Liudvikas Daubaras, Head of Systems Integration and Consulting, Novian Technologies
This year, the change in the geopolitical situation in the country and the surrounding region has made it necessary for organisations to reassess their operational risks.
The rise in the cost of energy and raw materials has led to a search for new suppliers, while the tightening of supply chains has created a need for alternative solutions.
Furthermore, the digital solutions that saved many organisations during the pandemic are having to be reassessed. In it now necessary to determine how they will work in the absence of the internet or electricity, or in the event of a loss of the IT infrastructure, and how they will protect perhaps the most important digital asset of all – data – from the threat of a cyber-attack or physical destruction.
Therefore, when assessing an organisation’s operational resilience today, it is important to extent to which the IT functions of the organisation are prepared to ensure business continuity. The goal is simple: to keep critical operational processes running in an uninterrupted manner in the event of an accident and to ensure they return to the desired level of performance in a timely manner.
In addition, in a critical situation it is essential to act quickly, so you need to be prepared in advance to act on the processes that need to be rescued first.
What is most important?
The most important task in a critical situation is to recover the applications and data that are essential to the functioning of the organisation. If you want to do this easily and quickly, you need to prepare in advance. What should be done?
- Audit: There should be an analysis of the IT infrastructure solutions, with an assessment of the complexity, criticality and relevance of the structure to the company’s operational needs. This will show how well the system meets the organisation’s needs, how the IT infrastructure is managed and what software is working with these operational processes.
- Determining the timing of RPO (Recovery Point Objective) and RTO (Recovery Time Objective).
The RPO defines what is the oldest data that needs to be restored urgently in order for the organisation to operate without interruption. This time can range from a few minutes to several hours. Different RPOs will be provided for different data sets and applications, depending on the operational needs and criticality.
The RTO defines the time required for the recovery to take place. Again, this may vary for different groups of data and applications. Some data will need to be recovered within the very same minute, while the organisation may successfully function without some other data for a month.
- Data disaster recovery solution: The solution needs to be designed and integrated according to the RPO and RTO requirements. For maximum security, remote data centres are created for backup storage.
- Disaster recovery processes: Defining and documenting these processes ensures a timely and appropriate response to an incident, as well as knowing who is responsible for what responses, who has to delegate certain tasks, and how to avoid mistakes.
A document must be created covering the procedures and responsible persons in cases where the DRP (Disaster Recovery Plan) should be activated. It should also describe the return processes after/if a non-functioning part of the infrastructure has been recovered.
- Disaster recovery technical procedures: These define the execution of the technical actions that are included in the Disaster Recovery Plan.
- Monitoring the recovery solution: The IT infrastructure changes all the time, as do business processes, their criticality and the persons responsible. The solution therefore needs to be regularly tested, monitored and adapted to match the current situation.
Urgent action is needed
Today, it is clear that the changes taking place in recent years require organisations to implement a new approach to the situation. Ensuring the continuity of IT processes requires the same approach.
Unfortunately, to maintain a smoothly running IT infrastructure, a one-time audit and planning are not enough – it is important to regularly test your plans, assess how quickly the data and other important parameters can be recovered and update your recovery plans accordingly.
We apply these procedures to the critical processes in our own company, and this year, with the change in the geopolitical situation, we have re-assessed them in relation to the new situation.
We urge other organisations to assess the stability of their IT infrastructure as soon as possible, and to make sure that it will continue working properly. This will ensure the long-term and stable operation of your IT infrastructure under any conditions.
About Novian group
Novian Technologies is part of Novian group, whose companies provide technological, software and digitisation solutions, as well as integrated IT solutions and services in those fields.
Novian Technologies competencies include creating and maintaining an IT infrastructure and adapting it to meet new requirements. Its service portfolio includes solutions related to high-performance computing devices and clusters, as well as open source cloud technologies, high-reliability data, archiving and more. In addition, the company provides maintenance services for critical IT infrastructures.
Novian’s corporate activities range from the smooth day-to-day running of IT to software development on a city-wide or national scale, as well as the development of information systems for particular sectors and digitisation solutions.
The companies in the Novian group implement projects in fields that include private enterprise, e-government, e-health, e-taxation and AI solutions.
The group’s companies are based in the Baltics, Norway and Moldova, from where they serve clients and implement projects across the globe. Between 2016 and 2021, the projects implemented by the Novian companies spanned more than 50 countries in Europe, Africa, Asia and the Americas.
Source: vz.lt project.