IT Managers spent their time monitoring the battery health and load to ensure that everything attached to a UPS would have adequate time to safely shut down – should the power fail. However, more and more network services are moving into the cloud, and by-passing the server room altogether. Companies are relying on the multi-million pound infrastructure provided by data centres to keep the Cloud services they use running, and increasingly Business Continuity Plans are featuring a “Go Home and Work” strategy.
So when auditing ISO 27001, and the “Supporting Utilities” control in particular, we are often finding that companies have reduced their UPS capacity, or removed them altogether.
UPS for Spike protection
Although the number of network services running on boxes within the physical boundary of the company may be reducing, the routers, switches and wireless access points required to connect to the Internet remain a necessity. Removing UPS devices could lead to a Business Continuity Plan being implemented before it necessarily needs to.
Many organisations recognise the value of face-to-face collaborative working, and this can be lost when staff are working remotely.
UPS devices also provide protection from power spikes, sags and the like which can damage equipment, so they should not be removed without proper consideration.
When making any change to the infrastructure, a risk assessment or impact assessment should be conducted, to identify the possible adverse effects to living without a power backup.
This should consider not only the servers and devices, but also the impact on staff working routines.
Downsizing the IT estate in favour of cloud services can appear to be favourable from an energy perspective too. Not least because the energy used to operate the service moves to the service provider.
However, when considering your carbon footprint, or aspects and impacts from an ISO 14001 point of view, organisations should not neglect their 3rd party energy consumption.
Managing IT Resilience & Energy Consumption
Through ISO 27001, and other standards, our consultants help organisations manage IT risks including potential disruptions to the power supply.
We can also help measure energy consumption and carbon footprint to drive efficiency and cost savings.
Contact us to find out how we can help.