EPI Hybrid Resiliency Rating

Introduction:

As organizations increasingly rely on their ICT infrastructure, the landscape of ICT architectures has evolved substantially. Previously, architectures centered around a singular or clustered server setup with potential failover provisions to another physical site. This marked the prominence of Uptime Institute Tier Topology guidelines and standards like ANSI/TIA-942, which established resilient data centers supported by facilities infrastructure. While Uptime Tier Topology focused solely on electrical and mechanical systems, ANSI/TIA-942 extended to encompass telecommunications infrastructure as well.

However, the past decade has ushered in monumental shifts in ICT infrastructure and business requisites due to the emergence of new technologies, culminating in intricate hybrid environments. Existing rating systems occasionally fall short in effectively benchmarking the complexities of these new ICT ecosystems. Consequently, the need arises for a fresh rating system to align with the evolution of hybrid ICT environments in the digital economy.

The Cornerstone of Business Success:

For organizations to thrive, they depend on their human capital aided by underlying ICT infrastructure to drive business value. This necessitates seamless utilization of business applications, aligned with requisite functionalities.

Numerous consistent elements underpin every IT user's experience, thereby shaping the underlying ICT and data center infrastructure. These non-functional requirements encompass the following criteria:

Availability
Performance
Security

These criteria interplay through various layers to fulfill the stipulated demands. These layers encompass:

1. The input device, which could range from applications on devices like desktops/notebooks/mobile devices to sensors in IoT ecosystems, generating data for processing.
2. The network, the connectivity layer linking the input device to various layers en route to the application, whether at the Edge or Core data center, be it an enterprise (on-premise) or commercial data center (off-premise).
3. The application, bifurcated into the human interface connecting end-users with ICT infrastructure and the backend providing the core functionality.
4. The database, the repository for immediate or future access by the application.
5. The systems, encompassing network equipment, servers, and data storage systems facilitating connectivity, processing, and storage.
6. The facilities, referring to the data center housing the ICT equipment.

Standards and Rating Systems:

Standards often set a foundational baseline or a prescriptive framework to adhere to. While effective in specific environments, such as data center facilities infrastructures, complex and hybrid environments like those prevalent today warrant a multifaceted approach. A single solution may not suffice to meet increasingly demanding business requisites and the corresponding ICT infrastructure.

EPI posits that the ultimate baseline should mirror the business requirements at the input device level, encompassing application availability, performance, and security. The input device varies—ranging from tablets or computing devices for enterprise applications to IoT sensors or even autonomous vehicles in other scenarios. Each use case entails unique parameters to function as intended.

To navigate this complex hybrid resiliency-based landscape, EPI has devised a comprehensive assessment service that integrates existing standards with a novel framework, catering to contemporary business needs.

The EPI Hybrid Resiliency Rating:

EPI acknowledges the infeasibility of constructing a simplistic rating system based on fixed parameters to classify applications and use cases. This complexity is exacerbated by shifting requirements and emerging technology. For instance, while a latency of 50ms is common in 4G networks, it may plummet to as low as 1ms in 5G networks. This renders fixed ratings inadequate, as an infrastructure rated 1 for meeting 50ms latency might not apply in a 5G environment. Moreover, hybrid environments may offer both 4G and 5G connectivity. These instances highlight the challenges of crafting a static rating system.

EPI's approach to rating and validating complex hybrid environments is straightforward and pragmatic. Based on ISO standards principles, it commences by defining the scope and three key parameters—availability, performance, and security—tailored to the specific scope. Each parameter varies based on the use case. For instance, a finance application used in a bank headquarters may have different requirements than the same application in a remote branch office. Despite desiring the same levels of availability, performance, and security as the headquarters, the remote office might face infrastructure and budget constraints.

While many customers align the scope and parameters with their Service Level Agreements (SLAs), EPI's Hybrid Resiliency Rating extends beyond the confines of existing SLAs.

The EPI Hybrid Resiliency Rating Assessment:

The EPI Hybrid Resiliency Rating Assessment is a distinctive service tailored for organizations seeking third-party assessment of their infrastructure within their risk management strategy and corporate governance framework.

EPI auditors evaluate the scope and parameters established by the customer and assess them against the end-to-end infrastructure. Subsequently, a detailed review of the underlying end-to-end infrastructure commences, spanning from input device levels to core ICT infrastructure housed within data centers and their supportive facilities infrastructure. The review encompasses actual performance data, including outage reports and root cause analyses.

The outcome of the assessment culminates in a comprehensive assessment report and certification, provided the infrastructure aligns with the scope and its defined parameters of availability, performance, and security.

The duration and cost of the assessment hinge on factors like scope and the number of physical locations, prompting EPI to craft tailored proposals for individual customer needs.