Info-Tech Research Group
NOV 30, 2009 3:05pm ET

Related Links

Predictive Modeling Making Insurer Inroads
February 8, 2012
Biting the Bullet for a Core Upgrade
February 6, 2012
The CRM Shift
February 3, 2012

Web Seminars

Getting Started with Big Data
Available On Demand
Transactions & Interaction: The Correlation of Structured and Unstructured Data
Available On Demand
Deliver Better Enterprise Data through Better Reference Data Management
Available On Demand

Understanding Server Room Co-location

Print
Reprints
Email

Enterprises embarking on the selection process for a co-location vendor find it difficult to sort through the commoditized services offered by vendors. While most organizations begin co-location engagements on a basic level of service, it is important to evaluate the vendor’s services as a whole. Many organizations find themselves tied to a vendor that cannot support their growth and future service needs, which results in the need to change vendors and incur switching costs. Whether or not recovery services are required at the time of selection, they are important for IT to include in the evaluation process in case of future requirements.

Organizations looking specifically for co-location of recovery services, or just basic co-location services can benefit from including recovery services selection criteria in co-location vendor evaluation. Use such criteria to:

  • Differentiate vendor offerings.
  • Mitigate the chances of needing to switch providers in later phases of co-location.
  • Choose a vendor for recovery services.

Key Selection Criteria

When beginning the selection process for co-location recovery services vendors, refer to the following criteria and examples to aid in selecting criteria that fits the enterprise’s specific needs before soliciting vendor information. Note that criterion is in no specific order of importance.

  1. RTO and RPO specifications. A vendor’s recovery time objective (RTO) and recovery point objective (RPO) should at least match the organization’s requirements. Ensure the vendor is able to provide basic site or facility recovery services to operate effectively within the organization’s RTO for a specified time (i.e. within 12 hours), and RPO for a specified time (i.e. within 24 hours).
    • Can the vendor provide details on all basic site or facility recovery services?
  2. Recovery site ownership. In case of an outage or issue where data has to be transferred to the recovery site, it is important to know who is responsible and has ownership over the recovery site. If it is a third party (i.e. another operator or vendor) that owns the recovery site, the organization may want to include them in an assessment as well.
    • Is the target recovery site owned by the vendor or provisioned through a third party?
  3. Recovery site location. The vendor’s recovery site location should be a safe distance away from its primary site in case of natural disaster or wide spread power outages. However, if the recovery site is located in another country, the organization may run into compliance issues. Determine the distance the organization requires the recovery site to be at, in order to assist with vendor selection.
    • Is the target recovery site located at least (specify distance, i.e. 75km) from the primary site?
  4. Standardization. A standardized recovery methodology should be employed within the vendor’s operations and shared with the organization to communicate processes and procedures. In any shared facility, and particularly with shared DRP facilities, there is an element of over subscription. Therefore, it is crucial to closely examine the process used by the vendor to assess risk and impact for each of the customer’s assets, hosted or outsourced. Leading vendors are able to demonstrate a clear and mature business impact analysis to identify severity of impact as an input to recovery scope, timeframe, and priority.  Ensure there is a solid recovery strategy in place and that it is tested regularly, defines responsibilities for both the vendor and the organization in case of an incident, and includes a clear business impact analysis.
    • Can the vendor provide sufficient details of their recovery methodology and processes?
    • Are vendor recovery needs/process responsibilities, versus customer’s responsibilities, clearly defined?
    • Does the vendor methodology, as described, include a clear and mature business impact analysis to identify severity of impact as an input to recovery scope, timeframe, and priority?
  5. Recovery terms and procedures. The organization should be aware of the vendor's recovery invocation terms and procedures in case of an incident. These processes should be clearly defined and standardized.
    • For a declaration of disaster, can the vendor provide details of service offerings including monthly, and any exception, pricing?
    • For recovery testing, can the vendor provide details of service offerings including monthly pricing, any exceptions, and number of tests per year included?
    • Are resources available to the organization during both test and recovery operations as a part of the standard offerings (i.e. vendor personnel, physical space, site technology)?
    • Can the vendor provide details regarding the hours and level of support available including such things as pager, alert, or escalation availability?
  6. Pricing. Many vendors offer tiered pricing for recovery services (e.g., “standard” versus “enhanced”). Have the vendor provide detailed (unit) pricing for each of items listed in Table 1 and define which services are standard and which are enhanced. Billing for recovery services can be broken down a number of ways:
    • Access/availability. The ongoing monthly fees where the customer pays for access or availability to the recovery site when there is a need.
    • A one-time fee associated with the declaration of a disaster. This fee is actually meant as a deterrent. It evolved because companies would occasionally use the site for testing their environment; not for DR testing. Most of the old DR sites were shared subscriptions which meant that when one company was in the DR site using it for non-DR activities, other customers experiencing a real DR couldn’t gain access to the recovery site. In light of this, vendors began charging a fee to declare the disaster to prevent this from happening.
    • A fee for operating within the site. Fees for the days the customer is actually in the site. The contract may specify a number of days and usage that is included, and any time spent operating in the site over that specified time limit is billed at an additional daily or weekly rate.
    • Is there a standard pricing table available for the vendor's recovery services?
    • Can the vendor detail exceptions and any exception-pricing to provide standard service?
    • Can the vendor detail exceptions and any exception-pricing to provide enhanced service?
Filed under:
Data Management
Disaster Recovery

Advertisement

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
You must be registered to post a comment.
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.

Slide Shows

How to Select Relevant KPIs
Most Read
Most Emailed

Information Management discussion: Business Intelligence

Twitter
Facebook
LinkedIn

Analytics

Business Intelligence

Customer Experience

Open Source

Predictive Analytics

Data Governance

Data Integration

Data Management

Login  |  My Account  |  White Papers  |  Web Seminars  |  Events |  Newsletters |  eBooks
FOLLOW US
Please note you must now log in with your email address and password.