Disaster recovery management: Kale Consultants’ ten-year journey
Kale Consultants’ disaster recovery management and business continuity planning journey makes for interesting reading in this comprehensive case study.
Disaster recovery (DR) management and business continuity planning (BCP) play a strategic role at Kale Consultants, a leading solutions provider to the global airline and travel industry. With over 100 customers across 30 countries, and critical business information at stake, Kale must ensure robust disaster recovery management to support its customers.
Kale delivers software products, technology, managed processes, hosting and consulting services to players such as Air India, Cathay Pacific Airlines, Turkish Airlines, Vietnam Airlines and Continental Airlines. In this context, disaster recovery management is critical for Kale’s passenger revenue accounting service for airlines. “The next important activity for an airline after flying aircraft, is to find out generated revenue and profitability. Revenue accounting is a very critical, yet complex and time consuming function which directly impacts cash-flows and decision making — this is where Kale's solutions help airlines,” says Satish Ambe, the executive vice president and head of airlines delivery at Kale.
Data from the BPO/MPS (managed process services) setup is crucial from a disaster recovery management standpoint. “If we are unable to offer services such as billing during an incident, it may directly impact the airlines ability to invoice and hence, cash flows. To avoid this situation, we implemented DR.,” says Ambe.
The data center setup
Kale's in-house data center at Pune is a Tier-2 facility with a six-server rack space. It runs more than 25 servers that hold several virtual machines for various environments.
Kale chose two more locations based on geographical spread, ease of maneuvering in case of disaster, and close availability of skilled resources.
Its co-located data center, Reliance IDC in Navi Mumbai, is Tier-3 certified. The third location at Andheri in Mumbai has a dedicated hosting area with controlled access, raised floor, UPS, DG power backup and N+1 capacity design, thereby falling under Tier-2 classification.
Apart from co-located sites, electric power, air conditioning, physical access control and building management systems, all other infrastructure and services are managed in-house.
Figure 1. Kale’s data center and disaster recovery management infrastructure (Click image to enlarge).
Driven by its business critical needs, Kale focused intensely on disaster recovery management. The only challenges faced during disaster recovery deployment were connectivity and infrastructure availability. Kale categorized its services based on impact on customers if unavailable for varied durations during a disaster. Disaster is classified as minor, major and catastrophic, while the impact is classified as critical, essential and necessary.
Depending on environment and customer requirement, Kale formulated a warm disaster recovery management policy. The Management Information Security Forum (MISF) team headed by the CEO of the organization annually reviews the disaster recovery management policy. Kale also ensures BCP for its MPS operations and some of its customer hosted environments.
BCP policy structure
Kale’s business continuity planning policy can be slotted into three broad categories. One is a prevention and protection policy, with deterrents and preventive controls aimed at reducing the chances of any disaster occurring. The second is a response policy covering the organizational reaction should a disaster occur. Next is a resumption and recovery policy covering redundancy and operational practices to enable quick recovery from disasters.
Explaining Kale’s disaster recovery management evolution, Ambe says, “From pure ‘redundancy’ we are moving towards seamless ‘service availability’ with defined processes, timelines and responsibilities.”
Ensuring business continuity
Kale has a dedicated security GRC team that monitors information security and compliance 24/7. “Any new environment only goes live after it passes through checking for information security and compliance,” says Amit Phadke, who heads the systems and technology function at Kale.
Kale carries out disk-based backup at location level and tape based onsite/offsite backup as part of disaster recovery management. However, replication of data at Kale varies according to the SLAs. “We offer RPO ranging from 1 hour to 24 hours and RTO ranging from four hours to 24 hours; accordingly, data replication is set,” says Phadke.
Kale has ensured business-defined availability tests to check its BCP setup. Drills for customers and environments are carried out every six months, after informing stakeholders and with active participation from all involved business functions. The reports are published immediately after every drill. Kale is now in the process of evaluating de-duplication and data loss prevention solutions to complement its disaster recovery management, BCP and hosted solutions offering.
