Professional Documents
Culture Documents
Business Resiliency For Cloud Services - Participant Guide
Business Resiliency For Cloud Services - Participant Guide
PARTICIPANT GUIDE
PARTICIPANT GUIDE
Business Resiliency for Cloud Services
Appendix .................................................................................................... 45
The 21st century digital IT requires that the application, data and infrastructure
services are reliable, always available, serviceable, and security implemented by
design. In a typical organization today, users interact with multiple systems hosted
internally and externally to perform their job. As the number of systems, users, and
data grows to run the business, so too does the complexity and the necessity of
business resilience.
First, let us take a look at why resiliency matters and how it impacts organizations.
Consider the ‘The Global Data Protection Index1’ survey by Dell.
From this survey, it is found that the most organizations are still behind the curve
and are susceptible to unplanned downtime, data loss and suffer monetary loss. In
addition to financial impact, disruptions also result in loss of productivity, time to
market, fines, and reputational loss.
1
The Global Data Protection Index is a Dell survey to over 1000 IT decision
makers and organizations ranging from public and private sectors across the globe.
The intent of this survey is to directly hear from the customers and understand their
challenges. So that Dell Technologies can improve their products, solutions, and
services and help our customers meet their business objectives.
Click here to learn more about the opinions of customers about business resiliency.
CONTINUOUS
Application Availability
Click here to know the goals of organizations, including the board and their CIOs.
Today, organizations must protect their businesses from natural disasters and
man-made errors. With the evolution of technology, there has to be significant
changes in the way organizations plan their business continuity strategies to
establish resiliency. The focus shifts from complete site recovery to the continuing
operation of a business using application continuity, and resiliency-as-code.
A few years ago, options to establish resilience were limited and typically involved
having a second physical data center/ DR site that is located at a different site or
region. All the data and applications were replicated to the secondary data center.
If there is a disaster or unexpected event, the entire business operations would
resume from the secondary data center.
This poorly designed DR solution would usually end up affecting RTOs and RPOs,
due to high latency or improper configuration of network and other infrastructure
components.
Evolution: DRaaS
Apart from natural disasters, organizations may Current State - Full-site only
Primary Secondary
often face partial outages due to application failure,
component or rack failure, and/or cyberattacks
where the outage is at a smaller scale. In such
scenarios, organizations can:
• Decide not to implement full site recovery as it Future State - Application Continuity
Evolution: Resiliency-as-Code
This approach can even be used to rebuild an entire data center, if needed to
recover from extreme cyber events, such as ransomware attacks. CMDBs can be
actively maintained while issues, such as configuration drift, can be resolved in this
model because everything is automated and updated to all known targets.
Click each tab to view details about the key elements that are used to assess
organizations on where they stand regarding implementing resiliency in their
business.
Organizational Readiness
• Program expenses in line with defined corporate strategic and tactical goals and
objectives relative to addressing potential impact scenarios and mitigating
identified operational risks
• Cost-benefit analysis of available alternatives directly linked to business or
technical, expanding or contracting requirements and linked to increasing or
decreasing impact and risk; Expense that is tracked and regularly reported
• Regulatory compliance and audit reporting requirements are well defined and
understood.
• Open program issues are tracked and remediated; Monthly and quarterly
reporting obligations satisfied.
Based on the key elements assessed, organizations can be rated for business
resiliency.
1 2 3 4 5 6
1: The control element has not yet been developed, or there is no evidence that
control element exists. Exposure to extensive service outage and the impact to the
company is catastrophic.
are aware of their roles and responsibility. The program is measurable, and the
impact is moderate.
5: The DR control elements are in place, and formal BC plan are documented and
tested frequently. Evident senior management oversight and active participation in
the BCM Program. Ongoing review and testing of plans are documented. Ongoing
communication between internal teams and external entities is in place, and
employees are aware of their roles and responsibility. The control elements are
measurable, and the impact is low.
Knowledge Check
Question 1
Business Continuity
• Enables continuous availability of information and services for failure of SLA
requirements
• Involves proactive measures such as business impact analysis, risk
assessment, building resilient IT infrastructure, deploying data protection
solutions
• Involves reactive countermeasures, such as disaster recovery
• Ensures information availability as a primary goal
Data Protection
• Organizations using multiple cloud environments face
challenges with having multiple data protection strategies
leading to data protection silos.
• Regardless of the complex multi-cloud environment, the
goal of organizations should be to protect all the
components. These components include physical and
virtual resources that are deployed across private and public clouds.
• A more efficient strategy is to deploy a single data protection solution. This
solution includes backup, remote replication, archive, and disaster recovery
mechanisms for both on-premise and public cloud environments.
Disaster Recovery
Click ‘arrow marks’ or ‘dots’ to navigate through each option to learn about
the steps involved in an effective DR plan.
DR Considerations
Some organizations prefer a multi-cloud cloud option for their backup strategy.
Click ‘arrow marks’ or ‘dots’ to navigate through each option to learn about
the Dell EMC products for data protection.
• For organizations looking to the cloud as a disaster recovery option, Dell EMC
Cloud Disaster Recovery (Cloud DR) can be a solution. This product allows
enterprises to copy backed-up VMs from their on-premise back-up servers to
the public cloud, such as AWS, AWS GovCloud, Azure. This method helps to
orchestrate DR testing, failover, and failback of cloud workloads in a disaster
recovery scenario.
• These workloads can be run directly in the public cloud. Therefore, full
deployment of the on-premises data protection solutions in the cloud is not
required in order to protect and recover your VMs.
• Delivers a consistent experience by extending the existing on-premises data
protection to the cloud. This way that it delivers a familiar user experience, thus
requiring minimal education and training, and direct in-cloud access, monitoring
and reporting.
• The restore servers within the cloud are spun up only if the primary data center
is not available and decommissioned when no longer needed. This way that it is
more cost-effective than having hardware up and running within the public
cloud.
• Software defined with built-in deduplication for data protection, replication, and
reuse
• Self-service for data owners combined with central IT governance
• Data Domain (DD) series enables organizations to protect, manage and recover
data at scale across their diverse environments.
• It is the next generation of Dell EMC Data Domain appliances, that are now
setting the bar for data management from edge to core to cloud.
• DD series provides storage capacity up to petabytes of capacity for long-term
retention in the cloud, with Dell EMC Cloud Tier.
• DD series provide fast disaster recovery with orchestrated DR and provide an
efficient architecture to extend on-premises data protection.
• PowerProtect DD Virtual Edition (DDVE) enables data protection in the cloud
for applications running in the cloud.
Data Security
− Also, ensure that the service provider offers an SLA that meets the
organization’s availability requirements.
− As the multi-cloud operating model itself acts as a strategy to improve
availability, be sure to synchronize the security policies and settings across
service providers.
Dell EMC Cyber Recovery solution protects the most critical data in a vault
environment. The vault is ideally physically isolated, a locked cage or room, and is
always logically isolated using an operational air gap. The vault components are
not accessible from production and access to the vault target when the air gap is
unlocked is extremely limited. This is a key to the maturity of our solution. The vault
is not an extra data center, it is usually located at the production or corporate data
center and more frequently now, with a third party solution provider.
The vault operates in four basic steps. Click the step number on the image to
learn more.
1: Data representing critical applications are synced through the air gap, which is
unlocked by the management server into the vault and replicated into the vault
target storage. The air gap is then re-locked.
2: A copy of that data is made. Vault retention is configurable, but most keep about
a month's worth of copies.
Recovering data from the vault in the event of a cyber-attack or simply for recovery
testing procedures is critical and there are several ways recovery can be
performed. Monitoring and reporting is also provided from within the vault and can
be shared outside of the vault environment in various secure methods.
AIOps
Harnessing advanced technologies, such as AI, machine learning, and Big data, to
equip IT staff with more intelligence to identify and resolve critical outages is
becoming extremely important.
This is where AIOps (Artificial Intelligence for IT Operations) can deliver significant
value.
AIOps Benefits
Benefits of AIOps:
• Helps IT teams to identify the root causes of outages and performance issues
by breaking down data silos with full visibility across IT environments.
• Improves IT productivity by automating and accelerating various processes
such as technical-support functions so that the IT teams can focus on more
valuable work.
• Enhance IT operations by delivering greater insights with the use of machine
learning, data science, and visualization techniques.
2
It is designed to greatly reduce IT alerts and ticket volumes, suggest root causes
and enable cross-team collaboration to solve incidents faster.
AIOps Considerations
Knowledge Check
Question 1
1. Which Dell EMC product protects the most critical data of an organization in a
physically isolated room?
a. PowerProtect Cyber Recovery
b. PowerProtect DD
c. PowerProtect Data Manager
d. PowerProtect Appliance - DP
Click the
NanCO Art Services Company link below
to
understan
d the
multi-cloud
requireme
nts of
NanCo.
• Scenar
io
Cloud Architect
Available for all audiences, the cloud architect certification journey begins with
either the CIS course or the ISM course. CIS provides fundamental details about
digital transformation and the critical role of cloud computing. ISM provides
comprehensive details for various infrastructure components in a modern data
center environment. The specialist level CIPD course focuses on cloud
infrastructure including: CI/HCI, cloud management platform, application
development and deployment platform, plus hybrid and multi-cloud. The expert
level Cloud Services Management curriculum concentrates on IT transformation,
service lifecycle and management, workforce transformation, multi-cloud strategy,
cloud operating model, cloud-native application development, and business
resiliency.
Cloud Architect,
Cloud Services
(C) - Classroom
• 82% Suffered from Disruptive Event: Unfortunately this metric has risen to
82% compared to previous years. Top reasons are unplanned systems
downtime such as technology failures from hardware, software, networks or
downtime related to process such as new changes in the environment.
Downtimes arising from a ransomware attack or other incident that prevented
access to data is also rising.
• 69% Lack Confidence in Recovery: Despite adoption of modern technologies
such as replication and multi-site datacenter architectures such as continuous
availability or high availability, we continue to see our customers are not well
prepared to recover from operational, cyber attack or a site wide failure. This is
mostly due to the monolithic nature of infrastructure and applications, weak
processes and poor planning which results in the inability to recover data. The
confidence measure is getting higher visibility with the Board and CxOs who are
concerned with reliably recovering all business-critical data in the event of a
cyber attack, fully recovering systems/data in the event of a data loss, meeting
backup and recovery SLAs and lastly compliance with regional data governance
regulations.
• 81% Concerned about Meeting SLAs: Majority of customers struggle with
ever-increasing volume of data that has put a strain on meeting SLOs for
recovering data in the event of data loss and lack Data Protection compliance.
Data volumes have increased by 39% between 2018 and 2019. Data Protection
operators are typically siloed and further away from the business, which
typically leads to not understanding the value of data and placing the proper
backup or archive strategy around it.
DRaaS: Disadvantages
• With these traditional approaches, organizations are running all their
applications in one data center.
− Though they have built a secondary or DR site by investing a lot of money,
they are not using it until a disaster happens.
• This method results in inefficient use of IT assets and not suitable for modern
applications.
Scenario
As NanCo expanded their business across the globe, they have been facing challenges with respect to data loss and security which impacts them a lot in
terms of their financial aspect and reputation. Therefore, NanCo is looking to build resilient capabilities for their infrastructure and operati ons to meet the
required SLAs.
NanCo’s senior management including the board and their CIOs, have come up with goals aligningto their business resiliency strategies. These goals
include:
3. Maintain a high level of security and governance for cloud-model that is similar to traditional IT.
1. They need a cloud-based disaster-recovery solution, as their current disaster recovery solution is inefficient with the expanding business
2. They don’t have budget to build and manage their own backup infrastructure to protect their data. They need a solution to reduce the complexity of
managing the backup environment.
3. NanCo’s business is expanding and the amount of data and IT systems are increasing exponentially. This impacts the operational resilience and
availability. NanCo need a solution to better manage this solution and run a smooth operation.
With these challenges and requirements, NanCo needs help from the consulting firms to obtain the solutions.