It has lately become abundantly clear that nobody is safe from Mother Nature’s mood swings, so the question for businesses is: what can you do in terms of damage limitation? Aside from exacting a heavy humanitarian toll, a natural disaster poses major economic challenges and getting back to normal also depends on data recovery. How many companies are prepared for the loss of their data? Do private and public economic players have a data backup and recovery strategy? And what risks do they run if they don’t? BR looks at the options.
“We already know that information offers its owner a strategic and competitive advantage. In one way or another, information is stored as data and the need to protect it in order to ensure business continuity is a given,” Liviu Bratu, chief technology officer of New Tech Consulting, tells BR.
In Romania the most popular data storage service is website hosting, whether in the form of a dedicated server or external hosting, according to Bratu. In developed countries, there is “a different culture, a different sense of ownership and a different level of maturity.”
The services offered in other countries’ data centers do not differ very much from what a local data center will offer, but the trend there is to offer anything as a service.
“In developed countries we can already speak about services in the cloud. The need to access applications easily from anywhere has always existed, and in the context of cloud computing, the frontier between home and office is nearly wiped out,” says Bratu.
More than 50 percent of large organizations in Romania are concerned that their backup windows leave some exposed data, risking data loss. “Most companies aim to reduce the duration of data backup and recovery in case of a disaster,” Dania Selaru, country GTS manager at IBM Romania, tells BR.
There are of course differences among how ready various players in Romania’s economy are for such a pessimistic scenario: as a rule, a large corporation will be more prepared to face a disaster than an SME or a public institution.
“A natural disaster could have devastating effects. The complete loss of data is unlikely for large companies. We estimate that two thirds of firms could have difficulties in recovering their data, without affecting their business processes. However for public institutions things can be worse, especially for local ones,” Dinu Bumbacea, partner and leader of the management consultancy department at PwC Romania, tells BR.
Most corporations do data backup at one point in time or repeatedly. “For a large company, the lack of backup is pure recklessness. However, many of them do not have a real solution for recovering their data in case of a disaster,” Dragos Manac, CEO of Appnor MSP, a managed service provider that hosts and integrates cloud computing solutions, tells BR.
For SMEs, the situation is worse. “SMEs often ignore the need for backup. Statistically, the chances of being affected are relatively low when we’re talking about a small amount of data. However, on the long term, even small companies will be affected by the lack of backup when data loss occurs,” he adds.
These smaller companies usually follow a similar path. “We are all familiar with the profile of the companies that hire an inexperienced junior to be in charge of everything related to IT. Often, this expert will not be sufficiently prepared to consider such criteria as how frequently data should be backed up, how fast it can be recovered, and whether it is stored in another location,” says Selaru.
A large corporation will generally choose to do backup on local systems using its own resources, while other companies may opt to replicate their data in a high-security location such as a data center.
“In Romania, data centers have appeared relatively recently and very few offer the option of dual location,” says Bumbacea. Standards in force stipulate that such sites should be a sufficient driving distance between two different seismic areas in order not to be affected at once by the same disaster.
The preferred method in Romania is collocation: companies benefit from the infrastructure of the data center and rent a security area where they place their own equipment, and the client’s IT teams will be in charge of the administration and configuration.
In more developed countries, the service package can be much more complex. “As an example, when choosing an e-mail service, the client will be interested that performance, resilience and security criteria are observed, but technical aspects such as the type and number of services that are used or the backup method will be the responsibility of the supplier, who answers for the quality of the services offered,” says Bumbacea.
A data center will offer a company that wants to store its data safely a few advantages, such as electricity, systems of climatization, and uninterrupted connectivity and physical security. It may also save money, as due to the large volume the cost per storage unit or per square meter of space will be lower, while the company will no longer have to invest in dedicated IT infrastructure. Instead, it can use the concept of IaaS (Infrastructure as a Service) and rent the equipment it requires. “The direction in which the IT services industry is going is clear, the model being cloud computing: software as a service (SaaS) and IaaS”, says Bumbacea.
Last but not least, each case is treated separately, reflecting the client’s needs. By resorting to an external supplier, the client will pay a monthly tax and avoid making investments in technology and space to store the data.
The question of limited resources is a valid one, given that by-the-book data storage will require investments that firms are just not ready, willing or able to make. “Companies cannot provide the availability and security levels of CyberHost from their own resources. This would mean injecting in the midst of an economic crisis tens or hundreds of thousands of EUR of investment (Capex) which is not justified. The time to instal and put into use the architecture would also be significant – it can take months – while the cost of maintenance and utilities would be higher,” say Romtelecom officials.
The operator has opened three data centers, in Bucharest and Brasov, with 1,000 sqm of capacity, into which it has invested “millions of EUR”.
Romtelecom has up to 100 customers for CyberHost services, mainly from the financial and banking sectors, IT&C companies and others. The biggest customers are multinational companies on the local market.
The firm’s most sought after services relate to collocation, while in other countries the most popular services are managed ones (outsourcing).
“Our Bucharest locations have reached 99 percent occupancy so we are currently directing customers towards the location in Brasov, where we still have capacity available,” say representatives.
Company officials claim that there has been no security condition requested by customers that it hasn’t been able to fulfill so far. “Romtelecom offers specialized disaster recovery solutions in data centers in different geographical areas (200 km apart),” they say.
The issue of where the data is stored geographically also matters. “In a major disaster, I estimate more than half of the local companies would be affected, for two reasons. Firstly, their data is stored locally or very nearby. Secondly, most large companies have their central office in Bucharest, a highly exposed area. This is why we offer data replication in Amsterdam, London or Washington DC,” says Manac.
Appnor MSP will open a unit this summer in north Bucharest. “It will not be a public collocation data center; we will use it to offer our clients managed and cloud computing services. We estimate that 75 percent of the infrastructure will be ours while the rest will be hybrid projects, says Manac. The total investment over the coming years will be around EUR 2 million. “We will start in stages because we cannot make a clear estimation of the degree of occupancy over the next year,” he says.
The center will host 1,000 servers, 40 high-density racks, a contained cooling-system, and an electric charge of up to 10 KW per rack. “At the moment there are no high-density data centers in Romania, and we believe in this concept, due to the energy efficiency it brings,” says Manac.
The clients will be medium and large companies. They could operate in the technology sector, including small companies, because they are large consumers of IT services. Apart from standard conditions of access and monitoring, racks have an individual code and are monitored via video. Access will be allowed only to a closed group of clients. Data replication and disaster recovery solutions are provided via technologies such as VPN, MPLS and even with dedicated fiber infrastructure (dark fiber).
Last year in October, IBM signed a deal worth several millions of USD with Petrom for data center services. The data center has 1,000 sqm for storing servers, which does not include the communication suppliers’ equipment, for which there are separate dedicated areas. Auxiliary systems such as diesel generators, UPS systems with batteries, fire extinguisher as well as space for unloading, unpacking, installation and storing make the rest of the site, of approximately 2,500 sqm. For the most part, clients of the IBM data center are from finance & banking and oil & gas. All existing customers are active in Romania but potential clients could come from CEE.
The IBM data center has sometimes had to adjust to special requests. This has included installing additional protection in the areas dedicated to that client, such as metallic cages. Other demands the company has received were dedicated systems for video surveillance and access control. The center uses anti-seismic platforms so that it can alleviate, or even eliminate, the effects an earthquake may have on the equipment it stores, says Selaru. “Ultimately, an organization is only as protected as it has prepared to be.”
Layers Upon Layers Of The Right Solutions
Guarding business data against disaster takes a holistic approach to meet security goals. Multiple layers of solutions are a must because cybercrimes are getting more sophisticated and widespread, targeting remote, hybrid, and in-office work environments and businesses.
Network firewalls, cloud data backup solutions, zero trust security, and other cybersecurity threat-hunting technologies are available to give organizations numerous options to choose from to protect their data from unauthorized entities. But, there’s a huge challenge when it comes to choosing the right cybersecurity solution in terms of coverage, support, and pricing.
Choosing a reputable cybersecurity provider is the first step before accelerating a business to digital transformation. Timewade and other experts in the field can help protect enterprise data and networks from vulnerabilities and threats that cybercriminals inflict, ensuring companies have a secure network and data backup and recovery options.
Now more than ever, organizations must invest in more advanced cybersecurity solutions not just to protect their current systems and data, but also to prepare for future challenges, such as more aggressive data theft and ransomware attacks. By doing so, nothing can impede business growth and success with seamless and secure operations, providing customers with peace of mind that their most vital info is safe.