EPI Hybrid Resilience Rating


Introduction

Organisations are more and more highly dependent on their ICT infrastructure.

Previously, ICT architectures were often based on a single, or at most, clustered server infrastructure with potential failover capabilities to another physical location. This is where the Uptime Institute Tier Topology guidelines and Standards such as the ANSI/TIA-942 came into play to define a single data centre with resilient supporting facilities infrastructure. Uptime Tier Topology guidelines only covers electrical and mechanical systems. ANSI/TIA-942 not only covers electrical and mechanical resiliency but also the supporting telecommunications infrastructure.

However, over the last decade, the ICT infrastructure and business needs have undergone phenomenal changes due to the emergence of new technology creating complex hybrid environments. Existing rating systems are not always applicable to hybrid environments to effectively benchmark the demands of the new ICT environments.  Therefore, an additional and new rating system is necessary to support the evolution of these hybrid ICT environments in the digital economy.

 

The key to any business success

Organizations rely on its human capital to be effective supported by the underlying ICT infrastructure to drive business value. As such, they need to be able to use the business applications in line with its required functionalities.

There are a number of consistent elements which applies to any IT user which therefore determines the underlying ICT and data centre infrastructure. The following criteria (also known as non-functional requirements) apply to any application;

  • Availability
  • Performance
  • Security

There are a number of layers which need to work in harmony to deliver on the above-mentioned criteria. These include;

  • The input device; this could be a device with an application such as a desktop/notebook/mobile device or sensors in an IoT ecosystem, generating data which need to be processed.
  • The network; this is the transport layer connecting the input device and all the layers in between to the actual application whether that is at the Edge or at the Core data centre such as an enterprise (on-premise) or commercial data centre (off premise).
  • The application; this is often split into two parts being the human interface connecting the end-user with the ICT infrastructure and the back-end which is providing the actual functionality of the (business) application.
  • The database; this is the part where data will be stored for immediate or future access by the application.
  • The systems; this is equipment providing the connectivity, processing and storage capability such as network equipment, servers and data storage systems.
  • The facilities; this is the data centre in which the ICT equipment is housed.

 

Standards and rating systems

Standards often set a fixed baseline or are prescriptive in nature, by outlining a framework or architecture which should be implemented to meet the standard. Although this works well in certain environments (for example data centre facilities infrastructures), in a complex and hybrid environment such as today’s infrastructures, there is no single solution which is able to address the ever-increasing demanding business requirements and therefore its supporting ICT infrastructure.

EPI believes that the ultimate baseline is made up of the business requirements at the input device level in terms of application availability, performance and security. For enterprise applications, the input device could be a tablet or computing device whereas in other use cases it might be an IoT sensor or - for example - an autonomous vehicle. Each of these use cases have their unique parameters in order to function as per its design intent.

To address this new complex hybrid resilience-based environment, EPI developed a comprehensive assessment service which embraces existing standards and add a new framework around it to meet today’s business requirements.

 

The EPI Hybrid Resilience Rating

EPI believes that it is impossible to create a (simple) rating system based on a fixed set of parameters and then classify application and use cases in either one of those fixed rating definitions. This is further complicated due to the ever-changing shift in requirements and enabling technology.  For example, with latency of 50mS common in 4G, it will drop to as low as 1mS in 5G networks. Hence, if awarded a rating 1 to an infrastructure meeting a latency of 50mS and perhaps rating 2 for an infrastructure meeting 100mS, it would no longer apply in a 5G environment. In other cases, hybrid environments may exist offering both 4G and 5G connectivity. Both examples instantly demonstrate that it is not possible to come up with a fixed rating system.

EPI’s approach to rate and validate complex hybrid environments is simple and straight-forward. Based on ISO standard principles it starts with defining the scope and the three key parameters (availability, performance, security) for that same scope. Each of these three parameters will vary per use case. For example, the use of a finance application in a bank headquarters building may have different required or desired parameters compared to the same finance application used in a remote branch office. The end-user in the remote office may prefer to have the same availability, performance and security levels as the headquarters office but this may not be feasible due to infrastructure and budget limitations.

Most customers would define the scope and parameters in line with their Service Level Agreements (SLA) as that commonly forms the basis of setting performance indicators based on business requirements. However, EPIs Hybrid Resilience Rating can extend far beyond the scope of an organisations’ existing SLAs.

 

The EPI Hybrid Resilience Rating Assessment

EPIs Hybrid Resilience Rating Assessment is a distinct assessment service aimed at organisations that wish to have a 3rd party assessing their infrastructure as part of their risk management strategy and corporate governance.

The EPI auditor will review the scope and parameters as set by the customer and review that against the end-to-end infrastructure. After completing the first step, a detailed review will take place of the underlying end-to-end infrastructure, starting at the input device level down to the core ICT infrastructure - often located in a data centre - and its supporting facilities infrastructure. The review will include actual performance data including outage reports and their root cause analysis.

The output of the assessment will result in an assessment report and certificate if the infrastructure is meeting the definition of the scope and its defined availability, performance and security parameters.

The number of days and cost of the assessment heavily depends on the scope and number of physical locations and as such, EPI will build every proposal specific for each customers’ need.

 

Please contact sales@epi-ap.com should you require more information.


 
Training
• Foundation
Risk

Find a Training Schedule

EPI Data Center Framework

EPI Data Centre Operations Standard (DCOS)

EPI Data Centre Conpetence Framework

EPI Data Center Training Framework

IT Training Framework

Make enquiry
Send me updates
Copyright EPI Singapore 2020      | Privacy Policy | Terms & Conditions