Above: PolyOne’s Jim Connolly and Barbara Walker

Headquartered in Avon Lake, Ohio, PolyOne Corporation (NYSE: POL) is a global leader offering a comprehensive array of specialized polymer materials, services and solutions.

With over 50 global locations, and a rapidly growing global footprint, PolyOne’s IT department leadership is committed to routinely revisiting its disaster recovery processes, and the effect which  a natural or man-made calamity could have on its business continuity.

The Challenge

As the manager of Enterprise Systems, Jim Connolly is responsible for the group that manages PolyOne’s core business systems from a technical perspective… hardware, operating systems, and SAP Basis function.  Jim explains that “we all know that our disaster recovery (DR) program must always keep pace with the needs of a rapidly growing, global user base; we need to be sure it is able to support our business and our customers without defect or delay.”

More specifically, the large number of systems and applications PolyOne requires to run efficiently must be able to be recovered in a timely manner. The DR strategy must not leave the business vulnerable to lengthy outages, as the work required to bring business critical applications back on-line– from Active Directory to Exchange to the ERP system and associated manufacturing systems – must not exceed what they deemed to be an “acceptable” time for the business to be down. Additionally, Connolly explains that the IT team decided early on that a traditional tape-based disaster recovery solution would not be part of their redesigned DR solution. Tapes stored off-site, and shipped to a third party’s recovery center to be restored on third-party equipment would a) take much too long to bring on-line and b) wouldn’t  cover all critical applications.  Moreover, this model couldn’t be scaled up to meet business expectations at a cost PolyOne found acceptable.

Examining a worst-case scenario in a traditional DR solution demonstrates the challenge: a catastrophic failure taking place during a given day’s backup window would make that day’s backups unusable. Recovery would require that 24-hour old data be shipped to the recovery center, and restored there. It’s reasonable to estimate that it would take 24 hours from the time the catastrophic failure were identified to scramble a recovery team to the DR site, and an additional 12 hours to restore systems. In this scenario a 36-hour Recovery Time Objective and a 24-hour Recovery Point Objective would be realistic, even for the most critical systems. Other secondary applications could take longer to bring up–from several additional days to months.

“The reality is, most companies can’t afford to provide recover-ability for all their critical systems using this model,” explains Connolly. “The subscription costs are too high and the recovery cycle is too long.  Organizationally, we put a premium on innovation and developing new solutions for our customers; we continually push ourselves to reduce cost and raise our service level.  As an IT department re-evaluating our disaster recovery strategy, it was clear that maintaining the status quo just isn’t good enough.  We have a responsibility to our customers and other stakeholders to always do better.”

Paradigm Shift

Analyzing their current recovery solution, and the requirement for continuous business operation around the globe, PolyOne’s IT leadership wanted to upgrade their recovery solution to enhance the company’s disaster recovery capabilities in their Avon Lake data center.  “Our thinking about ‘disaster recovery’ began to look more like ‘business continuity’ and has continued to be so every year,” explains Connolly.  Therefore, he and his team began investigating alternatives.

Historically, the barriers to making a switch included financial constraints, timing, and resource availability.  Consequently, PolyOne set four goals for itself in establishing a new recovery solution:

  1. Develop a recovery solution that enabled RTO and RPO of minutes.
  2. Fund the new recovery plan out of existing IT spend (i.e. no additional budget impact),
  3. Leverage an exit clause in their current agreement prior to the expiration date (and without violating goal number two), and
  4. Use existing resources to accomplish the transition.

Having spent a great deal of time in investigating the right solution for their business, PolyOne came to the conclusion that a colocation solution was the best alternative, for both mitigating risk and promoting business continuity.

Executing the Switch from Disaster Recovery to Business Continuity

PolyOne needed a data center in the region to colocate a set of systems (albeit scaled down) that would be mirrored to their Avon Lake facility. After evaluating several sites and narrowing the field to half a dozen possible locations in the region, PolyOne selected SecureData 365 for their colocation site.

PolyOne timed their move to SecureData 365 to coincide with their three-year hardware refresh, giving them the ability to streamline their existing hardware spend, exit their current agreement, and use the funds they had freed up to equip the SecureData facility with a scaled down, mirrored version of the ERP systems in their Avon Lake data center.  Connolly explains that with the help of the SecureData team, it took only a month and a half to be up and running in SecureData’s Canton, Ohio facility. Instead of using tape to back up their systems, PolyOne was now replicating Avon Lake with a disc-based backup solution.

Business Drivers

A number of business drivers prompted PolyOne to re-evaluate their disaster recovery program. Several natural and man-made catastrophes in the previous 10 years, underscored the need for maintaining a comprehensive program—including the events of 9/11, a regional power outage, and an ice storm that paralyzed much of the northeast U.S.

Increasingly customers were asking about PolyOne’s IT disaster recovery program as they evaluated their supplier networks, and their own business continuity programs; PolyOne responded by developing a set of business practices including updating its business continuity program, putting in place its Sustainability program, and developing its  No Surprises PledgeSM.   As PolyOne’s customers grew more and more reliant on PolyOne, they became increasingly aware of how disasters could affect their own businesses.

Ken Smith, PolyOne’s CIO, expressed it this way, “We are focused on providing our customers with the highest levels of service, and are dedicated to meeting our customers’ need for regulatory support and global regulatory compliance.  We continually monitor global regulations to stay current with the needs of our customers.”  With the high standard of its No Surprises PledgeSM in mind, PolyOne began to look at IT business continuity not merely as an insurance policy, but as yet another way of creating value for customers.

Why SecureData

Connolly explains that there were many advantages to choosing the SecureData Canton data center. There were the practical, which included the proximity to some IT staff’s homes, and available office space for PolyOne to use when on site at SecureData.

And then there were the more significant reasons – while SecureData is in relatively close proximity to Avon Lake, it still is far enough away that it offered diverse electrical, telephony, and broadband carriers from PolyOne’s home base.

And of course cost incentives played a key role in the decision to use SecureData. Being far enough away from Avon Lake to provide infrastructure diversity, yet not too far, drives down the wide area telephony and broadband uplink charges between the facilities.  And there are no travel costs or travel delays associated with getting personnel to the Canton backup facility.

The Results

For less than what PolyOne was spending on its restore-from-tape recovery solution with their previous provider, they’ve moved to business continuity via the SecureData Canton data center. This means that over 50 locations across the globe can continue to do business, even should an outage occur in Avon Lake.

Using SecureData, Recovery Time Objective (RTO) for our ERP system will move from 36 hours to 10 minutes, with the Recovery Point Objective (RPO) shrinking from 48 hours to no more than 59 minutes.

“The improvements we have made around business continuity contribute to instilling customer confidence, ultimately making PolyOne a more attractive business partner,” says Dr. Barbara Walker, PolyOne’s Director of Global IT Security and Compliance.