Difference between revisions of "Cloud-10 Business Continuity and Resiliency"

From OWASP
Jump to: navigation, search
Line 9: Line 9:
 
property of a system to adapt itself to the consequences of a
 
property of a system to adapt itself to the consequences of a
 
catastrophic failure caused by natural or man-made events.
 
catastrophic failure caused by natural or man-made events.
 +
 +
 +
<!-- How is it managed in a non-cloud environment? -->
 +
 +
The business continuity is the responsibility of an organization
 +
that operates in a non-cloud environment. The planning and
 +
execution of business continuity is owned by the
 +
organization. Since the organization owns the entire IT
 +
infrastructure, it has the knowledge and the resources needed to
 +
develop an effective business continuity plan.
 +
 +
<!-- What aspects of cloud computing create a risk for business continuity? -->
 +
 +
In case of an organization using a cloud, the responsibility of
 +
business continuity gets delegated to the cloud provider. The
 +
organization loses control over how business continuity is
 +
planned for and executed. This creates a risk to the organization
 +
of not having appropriate business continuity in the case of a
 +
disaster.
 +
 +
If an organization itself lacks a business continuity strategy,
 +
and decides to use a cloud provider that has a well defined
 +
business continuity strategy, the organization benefits from the
 +
use of the cloud.
 +
 +
<!--
 +
Due to the lack of physical control over infrastructure in many
 +
Cloud Computing deployments; Service Level Agreements, contract
 +
requirements, and provider documentation play a larger role in
 +
risk management than with traditional, enterpriseowned
 +
infrastructure.
 +
-->

Revision as of 09:39, 15 February 2010


As per Wikipedia, Business Continuity is the activity an organization performs to ensure that critical business functions are available to the customers, suppliers, regulators, and other entities that must have access to those functions. These activities include many daily chores such as project management, system backups, change control, and help desk. Resiliency is the property of a system to adapt itself to the consequences of a catastrophic failure caused by natural or man-made events.


The business continuity is the responsibility of an organization that operates in a non-cloud environment. The planning and execution of business continuity is owned by the organization. Since the organization owns the entire IT infrastructure, it has the knowledge and the resources needed to develop an effective business continuity plan.


In case of an organization using a cloud, the responsibility of business continuity gets delegated to the cloud provider. The organization loses control over how business continuity is planned for and executed. This creates a risk to the organization of not having appropriate business continuity in the case of a disaster.

If an organization itself lacks a business continuity strategy, and decides to use a cloud provider that has a well defined business continuity strategy, the organization benefits from the use of the cloud.