Why 'Incident Reporting' is crucial to the data centre industry

As I suspect was the case for many people, I had a particularly rare and peaceful Monday evening a couple of weeks ago! For about 6 hours, all the phones in my busy household just sat there dormant, not a ping or notification to be heard of. Even an outage as large as the one that unfortunately affected our friends at Facebook, WhatsApp and Instagram has a silver lining…

Coincidentally that same week my team and I invited Scott Roots from the Uptime Institute to present at our monthly team meeting. What followed was a thoroughly interesting discussion which touched on a number of areas, but especially interesting – given what had happened earlier that week - was the area of Abnormal Incident Reports (AIRs).

The Uptime Institute’s AIR scheme is one of the largest in the industry with more than 2,000 records stretching back many years and that knowledge has helped shape data centre design over recent years, and re-written the guidelines on how they are operated, managed and kept secure. Hopefully what happened at the data centres hosting Facebook’s mission critical workloads can be recorded, learned from and shared in whatever way possible to help fellow operators. None of us like to see outages.

Along similar lines, the Data Centre Incident Reporting Network (DCIRN) was initially set up in 2017 and reincorporated in 2020 as a non-profit organisation. Less formal than the AIR scheme, its purpose is to encourage openness and transparency by reporting power outages and/or performance-related issues so the industry can gain insight into the most common issues and work together to remedy them going forwards to further enhance infrastructure resilience and security. It’s an interesting and worthwhile movement that like the Uptime Institute's AIR scheme, benefits all of us, and I am happy to support it.

Data centres are already obliged to follow stringent procedures pertaining to energy usage and sustainability, but the industry has undergone explosive growth with accelerated new constructions globally over the last few years. This expansion, brought about primarily by the surge in big data, Covid-19’s impact on increased digital transformation and a seismic shift in working trends, has put hardware performance and data security firmly in the limelight.

Such is our dependency on technology that efficient data handling is integral to everything we do. From sending and receiving emails or updating our stories on social media to TV streaming, ecommerce, smart ticketing, and mobile gaming, all these interactions generate huge amounts of information that needs to be seamlessly dealt with. This reliance is only going to intensify as 5G networks are rolled out and the devices and automated applications they’re intended to support go mainstream.

Digitisation and IoT are expanding at such a pace it’s hardly surprising that the big tech firms powering the internet and cloud computing are under greater public scrutiny. Data is the modern-day equivalent of gold and as such regulations pertaining to performance and security need to be tightened in line.

Honesty is always the best policy

There is industry-wide concern, however, that heightened regulation will result in regulation overkill which only serves to be counterproductive, and detrimental in some circumstances, a topic often discussed along with my peers at a really good DCD event last week. The collective view is that the data centre industry is highly innovative and fast-moving – overzealous regulation could in some lights hamper this speed to create and pioneer solutions.

No facilities manager wants to admit to a performance issue for fear of negative publicity because journalists don’t hold back when it comes to data breaches and cybercrime as many high-profile organisations have found to their cost. It’s far more beneficial to admit to an incident that to adopt a “head in the sand” approach as this enables the problem to be addressed and fixed, thus fostering consumer trust. The medical and aviation industries, for example, are required to take responsibility for their misfortunes and data centres should also be accountable for their actions considering their current 'mission critical' status.

Imposed regulation will stifle innovation and growth

Power cuts, data outages and security breaches do sometimes occur but it’s far more productive to be upfront about these things than to brush them under the carpet. Industry-wide failure to acknowledge performance-related issues will only lead to regulation being imposed rather than being proactively discussed by relevant parties.

Incident reporting legislation is inevitably on the horizon and so it should be considering that all information relating to our personal and professional identities is stored on a computer server somewhere. It is vital, however, that industry stakeholders are involved in the process from the outset to ensure any introduced legislation is workable and, more importantly, is embraced and adhered to.

Industry involvement has had a positive impact in other markets, as a relaxation of the mobile repeater rules by Ofcom, to improve cellular connectivity inside buildings, has clearly proven. Prior to this change much of the systems in use were contraband, causing countless operational and service problems, with businesses running the risk of incurring hefty penalties if caught.

Industry wide incident reporting is only going to become more and more mandatory, and there’s no denying that initiatives like AIRs and DCIRN are gaining momentum and that can only be a good thing for our community. On regulation, it is possible to influence the direction of this and its objectives to ensure they benefit all parties - regulators and operators - while encouraging greater resilience and industry innovation. Collaboration will be key - let's work together.