asmati - Fotolia

Singapore releases cloud outage guidelines

The Singapore government releases a set of tiered guidelines for organisations to follow if they have a cloud outage

Singapore has announced a new set of Cloud Outage Incident Response (Coir) guidelines to help organisations with their business continuity management (BCM) and disaster recovery (DR) plans.

Released by the Infocomm Development Authority of Singapore (IDA), these guidelines address the need to prepare for and mitigate cloud outages – whether for business-critical uptime or data sensitivity.

Targeted at enterprises and cloud service providers (CSPs), it lists the measures and processes necessary to prepare for and respond should cloud outages occur. This adds to the IDA’s standards on business continuity and disaster recovery.

The guidelines will most likely affect the cloud services providers and related parties in terms of reacting and responding to the outages and incidents, said Cris Tran, consulting associate of digital transformation at Frost & Sullivan in Asia Pacific (Apac).

“Because of the guidelines, the providers will know how to measure and process in the case of cloud outages,” said Tran.

The Coir guidelines project started in September 2013. It draws on the combined work and feedback of enterprises and public agencies to form a blueprint to enhance CSP resilience capabilities.

There are four tiers of responses CSPs can prepare for based on projected impact of outages, ranging from most to least severe:

  • Tier A – Systemic/life-threatening impact (e.g. airplane traffic controls industry)
  • Tier B – Business critical impact (e.g. payment gateways)
  • Tier C – Operational impact (e.g. corporate emails)
  • Tier D – Minimal impact (e.g. general information websites)

By utilising these guidelines, CSPs can clearly outline the scope and scale of resilience measures they offer as part of their cloud services. Such measures can include clarity on mobilisation of emergency resources, prioritisation levels for recovery and restoration of affected cloud services.

According to Paul Lee, president of Singapore Computer Society Business Continuity Group, the Coir guidelines are a “welcome addition to the business continuity and disaster recovery body of knowledge for our industry. It brings clarity and assurance to enterprises and strengthens Singapore’s resilience as part of a smart nation.”

Read more about enterprise IT in Singapore

Coir guidelines also complement IDA’s cohesive and integrated cloud ecosystem. Together with the world’s first multi-tier cloud security (MTCS) Singapore standard, the guidelines will help improve transparency and build greater trust of cloud services.

“This is a great move by IDA, showing that Singapore is really becoming a smart nation. The timing is right because cloud systems are used a lot, both by public and private companies in Singapore,” said Frost & Sullivan’s Tran. 

Read more on Cloud computing services