Latest News from Forsythe

In these times of financial uncertainty, any impact to a company’s business is magnified. Because of this, a chief information officer (CIO) needs to know that the IT assets installed within his or her corporate data centers are protected against failure.

Over the years, report after report has outlined the significant financial impact a data center outage can have on an organization. These reports have helped enable many CIOs to obtain buy-in and funding to enhance their disaster recovery plans, often at a high cost to the organization. But frequently, these efforts fail to take measures a critical step farther, namely to identify the potential causes of an outage before it occurs.

Corporations, and especially their CIOs, need to look at the underlying infrastructure supporting the organization’s data center facility (space, power, cooling, fire protection, IT operations, etc.) to understand its current state and what investments should be made to decrease the probability of an outage.

In a typical 1,000 square foot corporate data center, for example, there can be as much as $10 million or more in compute assets installed. That may be a hard number to swallow for a small data center until you take a look at the purchase order history of the IT assets installed.

These assets may include:

• Network core and distribution switches
• Routers, load balancers and firewalls
• Unix servers
• Wintel servers
• Mainframes
• Storage

These are just some of the physical IT assets installed. Other assets that reside in the data center include the application being run and, of course, the corporation’s data itself. All of these items need to work in unison to ensure that the business stays running. However, a single data center outage affects all these items at once, costing companies millions of dollars each year.

What should be done?

CIOs should do the following to ensure that the IT assets in their data centers are protected:

See the data center(s) in action.

Today’s CIO will be well served by doing his or her own on-site data center examination. Some CIOs do this already, but the majority do not. CIOs should spend one full hour per month walking through their data centers, literally looking at the environment, questioning the data center manager on why things are the way they are and beginning to formulate a game plan to resolve the issues.

Perform a thorough data center assessment.

With so much at stake, it is critical to ensure that you have a full, detailed picture of your data center’s potential vulnerabilities to outage. At a minimum, a thorough data center facility assessment will address the following categories:

• Exterior building environment
• Interior building environment
• Structural
• Architectural
• Fire protection
• Plumbing
• Mechanical
• Electrical
• Physical security (perimeter and internal)
• Telecom and low voltage
• Operations and maintenance

Within the categories listed above, a meaningful data center assessment will include more than 200 sub-categories related to data center uptime and risk avoidance.

Because of the scope and potential stakes of the assessment, some CIOs choose to bring in a third party. As is true in many situations, an outside perspective can uncover details and see the big picture in ways that the most careful, repeated internal scrutiny cannot. In many cases, an independent data center vulnerability assessment and remediation plan can also prove useful in garnering board approval on funding to enhance the data center. In some cases, an external review can help the CIO cut back on disaster recovery contracts, which, for some companies, can cost hundreds of thousands, or even millions of dollars each year.

How long does a data center assessment take to complete?

Assessments vary in length based on data center size and the complexity of the electrical and mechanical systems. Most in-depth assessments will take an experienced data center specialist one to two full days onsite to gather the raw information, and then three to five weeks to analyze the information collected and prepare a comprehensive, easy-to-follow executive report. Assessments completed in-house typically take much longer, as the personnel involved are also responsible for day-to-day management of the data center operations.

What does it cost?

Third party data center assessment costs vary. That being said, a good starting point is $25,000 to $30,000 for a data center up to 5,000 square feet in size. Of course, the costs will vary due to data center complexity and the scope of assessment offered.

In-house assessments are calculated in soft cost and opportunity cost; in other words, what is your data center staff and management postponing in order to accomplish the assessment over a number of weeks?

Is it worth the investment?

This comes back to the questions considered above: What is your risk of data center outage? What is the potential financial impact? These leads to another question: What investment in prevention is justified? The risk of not knowing the issues can and will be more costly when the outage occurs. Remember, the risk is when an outage occurs, not if an outage occurs. It is a fact that outages occur, but more often than not, those outages can be avoided if their cause had been identified and remediated in time.

As an example, using the $10 million in physical assets figure mentioned earlier, and calculating the assessment cost at $30,000, the true cost of the assessment is 0.003 percent of the cost of the physical assets, not to mention the financial cost impact of an outage itself.

The bottom line

Performing a thorough assessment of the corporate data center provides the CIO with a current state document that can be used as a roadmap for eliminating vulnerabilities, reducing risk and providing increased reliability. All of these are integral to protecting the company’s bottom line.

An earlier version of this article appeared on Computer Technology Review.