Just as you’re able to scale up computing on demand via the cloud, you can complement your in-house team with part-time talent on-demand to achieve the IT agility necessary to push your digital transformation agenda forward.
Sanjeev Spolia is CEO of Supra ITS.
- July 11, 2019
If you’ve been hearing rumblings about a deadline for your Windows 7 migration, you should know the “end of life” deadline is in January. You should have already started your move to the latest and greatest version of the Microsoft operating system.
The looming Windows 7 end of life deadline is also a reminder that you should review how you allocate your IT resources in the bigger picture, including making the most of your Microsoft investments.
What does “end of life” mean?
For the purposes of a Windows 7 migration, end of life means support for the operating system is being discontinued by Microsoft.
After January 14, 2020, Microsoft will no longer provide feature updates or security patches. The software giant already ended mainstream support for Windows 7 on January 13, 2015—new features stopped being added, and warranty claims were no longer valid.
The risks of putting off your Windows 7 migration
If it’s not that you can’t continue to run your business on Windows 7, but there are consequences from continuing to rely on an operating system that Microsoft no longer supports.
Most importantly, after the Windows 7 end of life deadline, the operating system will be inherently unsecure because it will no longer be patched for new viruses and security threats. Furthermore, it’s likely that threat actors will seek out businesses running Windows 7 knowing they are particularly vulnerable to emerging viruses, malware and ransomware. The second major risk is that third party developers are likely to stop supporting Windows 7, which means other business applications you rely on may no longer function properly.
Finally, support for Internet Explorer on Windows 7 will also be discontinued on the same day, which means applications that depend on it may no longer function properly and be more vulnerable to security threats.
What if you want to stick with Windows 7 past the deadline?
Despite the Windows 7 end of life deadline at the beginning of next year, you will be able to install and activate an instance of the operating system after January 14, 2020. However, it won’t be supported with feature updates and security patches.
Microsoft is allowing users of Windows 7 Professional and Windows 7 Enterprise to extend their Windows 7 security updates through January 2023, but you will have to pay for it.
What you need to upgrade
The good news is that your Windows 7 migration doesn’t necessarily mean new hardware.
Although Microsoft does recommend moving to a new PC when migrating to Windows 10 to take advantage of the latest hardware capabilities, you can do your Windows 7 migration on your current devices as long as they meet the minimum requirements.
No matter which route you take, you should make sure that your documents are safely backed up. If you’re upgrading to Windows 10 from Windows 7 on the same machine the transfer of your files is part of the process, but it’s best to back up just in case something goes wrong.
Think beyond your Windows 7 migration
Updating software and the hardware that supports it is a reality of doing business. While doing a Windows 7 migration to meet the end of life deadline may feasible for most organizations to do on their own, it’s a good opportunity to review how you allocate your IT resources. How do you want your IT team to be spending their time? Do you want them bogged down doing patches and updates?
As much as your Windows 7 migration is an essential milestone in the next six months, you should look at it as jumping off point to reassess how you deploy your internal resources and at how a managed IT services company can help.
Arun Prakash is executive vice president of Supra ITS.
- June 27, 2019
Whether you’re upgrading existing Oracle applications or it’s a “greenfield” rollout, there are three key things to keep in mind if you’re going to get the most from your applications deployment.
The sheer number of Oracle applications—as well as hardware requirements—can be overwhelming. While there’s value in sticking with one vendor to run your entire business, it’s critical that you’ve made a compelling business case for your applications deployment. You must also have the resources in place to not only implement them but also support them throughout their lifecycle.
What business problems are your Oracle applications solving?
If you’re deploying Oracle applications for the first time, you should have a strong understanding as to why you’ve chosen each one.
Before you’ve even begun your applications deployment, you should identify the problems you are looking to solve and your business objectives to be sure you’ve chosen the best Oracle applications for daily operations. For example, Oracle application such as Business Intelligence, Supply Chain Management and E-Business Suite should be considered by any organization looking to gain greater visibility and improve profitability, as they can help you make better decisions through analytics, optimize your workflows and improve employee productivity.
All the above need optimum data management, so you might want to look at Oracle Middleware so that you can provide your Oracle applications with a single source of data to truly leverage your business applications to make smart decisions.
Picking the right hardware for your applications deployment
Enterprise software applications such as those from Oracle are no different than one running on a PC or a smartphone—they need the right hardware to deliver value and productivity gains, whether it’s a software update or a greenfield applications deployment.
In some cases, you might want to take advantage of Oracle hardware for your Oracle applications, such as Oracle Virtual Machine, which will help reduce your overall compute costs. A more data intensive organization should consider an Oracle engineered system such as the Oracle Database Appliance, or Oracle Exadata, which provides even more power with less maintenance.
There are also non-Oracle options too, such as IBM Power and HPE SuperDome Flex. The latter is an x86 option that can help reduce your licensing costs without breaking the bank so you can maximize the return-on-investment from your Oracle applications.
Power your Oracle applications with the right people
While Oracle applications can improve the productivity of your business users, some aspects of your applications deployment are going to require strong skill sets, particularly in the database management era.
Database administrators (DBAs) are in high demand, and small and medium-sized organizations must compete with large enterprises to attract and retain top talent. Although you should never cut corners in this area, there are affordable options to make sure you have the right people to manage the data that helps derive business value from Oracle applications. You can take advantage of shared DBA services from a managed IT service provider to augment Oracle DBA Services with additional resources to fill any gaps. You can access a virtual DBA on-demand, either on a temporary or long-term basis based on the ebbs and flow of your business.
Whether you’re doing incremental updates to your existing Oracle applications to get each one to the latest version, or a complete greenfield applications deployment, it’s critical that you understand what your business objectives are, as well as the hardware and people necessary to support your initial rollout and ongoing operations.
Arun Prakash is executive vice president of Supra ITS.
- June 13, 2019
Although preparing for the General Data Protection Regulation (GDPR) compliance was a different challenge than being ready for Y2K, both deadlines had one thing in common—the sky didn’t fall once they came and went. But when it comes to compliance, the deadline never really passed.
If you met the GDPR compliance deadline last May, your work is still ongoing—being prepared for it, like any other privacy regulation, is a continuum of internal readiness. At first glance, GDPR readiness appears to be just another security exercise, but it should have prompted you to think differently about the data you store and process.
Know your data is—in transit and at rest
As much as GDPR is about privacy, it requires you to be transparent in that you must have complete visibility as to where your customer data is stored and where it flows—how does it move across borders within the European Union and beyond? Remember, the data you must keep private is dictated by European citizenship, even if you’re based in Canada, and it’s a living entity. Documenting it for the initial deadline wasn’t enough.
If you’re handling sensitive financial data or Personally Identifiable Information (PII), any documentation and data processing activities must be transparent and demonstrate accountability today and tomorrow. You should always be re-evaluating your current data governance practices and policies as part of your GDPR compliance and improving them as needed.
Plan for the worst
Long before GDPR was even a spark of an idea, data breaches were par for the course. The European privacy legislation is just further impetus for having a clear picture of where your data is most vulnerable.
GDPR requires that you have a disclosure process in place if a breach occurs—affected customers must be informed within 72 hours—although there are a few exceptions. You should be conducting regular fire drills to test the effectiveness of your data breach response procedures, just as you would any disaster recovery plan. This testing can also be applied to breach notification guidelines for the updated Canadian privacy legislation, the Personal Information Protection and Electronic Documents Act (PIPEDA).
Do you still have consent?
A key aspect of GDPR, as with PIPEDA, is getting a person’s consent to process their data. Even more importantly, you must be able to honour a request to have that consent withdrawn—that’s why understanding how your data flows is so important. You can’t be certain someone’s data is no longer be used if you don’t know for certain where it’s been collected and stored—it also could have been duplicated. You must also ask for reaffirmation of consent if how you use PII changes.
The consent aspect of privacy regulation further cements the need for pristine record keeping. This includes disclosing to the data subject as to whether any third parties need access to their data to deliver products and services. Your data auditing for GDPR or PIPEDA must reflect any changes to the processing of the data, even backing it up.
Be ready to the roll with the changes
Being prepared for any privacy legislation means maintaining a constant as there will be changes and updates.
GDPR will likely evolve over time, just as PIPEDA has been reviewed updated since being introduced more than 15 years ago. You can’t sit on your laurels for having met last year’s deadline. Privacy regulation compliance should be integrated into your operations. Customer data is rarely static, so your procedure for tracking and protecting it shouldn’t be either.
- May 30, 2019
- Catagory business continuity
You might think a business continuity plan is a luxury—something only larger organizations can afford or something you’ll do during a slow period. But planning for disaster is not just good preventative medicine. It contributes to a healthy business in three meaningful ways.
Being prepared is a state of mind. When your team knows you’re prepared for the worst, they can move forward with any business initiative with confidence.
Organizations that have a business continuity plan in place nurture employees that are adaptable and proactive when things to do go wrong. Planning for disaster becomes a subtle part of everything they do, making them adept at automatically assessing the levels of risk associated with new ventures and more agile. Small disruptions don’t phase them because the business already has a plan in place for the worst-case scenario.
The confidence your employees have because you’ve got a rock-solid business continuity plan is picked up by your customers. Letting them know you’re proactively planning for disaster sends a message they can count on you, and so can your investors, business partners and other stakeholders.
Having a business continuity plan can also set you apart from your competitors and is something you can market to potential customers. They may not even consider that your planning is in their best interests, but it will help you stand out when it comes time for them to make a buying decision.
In an era of privacy legislation that includes the Personal Information Protection and Electronic Documents Act (PIPEDA) and the General Protection Data Regulation, planning for disaster helps you stay compliant with government regulation and industry standards—yet another way to maintain competitive advantage.
Even if your industry isn’t heavily regulated, adhering to standards and best practices by keeping them in mind during your business continuity planning demonstrates a commitment to quality and accountability. Should new legislation be introduced that affects your operations, or you expand your business into a more regulated sector, having a mindset in place that guarantees business uptime will help you easily adapt to new realities quickly, giving both you and your customers peace of mind.
Business continuity keeps you ahead of the game
Planning for disaster is a must-have, not a nice-to-have. Don’t wait until the worst-case scenario hits before you start your business continuity planning. Making the upfront investment today will pay off in the form of confident employees and customers, and a healthy bottom line.
If you haven’t begun to think about disaster recovery planning or feel your plan needs an update, check out our Disaster Recovery Primer.
- May 9, 2019
When technology fails, businesses go under. And if you’re like most organizations today, your business continuity is dependent on communications and networking infrastructure that carries the lifeblood of your business—data.
Your employees can’t serve your customers without it, nor can your mission critical applications continue to run. And for many businesses, a few days of downtime can meet shutting the doors. It’s essential to ensure maximum uptime so even if you do encounter a disruption, your customers never notice.
For small and medium-sized businesses, putting the checks and balances in place to guarantee business continuity can be overwhelming, and partnering with a managed services provider can ease the burden. Regardless of whether you outsource or scale up your IT team internally, there are four key ingredients you will need.
It doesn’t matter whether it’s through malicious intent or natural disaster—losing mission-critical data means a business can grind to a halt. You need a protection plan that encompasses all applications, files and databases to protect data in the event of human error, systems failure or corruption. This should include offsite data backup and recovery with comprehensive business continuity planning.
Safeguarding data not only means protecting where it’s used and stored, but also while it’s in transit. Even if you don’t take advantage of a managed service provider’s expertise, you likely have data moving in and out of your primary location to cloud-based services, field offices or remote users. Securing these connections safeguards mission-critical data and applications, maintains service and performance targets, and protects against malicious threats.
Maintaining all devices and equipment, including Wi-Fi endpoints, can be a daunting task and can monopolize the time of your IT staff. Outsourcing to a managed services provider who employs a predicative care model means you don’t have to worry about asset tracking, paying for onsite labour for repairs and replacement, or tangling with multiple vendors to get things reconfigured or fixed.
24 X 7 Support and Monitoring
Predicative care for devices can be complemented with comprehensive support and monitoring by a managed service provider, enabling you to tap a team of skilled support people across multiple shifts to cover your business users and their applications. Proactive monitoring keeps a watchful eye on your environment to prevent any potential issues that could lead a disruption.
Ensuring business continuity requires a lot of proactive planning and IT resources, but it’s better to invest the time and energy into preventative measures than paying the high cost of not doing it. A managed IT services provider can help you keep your business running smoothly by avoiding common errors and providing around-the-clock coverage with properly skilled staff.
If you haven’t begun to think about disaster recovery planning or feel your plan needs an update, check out our Disaster Recovery Primer.
- April 11, 2019
- Catagory Development
Whether you’re an existing customer or looking at greenfield opportunities, Oracle solutions can be a little overwhelming when you’re trying to pick the best business application for the job.
As an Oracle Cloud Managed Service Provider (MSP) with a deep and long history of implementing Oracle solutions for our customers, we’ve found the best way to pick the right product is to define the problem and your business objectives. From there, you can align it with the best Oracle offering. It’s still a big job, so we’ve put together a little guide to help customers get started, whether you’re eyeing new computing infrastructure or business applications.
Make Better Business Decisions
If your goal is to improve productivity for users and scale up your business to be more competitive while reducing costs, you’ll want to start with Oracle Cloud.
Moving to a subscription model automatically lowers your costs because for a monthly payment you have access to a wealth of infrastructure that would have otherwise required a great deal of upfront investment on your part. Not only you do you save money on hardware, but you immediately have more business flexibility. Managed Oracle IaaS enables you to move all your business applications to the cloud, which minimizes the disruption that usually comes with on-premise system upgrades or software changes.
Oracle also offers a great deal of business applications you can run in the cloud. If your aim is to gain greater visibility and improve profitability, you should consider Oracle Business Intelligence, Oracle Supply Chain Management and Oracle E-Business Suite to drive smarter decisions through analytics, improve workflows and employee productivity.
Manage Data Better
Of course, you can’t make smarter decisions without the right information, so if you’re looking at corralling your data better, there are a few Oracle solutions that can help.
One the realities of today’s business is that you have multiple systems and applications that ideally should be using the same data—that’s where Oracle Middleware comes in. It can help you pull together files and datapoints to provide the single source of truth business applications need to deliver value. An Oracle Database, meanwhile, can help you harness customer information.
Business and applications need a strong IT backbone
Your mission critical data and business applications only deliver the most value when they have a solid foundation supporting them.
Oracle offers several hardware and infrastructure options that make sure data-driven business applications operate optimally while also helping you to streamline costs. Oracle Virtual Machine, for example, can help you reduce your overall compute costs. But if you want to not only improve your compute performance and maximize return-on-investment from your Oracle applications, you should consider an Oracle engineered system such as the Oracle Database Appliance, or Oracle Exadata, which provides even more power with less maintenance.
Pulling it all together
Whether it’s just a couple of Oracle solutions or a large combination of business applications and Oracle engineered systems, you can pull everything together with Oracle Enterprise Manager, which provides a single view of all your Oracle deployments in a central location.
The breadth and depth of Oracle solutions doesn’t have to be overwhelming. Whether you’re an existing customer or eyeing Oracle for the first time, an experienced technology partner can help you adopt and update your business applications so you can scale your business while reducing costs.
Fabio Gross in senior channel manager with Supra ITS. Learn more about Supra ITS’ status as an MSP with our handy FAQ.
- March 7, 2019
- Catagory Managed IT Services
Recovering from any disruption requires the right people. When it comes to disaster recovery plan, success will depend on quickly mobilizing a team to maintain business uptime.
Every user in your company can be affected by an incident that is escalated to a disaster. By identifying people you will need to quickly restore operations as part of your planning, ideally your customers won’t be affected because you’ll be able top to bounce back quickly and minimize the disruption to business operations.
Keep disaster recovery reflexes sharp
Your disaster recovery plan should include a management team that takes on the critical responsibilities and decision making, starting with whether the disruption is in fact a disaster.
If it’s concluded that the incident is severe enough to meet the criteria, your disaster recovery team must mobilize and do the following:
- Manage and coordinate the disaster recovery plan
- Activate other staff in the organization, as well as your service provider, in priority—some people may be needed immediately, while others need to be on standby depending the role in the plan
- Ramp up any alternate facilities and secondary sites
- Review the recovery procedures to be activated that will support your recovery objectives
Who should be on the team?
There are several key roles that should be already be assigned by your disaster response management plan before a disruption occurs.
Your information security group should always be represented on your disaster recovery team, as they have specific, specialized responsibilities, including a review of the recovery goals, understanding the magnitude of the damage, and making sure information security procedures are followed by the disaster recovery team. They can also assist with the preparation of an accurate news media statement that outlines a description of the incident, how and when it happened, and who will be affected and how.
Other team members include a disaster recovery coordinator to liaise with your service provider and any vendors that might contribute to the affected infrastructure. Their job should also be to set up a schedule for status updates throughout the recovery process right up until full restoration.
Another important role you must fill is that of a disaster recovery crisis manager, whose job it is to keep everyone informed on latest developments and be a single point of contact for all team members. They have several critical responsibilities, including:
- Making sure all users and are familiar with the disaster recovery management plan.
- Provisioning additional telephone lines for extra staff if needed.
- Getting a snapshot of activities in progress when the disruption happened from the information security team, an estimate as to how long these activities will be delayed, and when the next update can be expected.
- Developing a public statement approved by disaster response management team that can be distributed to everyone affected, including customers and users, as well as media. Multiple statements may be required, including one when the recovery operation is done, and regular business activities have resumed.
Having a well-thought disaster response management plan in place will only be effective if the right people there are to executive as soon as the alert is sounded. You should frequently revisit your plan to confirm the people assigned to these critical roles understand their responsibilities and that they are still available should disaster strike.
If you haven’t begun to think about disaster recovery planning or feel your plan needs an update, check out our Disaster Recovery Primer.