Aligning ITIL® Service Continuity with Cloud Computing5 KEYS TO SUCCESS

About ManuelManuel W. Lloyd

Manuel W. Lloyd is a Disruptive, Innovative & Entrepreneurial CIO that uses his self created and revolutionary formula for Operational Efficiency (OEn = Hx:Vy) in helping highly regulated organizations successfully align Regulatory Compliance, Information Governance & Cybersecurity through his thought leadership, business insight, and leading edge thinking.

Founder, Manuel W. Lloyd Consulting®

What Is ITIL®?A set of best-practice publications for IT service management. Owned by the Cabinet Office (part of HM Government), ITIL gives guidance on the provision of quality IT services and the processes, functions and other capabilities needed to support them.

The ITIL framework is based on a service lifecycle and consists of five lifecycle stages (service strategy, service design, service transition, service operation and continual service improvement), each of which has its own supporting publication.

There is also a set of complementary ITIL publications providing guidance specific to industry sectors, organization types, operating models and technology architectures.

See www.itil-officialsite.com for more information.Founder, Manuel W. Lloyd Consulting®

What Is IT Service Continuity Management?• IT service continuity management (ITSCM) (ITIL Service

Design) The process responsible for managing risks that could seriously affect IT services. IT service continuity management ensures that the IT service provider can always provide minimum agreed service levels, by reducing the risk to an acceptable level and planning for the recovery of IT services. IT service continuity management supports business continuity management.

• IT service continuity plan (ITIL Service Design) A plan defining the steps required to recover one or more IT services. The plan also identifies the triggers for invocation, people to be involved, communications etc. The IT service continuity plan should be part of a business continuity plan.

Founder, Manuel W. Lloyd Consulting®

What Is Cloud Computing?Cloud computing is seen as a new way of delivering computing resources. Cloud computing has been described as a business model for the use a of underlying IT technologies.

Therefore cloud computing is not new technology, but relies on the latest technologies to be delivered efficiently, effectively and with better economies of scale. The basic principles of cloud computing date back to the mainframe era of circa the 1950s and 1960s.

Cloud Computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

What Is A Disaster?A disaster is any event which prevents your organization from carrying on its usual operations at the normal place of work for more than a predefined time period: • Natural disasters (E.g., earthquake, storm, tsunami, flood)

• Accidental hazards (E.g., fire, gas leak, vehicle collision)

• Hostile acts (E.g., war, terrorism, sabotage, vandalism)

• Willful/malicious damage (E.g., security breach, theft)

• System/equipment failure (E.g., IT infrastructure)

• Loss or destruction of vital records or information

• Loss or lack of critical resources, support function, or key personnel

THE PROBLEM

Most organizations are ill-equipped to quickly respond to Disasters

THE SOLUTION

ITIL® ITSM + Cloud Computing

The Goal: Operational Efficiency & Effectiveness

+ =

IT Service Continuity Management Lifecycle

Cloud Computing Models

Organizational Resiliency

What Disaster Recovery Looks Like

Disaster Alert Notification

Recovery Time Objective RTO

Maximum Tolerable Outage (MTO)

Service Interruption

Time Line

Recovery Point Objective RPO

Damage Assessment

Disaster Declaration Assessment Resumption of

Critical Services

1 - 2 hours 3 - 4 hours 1 - 2 hours

Disaster Declared

(1) (2) (3)

Recovery Point Objective (RPO) The maximum amount (in time) of data that can be lost in case of a disruption. Answers the question: “To what point in time can I recover? ”

RPO/RTO/MTO

14

Recovery Time Objective (RTO) The maximum amount of time it will take from the disruption to bring back the business functions according the agreements including data.

RPO/RTO/MTO

15

Maximum Acceptable Outage or MAO is the time frame during which a recovery must become effective before an outage compromises the ability of an Organization to achieve its business objectives and/or survival. Related Terms: Recovery Objectives

RPO/RTO/MTO

16

HOW DO YOU ESTABLISH YOUR RPO/RTO/MTODetermining how far you need to go back with a Cloud Backup Solution

Restore from Previous Backup

1.Start with most recent backup2.Make sure to scan them for

viruses on another PC (not the one that is not infected)

3. If files/folders contain virus, go back to previous backup version

4.Once clean version is found, restore files/folders

PROs & CONs

+ Ideal when individual files or folders are infected

- Need to scan individual files and folders until you find a clean copy

- Is ineffective if entire server is infected

HOW DO YOU ESTABLISH YOUR RPO/RTO/MTODetermining how far you need to go back with a DRaaS solution

Use DRaaS

1. Spin up the VM with your most recent image

2. Log into booted image to verify it does not contain virus (inspect image)

3. If virus is found, log into next most recent image

PROs & CONs

+ Much faster to inspect

+ Whole file system is intact

+ Users can access applications immediately

+ Keeps VM self-contained (can’t infect other VMs)

- Must have DRaaS solution that can boot on local appliance

Business Continuity Management PlanCommencement

Develop Continuity Plans for the Chosen Strategy

Develop Response Strategies

Conduct Threat and Risk Assessment

Conduct Business Impact Analysis

Exercise Plans

Audit and Maintain Plans

Monitor &

Review

Microsoft Cloud SolutionsBreadth & depth solutions for business continuity & disaster recovery

Hyper-V FailoverClustering for VM Resilience

1

Hyper-V Guest Clustering for app-level HA, i.e. SQL Server AlwaysOn FCI2}

Centralized backup with Data Protection Manager 4

Simplified protection with Windows Server Backup 3

Integration of WSB/DPM with Microsoft Azure Backup 5

Orchestrated Physical, Hyper-V & VMware VM Replication & Recovery using Azure Site Recovery, between on-premises locations, or between on-premises & Microsoft Azure

6

Azure Site RecoveryOne solution for multiple infrastructures

Hyper-V to Hyper-V(on-premises)1

Hyper-V Hyper-V

Replication

Hyper-V to Microsoft Azure3

Hyper-VMicrosoft

Azure

Replication

VMware/Physical to VMware (on-premises)4

VMware/Physical VMware

Replication

VMware/Physical to Microsoft Azure5

VMware/PhysicalMicrosoft

Azure

Replication

Hyper-V to Hyper-V(on-premises)2

Hyper-V Hyper-V

Replication

SAN SAN

Protect important applications by coordinating the replication and recovery of private clouds across sites.Protect your applications to your own second site, a HSP’s site, or even use Microsoft Azure as your disaster

recovery site

Azure Site Recovery Service

• Protect important services bycoordinating replication and recovery of private clouds

• Automates replication of VMs within clouds between sites

• Hyper-V Replica provides replication, orchestrated by Azure Site Recovery Service

• Can be used for planned, unplanned and testing failover between sites

• Integrate with scripts for customization of recovery plans

Orchestrate protection and recovery of private clouds

Replication Channel

Datacenter 1

LOB cloud/Dev-testLOB cloud/Dev-test

Failover

Datacenter 2

Comm

unica

tion

chan

nel Com

munication channel

MicrosoftAzure Site Recovery Service

Hyper-V Hosts

Hyper-V Hosts

System Center 2012 R2

(Optional)

System Center 2012 R2

(Optional)

On-premises to Azure protection (Site-to-Azure)Site to Azure

Orchestration and Replication

Microsoft Azure Site Recovery

Primary Site Hyper-V

October 2014

Key features include:Automated VM protection and replicationRemote health monitoringNear zero RPO

No-impact recovery plan testingCustomizable recovery plansMinimal RTO – few minutes to hours

Orchestrated recovery when neededReplicate to – and recover in – AzureHeterogeneous physical and virtual support

NEW December 2014

1 CUSTOMER TO AZURE

2 SMB TO AZURE

Azure Site Recovery ServiceContinuous health

monitoringContinuously and remotely monitors application availability

Orchestrated recovery

Orchestrates orderly recovery of virtual machines that compose multi-tier servicesOffers customizable recovery plansSimplifies recovery plan testing

Automated protection

Delivers on-going replication of virtual machinesIntegrates with Hyper-V Replica and System Center Virtual Machine Manager technologiesWorkload data remains in your network

How it works: configure Sign up

Site A

System Center Virtual MachineManager (Optional)

ADSQLExch

System Center Virtual MachineManager (Optional)

Site B

How it Works: Create Recovery Plan

Hyper-V Replica replicates virtual

machines

Health monitoring

Createrecovery

plan

Site A

System Center Virtual MachineManager (Optional)

ADSQLExch

Configure

System Center Virtual MachineManager (Optional)

Site B

How it Works: Recover from Datacenter Failure

System Center Virtual MachineManager (Optional)

Site B

Createrecovery

plan

Orchestrates recovery of services in the

event of an outage

ADSQLExch

View step-by-step guidanceQUICK START

2

A group for servers to represent Site or Branch.

CREATE SITE

3

Register Hyper-V ServerREGISTER

4

Define protection policy

CONFIGURE PROTECTION

5

Summary

6

Replicate disks to Azure

PROTECT VIRTUAL MACHINES

8

Test the deployment

RUN DR DRILL

Select recovery regionCREATE VAULT

1

Define DR Plan

CREATE RECOVERY PLAN

7

Flexible configuration options

• Recovery plans are stored in Windows Azure as Cloud Services

• Select SCVMM clouds to protect

• Customize network mapping locally in SCVMM and failover same settings to a VNet in Azure

• Automatically enable replication of virtual machines

• Test recovery plans

• Monitor services

When to Choose Windows Azure

Site Recovery Service?If you:

Have a secondary site available

Use System Center Virtual

Machine Manager (Optional)

Have currently unprotected workloads

?

Can benefit from reducing the

impact of planned downtime at your

primary data center

THE PROBLEM Of those surveyed have had a data center outage in the past 24 months.

TOP CAUSES OF DOWNTIME

91%PERVASIVENESS OF DOWNTIME

VIRTUALLY EVERY BUSINESS WILL EXPERIENCE SOME TYPE OF DOWNTIME…

Hardware Failure

Human Error

Software Failure

Natural Disasters

0%

10%

20%

30%

40%

50%

60% 55%

22% 18%

5%

Of companies experienced an outage or downtime THIS year.

47%

DOWNTIME IS EXPENSIVE AND CAN CRIPPLE BUSINESSES

WHAT’S THE COST OF ONE HOUR OF DOWNTIME?$8,000 for a small company to $600,000 for large enterprises

$215,000

$600,000

Source: ActualTech Media 2015 DRaaS Attitudes & Adoption Report

INSUFFICIENT ITRESOURCES

36%

$ $ $ $ $ $$ $ $ $$ $$ $ $ $$ $$ $ $ $$ $

25% 23%

TOO EXPENSIVE

COMPATIBILITY & COMPLEX ISSUES

BARRIERS TO ON-DEMAND FAILOVER

Offsite Tape Backup

Cloud Backup

Appliance Backup

Cold Site DR

Hot Site DR

Warm Site DR

DAYS

SECONDS

REC

OVE

RY T

IME

COST$ $$$$$

DRaaS Nirvana

TRADITIONAL DR TRADEOFFS

END USER

Users keep working

Recovered & Virtualized

...but users can continue to work with recovered apps virtualized from the appliance or within the cloud.

Servers and applications are down...

CLOUD-BASED DR IS ON DEMAND

Redundant Environment

5 MUST HAVESOf a Modern DRaaS Solution

1

2

4

3

5

Don’t Break the Bank

Exploit Cloud Spillover

Get Complete Coverage

“Push Button” Failover

Encrypt Your Data

5 MUST-HAVES OF A DRAAS SOLUTION

Bandwidth

Failover Site+

SoftwarePeople

$$$$

VULNERABLE TO HACKERS

ISSUES

EXPENSIVE & COMPLEX

Production Site

$$$$Up to 3X the Cost

EXPENSIVE TO IMPLEMENT

COMPLEX TO TEST & USE

RPO/RTOTRADE-OFFS

1DON’T BREAK THE BANK

MORE SPACE =

MORE CLOUD

2EXPLOIT CLOUD SPILLOVER

OLD WAY NEW WAY

++ +

+$ $

$$

$+

MORE SPACE = MORE APPLIANCE MORE SPACE = MORE CLOUD

BACKUP ANY DEVICE

SUPPORT ANY OS

DEPLOY IN ANY FORM

RECOVER ANYTHING

STORE IN ANY CLOUD

BOOT ANYWHEREFAILBACK ANY SYSTEMS

3GET COMPLETE COVERAGE

Supports more than 100+ versions of operating systems

Desktops, Laptops, Mobile, Physical & Virtual Servers

Physical & Virtual Hardware, Agent Software

Public, Private, and Third-Party Clouds

Virtual Machine (VM), applications, servers, or a

whole network locally

VMs, Applications, Servers, Networks Appliance and Cloud

SUPPORT ALL ENVIRONMENTS

BOOT ANYWHERE

WICKEDLY FAST

VMware, Hyper-V, Windows, Linux

On the appliance or within the cloud

From seconds to minutes

4 PUSH BUTTON FAILOVER

01001010110101101101010010101010010101010101101001010110101101101010010101010010101010101101001010110101101101010010101010010101011010101001010101101010100101010101011

010010101101011011010100101010100101010101011010010101101011011010100101010100

010010101101001110110101001010101001010101010110101010101010101010101010101010010101001010101101010101

Data is encrypted with the user’s key1

Data is sent through a secure, tunnel with 256-bit SSL.

2

Data remains encrypted at rest within the data center. 3

DATA

DATA

5ENCRYPT YOUR DATA

Training.Rinse.Repeat. Knowledge Is Power