Operational security, outsourcing and crisis management
The common conception that major operational incidents are a thing of the past, due to existing redundancy and business continuity, has shown to be wrong. In recent years a number of massive incidents, with service interruptions of up to two month and costs of several millions have happened.
The chain that constitutes operational security is both long and highly complex. To get it right requires that many aspects work in concert.
Sentor can assist organizations with identifying operational risks and adapt to them. Thanks to long experience and high competence we can recommend actions where they are most needed.
About to outsource IT operations?
It is assumed that when operation is outsourced there is no longer an operational challenge since the SLA will ensure that everything is available when needed. This is true to a certain extend. It is important to consider that a SLA will make certain that the requirements are followed. This means it is extremely important when outsourcing to put forward the right requirements for operational security. The obvious challenge is to do this without jeopardizing business case for outsourcing.
Sentor can help you to strike the right balance here.
Want to audit your outsourcing partner?
Independently if you just want to be certain that you get what you pay for or you have to do it for compliance reasons (like ISO 27001 or PCI DSS), it is from time to time a good idea to audit the supplier. In our experience it is better to let a third party perform the audit to assure objectivity, cooperation and avoid bad blood in the relation with the supplier. Not to mention that it requires extensive experience and expert competence.
Contact Sentor if you want to discuss what kind of audit options exist and how we can most effectively perform the audit that tells you what you want to know.
When things goes pear shaped and an incident develops into a crisis it is not only important to have crisis management in place to deal with the crisis but also to have resilient systems that can function despite the a crisis. Normal redundancy, as it is part of most outsourcing offerings, alone will most likely not do the trick.
Sentor can help you how to select which systems should be resilient and how you make them so.