Tips for Improving Information Availability

WAYNE, Pa., July 13 /PRNewswire/ -- CIOs and corporate IT departments face daily pressures to improve system and data availability while also balancing costs and risks for the IT infrastructure that runs critical business processes. These demands are pushing companies to be better prepared for IT disruptions and deliver more agile, effective responses to those disruptions.

Although there is always a drive for greater reliability, companies cannot afford to designate 99.999 percent levels of availability for every system in their data center. That approach is cost-prohibitive in terms of dollar and people resources. Any information availability strategy must be properly balanced between business and technology considerations, and assess what risks are acceptable, which systems are most critical, and what level of resiliency and recoverability is acceptable. IT organizations need to develop a practical approach to system and data availability, leverage business resiliencies where possible, and ensure all risks are being considered.

"Today's competitive, regulated, and economically stressed marketplace means businesses may be living on a razor's edge where they have to meet increased demands with decreasing resources," said Bill Hughes, director of SunGard Availability Services' Business Continuity/Disaster Recovery Center of Excellence. "Organizations must focus on understanding the full spectrum of technology risks to key business processes and the challenges they create in order to make informed decisions regarding mitigation, acceptance or deferral of risk."

SunGard offers the following tips to CIOs and IT managers as they look at ways to improve information availability in the data center:

Develop a partnership with the business. A Business Impact Analysis is a good way to identify the functions and processes that are essential to your day-to-day operations. It can also help make the business aware of IT capabilities and develop a shared view of impacts, risks and solutions. This analysis should assess the financial, operational and other effects of losing critical resources, and determine how quickly they must be restored so the impact on your business is acceptable. Strategies should be developed based on these requirements and include not only technology solutions but also business capabilities to transfer work, focus only on critical functions, and work without IT systems.Use risk assessment to focus efforts. A risk assessment helps your business focus on vulnerabilities and helps ensure your controls are strong. Looking at inherent threats and your organization's risk controls can help you develop priorities for addressing the resulting residual risks.

Tier your systems and recoverability. In today's economy, most companies don't have the budget resources to make every system priority one. Even if they did, too much risk is assumed by not tiering systems. Your recovery should focus on recovering the most critical systems first, especially in the early and uncertain hours of an incident response rather than assuming all systems are equal. Practically speaking, when all systems are at the same level of criticality, decisions still need to be made about which systems get addressed first. Systems tiering decisions must be driven by business needs -- with regulatory, customer and business partner requirements playing a big role in guiding your planning. It is also critical to examine system interdependencies because they can run deep within the data center, and the weakest link will affect the ability to recover.

Availability is about more than just hardware. Even when a company has highly available information systems, other areas such as change control, capacity management, project management and software release management need to be included in availability planning. For instance, if the project management process makes a plan to expand highly available systems but doesn't spot that your data center is running near the capacity edge of its cooling systems, your organization is creating an availability issue without realizing it.

Risk assessment needs to be holistic. Risk assessment needs to take a holistic approach and include systems, information and people - and how to mitigate risk for all three factors. For example, if your company is experiencing a power outage and the availability plan only accounts for data center systems, the plan is lacking. If there is no power for the water pumps, the building's fire sprinkler systems cannot work and your people may not be able to occupy the building and use the systems that are available. Additionally, holistic thinking needs to extend beyond the enterprise and account for the operations of suppliers and business partners.

"IT organizations are skilled at figuring out how to apply technology to business needs but often need help in understanding the full spectrum of threats and determining where to focus their efforts. SunGard works with companies on developing risk assessments that help them understand where the threats, risk controls and vulnerabilities are. SunGard also helps companies take a balanced and holistic approach to technology risk - weighing the ability to mitigate risks and the impacts of threats - to build cost-effective availability strategies," said Mr. Hughes.SunGard Consulting services range from needs assessment to design, implementation and maintenance to address availability, security, compliance and IT efficiency. SunGard provides a tested and proven approach to information availability which integrates over 30 years of industry experience that has been refined through hundreds of applications.
About SunGard Availability Services
SunGard Availability Services provides disaster recovery services, managed IT services, information availability consulting services and business continuity management software to more than 10,000 customers in North America and Europe. With five million square feet of datacenter and operations space, SunGard assists IT organizations across virtually all industry and government sectors prepare for and recover from emergencies by helping them minimize their computer downtime and optimize their uptime. Through direct sales and channel partners, we help organizations ensure their people and customers have uninterrupted access to the information systems they need in order to do business. To learn more, visit www.availability.sungard.com or call 1-800-468-7483.
About SunGard
SunGard is one of the world's leading software and IT services companies. SunGard serves more than 25,000 customers in more than 70 countries, including the world's 25 largest financial services companies.

SunGard provides software and processing solutions for financial services, higher education and the public sector. SunGard also provides disaster recovery services, managed IT services, information availability consulting services and business continuity management software.

With annual revenue exceeding $5 billion, SunGard is ranked 435 on the Fortune 500 and is the largest privately held business software and services company on the Forbes list of private businesses. Based on information compiled by Datamonitor*, SunGard is the third largest provider of business applications software after Oracle and SAP. Continuity, Insurance & Risk has recognized SunGard as service provider of the year an unprecedented six times. For more information, please visit SunGard at www.sungard.com.

  *January 2009 Technology Vendors Financial Database Tracker
  http://www.datamonitor.com/
Trademark Information: SunGard and the SunGard logo are trademarks or registered trademarks of SunGard Data Systems Inc. or its subsidiaries in the U.S. and other countries. All other trade names are trademarks or registered trademarks of their respective holders.
Source: SunGard Availability Services