Hurricane Katrina Demonstrated the how complex - reasonably prepared organizations... who modelled the the scenarios and designed reponses to the impending disasters failed to execute their DR plans effectively.
The Systems and underlying Infrastructure failed miserably... the preparations did seem to have taken into consideration that the Infrastructure like Roads,Transportation, Power and Communication Systems would themselves be vulnerable for catastrophic failure...
There was little or no forethought in relocating and concentrating people in locations like the Dome and the convention center.. straining the already fragile and vulnerable infrastructure...
The countermeasures were less-than-perfect...It was impossible to reach most parts of disaster stricken areas by road or communicate over the phone.
It is said that FEMA/Department of Homeland security did not inform the public about a Simple emergency hurricane readiness kit...like they did after September 11....
There was little or no governance right after the disaster... chaos previaled leading Looting and Arson...
At the time when all of the large scale infrastructure elements failed...people improvised with bicycles, kayaks, battery-torches, White Flags and learned to survive...
Experts believe a well co-ordinated deployment of smaller simpler rescue approaches could have saved more lives and provided quicker relief.
In the hind sight Katrina required a nimble, flexible and well-co-ordinated systems on behalf of the government instead Multiple big bang poorly organized efforts by multiple High powered organizations.
What can we learn from this event...How can we apply it to the IT infrastructure... and DR Plans....
Security and Disaster Recovery is genarally a after thought in most IT infrastructures.
We need to start thinking of architecting solutions with security and DR right from inception.
As IT industry progresses to create feature rich solutions to solve myriad enterprise challenges....The complexity of each of the solution is exponentially increasing...
This complexity is responsible for multiplying the effects of IT Infrastructure Diasasters.
The Complete Security Triad of Confidentiality, Integrity and Availability also favours smaller and simpler implementations.
Let'stake confidentiality...It is more challenging to assure confidentiality with Large scale systems with multiple connected components. since each of them(servers, storage and networks) can present more formiidable challenge of implementing security controls. Adding technical solutions like inband appliaces and applications increase the complexity will make the entire system look like a Goldberg's Machine...
Integrity is much more simpler to explain... It is harder to recover data corruption from larger storage systems and than a standard disk drive... since the formats layout and tools required are also complex....There is a false sense f security in storing data in large scale systems...it can easily exceed designed capacity...resulting major data protection proles like backups restores and archiving. It makes it harder to recover from disasters.
Larger More complex servers with Multiple levels of Redundancy...
Networks with high availability and Storage subsystems with six 9's availability still cannnot protect you against a misconfiguration or bug in the software.
Most of us fail to realise that software is seldom written to fail gracefully...Specially if contains custom code written with a assumption of system being up all the time.
Even the Most seasoned software solutions are still vulnerable to this effect due to constant enhancements and the lack effective regression testing in High availability Scenarios
High avilability is hard to realize...In such cases...The basic Risk eaquation of SLE(Single Loss Expectancy) x ARO(Annual Rate of Occurance)...favours smaller and simpler implementations.
We need responsive, nimble and flexible systems infrastructure..instead of large, sophisticated, hard-to-understand systems.
Architecting such a IT solutions with these principle allows us to be nimble and flexible to respond disasters more effectively.
Co-ordination, communication, Flexibility and nimbleness are key to effective diasaster response.
Implementing IT solutions on Intelligent, Simpler, Smaller platforms(Grids, farms, blades etc) with strong emphasis on people, processes and communications is the Road to simplicity.
The Systems and underlying Infrastructure failed miserably... the preparations did seem to have taken into consideration that the Infrastructure like Roads,Transportation, Power and Communication Systems would themselves be vulnerable for catastrophic failure...
There was little or no forethought in relocating and concentrating people in locations like the Dome and the convention center.. straining the already fragile and vulnerable infrastructure...
The countermeasures were less-than-perfect...It was impossible to reach most parts of disaster stricken areas by road or communicate over the phone.
It is said that FEMA/Department of Homeland security did not inform the public about a Simple emergency hurricane readiness kit...like they did after September 11....
There was little or no governance right after the disaster... chaos previaled leading Looting and Arson...
At the time when all of the large scale infrastructure elements failed...people improvised with bicycles, kayaks, battery-torches, White Flags and learned to survive...
Experts believe a well co-ordinated deployment of smaller simpler rescue approaches could have saved more lives and provided quicker relief.
In the hind sight Katrina required a nimble, flexible and well-co-ordinated systems on behalf of the government instead Multiple big bang poorly organized efforts by multiple High powered organizations.
What can we learn from this event...How can we apply it to the IT infrastructure... and DR Plans....
Security and Disaster Recovery is genarally a after thought in most IT infrastructures.
We need to start thinking of architecting solutions with security and DR right from inception.
As IT industry progresses to create feature rich solutions to solve myriad enterprise challenges....The complexity of each of the solution is exponentially increasing...
This complexity is responsible for multiplying the effects of IT Infrastructure Diasasters.
The Complete Security Triad of Confidentiality, Integrity and Availability also favours smaller and simpler implementations.
Let'stake confidentiality...It is more challenging to assure confidentiality with Large scale systems with multiple connected components. since each of them(servers, storage and networks) can present more formiidable challenge of implementing security controls. Adding technical solutions like inband appliaces and applications increase the complexity will make the entire system look like a Goldberg's Machine...
Integrity is much more simpler to explain... It is harder to recover data corruption from larger storage systems and than a standard disk drive... since the formats layout and tools required are also complex....There is a false sense f security in storing data in large scale systems...it can easily exceed designed capacity...resulting major data protection proles like backups restores and archiving. It makes it harder to recover from disasters.
Larger More complex servers with Multiple levels of Redundancy...
Networks with high availability and Storage subsystems with six 9's availability still cannnot protect you against a misconfiguration or bug in the software.
Most of us fail to realise that software is seldom written to fail gracefully...Specially if contains custom code written with a assumption of system being up all the time.
Even the Most seasoned software solutions are still vulnerable to this effect due to constant enhancements and the lack effective regression testing in High availability Scenarios
High avilability is hard to realize...In such cases...The basic Risk eaquation of SLE(Single Loss Expectancy) x ARO(Annual Rate of Occurance)...favours smaller and simpler implementations.
We need responsive, nimble and flexible systems infrastructure..instead of large, sophisticated, hard-to-understand systems.
Architecting such a IT solutions with these principle allows us to be nimble and flexible to respond disasters more effectively.
Co-ordination, communication, Flexibility and nimbleness are key to effective diasaster response.
Implementing IT solutions on Intelligent, Simpler, Smaller platforms(Grids, farms, blades etc) with strong emphasis on people, processes and communications is the Road to simplicity.
Comments