{"id":25120,"date":"2022-07-09T16:32:02","date_gmt":"2022-07-09T20:32:02","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=492009"},"modified":"2022-07-18T11:02:30","modified_gmt":"2022-07-18T15:02:30","slug":"worried-about-your-firms-internet-and-telecom-resiliency-ask-these-questions","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/worried-about-your-firms-internet-and-telecom-resiliency-ask-these-questions\/","title":{"rendered":"Worried About Your Firm\u2019s Internet And Telecom Resiliency? Ask These Questions"},"content":{"rendered":"

The cross-Canada internet and wireless outages caused by last week\u2019s incident at Rogers Communications<\/a> should make corporate telecom and IT decision-makers think carefully about telecom resiliency in the services they buy.<\/p>\n

There is help: In 2006 the U.K.\u2019s National Infrastructure Security Co-ordination Centre issued a good practice guide<\/a> to help organizations there make those decisions. The advice is still good and applies to organizations in any country.<\/p>\n

Here are some of the highlights:<\/p>\n

\u2013know your communications system requirements. Identify communications systems that are deemed mission-critical, and which carry a high risk to the organization if they are disrupted;<\/p>\n

\u2013analyze the threats and vulnerabilities to the mission-critical high-risk services (for example, natural disaster, malicious attack, single point of failure, commercial dependency, lack of transparency);<\/p>\n

\u2013challenge the service provider to explain the marketing statements made on its resilience and availability. In some cases, you might need to ensure that you are talking to the right provider representative;<\/p>\n

\u2013focus on the services you require, not the technology;<\/p>\n

\u2013apply rigorous due diligence in selecting the service provider, including assurance that they have visibility and control over the services they deploy to ensure that separacy (which ensures that specified circuits are physically separated throughout the network so that there are no common exchanges, interconnection points, or cable routes) and diversity (which ensures that the specified circuits are not routed over the same cables or transmission systems) is provided and maintained. Also ensure they have adequate contingency plans in place to recover from a disaster.<\/p>\n

\u2014 recognize that high availability and high resilience services will cost more than standard services, but don\u2019t use cost as the main criterion when procuring these services.<\/p>\n

The report differentiates between best practices (measures that can be taken to guarantee resilience, irrespective of cost) and good practices (measures that provide a degree of resilience relating to corporate risk strategy).<\/p>\n

One option for organizations is paying for internet failover, where the provider switches to a different network if the main network goes down. Many ISPs \u2014 including Bell, Rogers and Telus \u2014 provide this service. For example, a wired service may switch to a wireless service. However, the report makes clear that telecom and IT buyers have to clarify if the failover is to an alternate network from the same provider. That may not provide the needed resiliency.<\/p>\n

The U.K. report suggests organizations ask themselves questions like:<\/p>\n

\u2013do you have a full and complete list of your business-critical telecommunications services, and the critical systems that support them, as well as ranking those services by criticality?<\/p>\n

\u2013can you identify the telecommunications services that support your critical systems and name them in a way that you and the provider know you\u2019re talking about the same thing?<\/p>\n

\u2013are you aware of where in the provider\u2019s core network your network services connect, how they are connected, and the physical routings they take once they leave your premises?<\/p>\n

\u2013if you are using dual providers, are you confident that there are no physical routings or points of failure common to both providers?<\/p>\n

\u2013within your own premises do you have visibility of your telecommunications services all the way into the provider\u2019s duct? Are any parts of the cabling, for example, exposed to external contractors or others beyond your control? Are there any third-party components, such as ADSL routers, which may fall between areas of responsibility?<\/p>\n

\u2013do all of your services leave your premises in the same cable? Are they all in the same duct?<\/p>\n

\u2013do you know if critical services are routed via different network components so that a failure of one component will not affect all critical services?<\/p>\n

\u2013when you order new services, do you discuss your existing services to ensure there are no dangerous assumptions made about separacy or diversity?<\/p>\n

\u2013do you regularly review your specific resilience requirements with your provider?<\/p>\n

\u2013do you have primary and alternate methods for contacting your provider (e.g. telephone, e-mail). Have you provided your provider with alternative contact details for your own response teams? Have you discussed your respective emergency plans with your provider?<\/p>\n

The U.K. report also suggests questions to ask the provider. One of the most important is:<\/p>\n

\u2013can we work together on business continuity planning and disaster recovery, including testing to provide network assurance?<\/p>\n

In 2019, Todd Rychecky, vice president of Americas for Opengear, wrote a column with similar advice<\/a>, including this: \u201cBy continually reminding those outside of the IT department how much money network resilience can save the organization, IT teams within telecom organizations will have greater luck implementing resilience into their networks.\u201d<\/p>\n

The post Worried about your firm\u2019s internet and telecom resiliency? Ask these questions<\/a> first appeared on IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

A report suggests questions firms should ask themselves and their service providers to better assure telcom<\/p>\n","protected":false},"author":17,"featured_media":20693,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[16,422],"tags":[391,585,393,586,275],"class_list":["post-25120","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-supply-chain","tag-di","tag-reliability","tag-security-strategies","tag-telecom","tag-top-story"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/25120","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=25120"}],"version-history":[{"count":4,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/25120\/revisions"}],"predecessor-version":[{"id":25590,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/25120\/revisions\/25590"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media\/20693"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=25120"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=25120"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=25120"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}