by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : October 30, 2012
president and chief technology of - cer of IT infrastructure solutions for CSC s North American Public Sector. One of the biggest challenges remains the lack of industry stan- dards regarding what deliverables should be included in a DRaaS pack- age. "Because the space is still very new, I wouldn t take anything for granted when you are negotiating SLAs," Dines said. Another potential stumbling block is the need to sort out complex inter- connections in existing IT systems before duplicating them in the cloud. "Sometimes it s not clear what all the interdependencies are for applica- tions you ve been running for the last 20 years," Riddle said. The fundamentals What should you consider before trusting the cloud for disaster recov- ery? The rst step is deciding on the right cloud model --- public, private or a hybrid of the two. Moving to a public cloud service is best for agencies that have relatively homo- geneous infrastructures --- namely, virtualized x86 servers rather than a mix of Unix and mainframe servers, Knox said. IT organizations with mixed plat- forms should consider a private or hybrid cloud strategy instead. "In larger enterprises, people aren t ask- ing, How am I going to recover my mainframe in the cloud? " he said. "The more heterogeneous the envi- ronment, the more complex [disaster recovery] gets because of different types of hardware and platforms, recovery times, recovery points, and tiers of applications." Technological diversity is not the only consideration. Agencies should also carefully evaluate the kind of data they might be sending to the cloud, Khanna said. For security reasons, mission-critical applica- tions or those that hold classi ed data should remain in a private cloud or a shared government cloud. Less critical resources could be protected by a public DRaaS solution. "Not all applications and data are classi ed or top secret --- even in intelligence agencies and the [Defense Department]," Khanna said. "So they absolutely could go into a public cloud." Other security considerations stem from how data will be protected as it is being transferred to and from the recovery site, and while it is housed in the cloud. Encryption and two- factor access controls are a must, he said. Khanna also said agencies should decide what RTOs each application requires and let that guide deploy- ment decisions. "If I go to a public cloud, I may be riding on a public infrastructure and whatever SLA I can negotiate," he said. "So I may get better RTOs from a private cloud." The hurdles Planning and a needs analysis alone won t guarantee success, experts say. IT managers should also prepare for some common challenges associated with DRaaS. Fees can be a shock if they re not clearly de ned during the SLA nego- tiation process. Analysts said many DRaaS solutions charge a basic monthly fee to cover daily data rep- lications and the cloud resources necessary to prepare for a disaster. But agencies should also be prepared for additional, so-called declaration fees, the costs that kick in when a customer "declares" that a crisis is unfolding and recovery mode is launched. Declaration fees might be levied for each day the agency is in recovery mode. Other pricing confusion comes about because some service pro- viders use their own models rather than an industry-accepted standard. For example, one provider might set prices according to the number of ExecTe c h virtual machines being protected, while another might use the num- ber of processors as the benchmark. "It s been hard to make apples-to- apples comparisons," Knox said. Fortunately, there are signs that the situation is changing. A recent industry trend is to base pricing on a combination of connection costs, memory, disk space and the number of virtual machines. "We are starting to see some standardization around those four core areas for pricing," Knox said. Another potential snag: Cloud pro- viders frequently oversubscribe their services by signing up more custom- ers than can be accommodated if disaster strikes them all at the same time. That approach is not inherent- ly bad, Dines said, because it helps bring down subscription costs. But agencies should question a potential service provider about how it will keep from becoming overwhelmed. "I would ask what safeguards they have put in place to make sure that there will never be resource con icts at time of declaration," she said. "That might be as simple as mak- ing sure that they ve got customers from a wide geographic range so it s unlikely that they d all be declaring at the same time." Finally, agencies should avoid the temptation to view DRaaS as a set- it-and-forget solution. "I ve met organizations that say, I m sending DR to the cloud; I m not going to think about it again, " Dines said. "I ve seen organizations lose focus because they ve moved DR to the cloud." But even with a cloud solution, agencies must continue to perform all the associated duties that go along with a disaster recovery pro- gram, including conducting business impact assessments, risk analyses and tests with internal staff. Some vegetables you just can t avoid eating. ■ 30 October 30, 2012 FCW.COM
October 15, 2012
November 15, 2012