Chief Technology Officercontact us

Home   Site Map    Links  News   Spam Policy                               

IT Productivity Tools

Site Map

IT Salary Survey

Metrics Internet IT

Disaster Recovery Plan - Business Continuity

Latest News

Normal weather has impact on business continuity

07/04/2011 -

It easy to imagine or extrapolate the catastrophic costs of an extreme weather event such as a hurricane, tornado or even a blizzard. Disaster plans address these issues.  However. even the most mundane, average weather patterns can have an impact on distater and business continuity plans on business in all sectors not just the agriculture.

Current Static and weather radar loops

Go to the Alaska sector Go to the Pacific Northwest sector Go to the Northern Rockies sector Go to the Upper Mississippi Valley sector Go to the Central Great Lakes sector Go to the Northeast sector
Go to the Hawaii sector
 Go to the Pacific Southwest sector
 Currently at the Southern Rockies sector
 Go to the Southern Plains sector
 Go to the Southern Mississippi Valley sector
 Go to the Southeast sector

That is the initial finding of a new study led by the National Center for Atmospheric Research (NCAR). The influence of routine weather changes can impact as much as 3.4 percent of the economy, including financial services, manufacturing and other sectors. That is roughly $485 billion, if you use the 2008 gross domestic product (GDP) figures of $14.4 trillion.

Weather can have actual and psychological affects on the business world. In the Northeast, for example, retailers quake in terror when snow comes during the Thanksgiving weekend because fewer people go out and shop. Snowstorms could mess up tourism and airlines like they did last year when a blizzard slammed the New York region the day after Christmas. Farms watch the weather closely, of course. In recent weeks, droughts in southwest Florida are the worst they have been in 80 years.

- more information   

Major Disaster Recovery Failure with an Outsource Provider

06/18/2011 -

Virginia's Department of Motor Vehicles along with 25 other state agencies  hasn't been able to process requests for licenses and ID cards. These systems are supposed to be up and running six days after the outages started to appear.Northrop Grumman  manages Virginia's IT infrastructure under a $2.3 billion IT services contract.

Disaster Types

Order Disaster PlanDisaster Plan Template

The Virginia Information Technologies Agency (VITA) said in a statement that teams have been working throughout the weekend to restore data. In a nutshell, the IT infrastructure of the state of Virginia was reportedly crushed by an EMC storage area network failure. The Richmond Times-Dispatch reports that several systems are still down. The same paper said that Northrop Grumman will have to pay a fine for the failure. And the real kicker is that recently revised its contract with Northrop Grumman and extended the deal for three years. The state paid an additional $236 million for better service from Northrop Grumman.

Highlights of the Revised Contract - Operational Efficiencies

  • Consolidates and strengthens Performance Level Standards with a 15% increase in penalties across the board if Northrop Grumman fails to perform on clearly identified and measured performance standards. - PAY-UP 
  • Improves Incident Response teams to determine technology failures and expedite repair - FAILED
  • Institutes clear performance measurements for Northrop Grumman that agencies can easily track - FAILED
  • Adds new services to contract such as improved disaster recovery and enhanced security features - FAILED

Among the key parts of the VITA statement:

Successful repair to the storage system hardware is complete, and all but three or possibly four agencies out of the 26 agency systems have been restored. Agencies continue to perform verification testing.

Progress continues, but work is not yet complete for the three or four agencies that have some of the largest and most complex databases. These databases make the restoration process extremely time consuming. The unfortunate result is the agencies will not be able to process some customer transactions until additional testing and validation are complete.

According to the manufacturer of the storage system (EMC), the events that led to the outage appear to be unprecedented. The manufacturer reports that the system and its underlying technology have an exemplary history of reliability, industry-leading data availability of more than 99.999% and no similar failure in one billion hours of run time.

The outage was blamed on the failure of two circuit boards installed and maintained by EMC. It is a big disconcerting that two circuit boards can bring down a stateÂ’s IT infrastructure for nearly a week.

Among the things that don't add up in the Virginia IT outage:

  • Why wouldn't these boards be replaced quickly?
  • Why was there a single point of failure?
  • Service was restored for 16 agencies, but 10 require a lengthy restoration of data. Where was the disaster planning? After all, Northrop Grumman touted its disaster recovery for the state just two years ago.
  • Where did the IT management fail?
- more information   

Best practices for an disaster recovery communication plan

06/08/2011 -

Incident Communication Plan In the wake of an emergency, it is imperative for companies to maintain clear and effective channels of communication in order to quickly assess damages and coordinate recovery efforts.  Because essential business operations can be affected by any stage of interruption, companies have in placed an incident communication plan to deliver essential communication to employees and first responders.

Best practices for an incident communication plan include:

  • Understand the operational environment.  Consider solutions that allow two-way communication over a variety of channels, including landline, fax, mobile, short message service (SMS), Blackberry PIN-to-PIN, email, and more. These features become very useful in the delivery of important and urgent information when communication infrastructure is compromised.
  • Contact information should be up-to-date. Business continuity managers should regularly check their recipient lists to ensure that all contact information is up-to-date so when a disaster occurs, employers are confident that notifications are being delivered to the right person on the correct device.
  • Security and protection of sensitive information should not be forgotten.  If the contact information is breached by individuals that are not authorized there are significant regulatory and sensitive information compliance issues that are impacted. 
  • Escalation plans should be in place. Crisis situations demand that the proper people are contacted about a situation that needs immediate attention.  Best practices notification systems include integrated mechanisms that support a call escalation process.  If the first person contacted is not the correct individual for the situation, the notification system automatically contacts the next appropriate person according to pre-determined processes.
  • Train personnel and test the process. When creating business continuity and disaster recovery plans, it is essential to properly train personnel on how to use notification systems so they are able to monitor the entire alert process. Studies show that companies who educate their employees correctly achieve significantly greater response rates.  Also, be sure to test alert process during normal business hours and address any glitches to be certain notification deliveries are successful when needed. Once that test is completed then test the process outside of normal business hours.
  • Incentivize all employees to sign-up for notifications. When a notification system is installed, it is critical that all user contact information is saved within the system's database so that staff can be alerted immediately during an urgent situation.  This ensures the reliable and speedy delivery of important messages at the right time, to the right person, on the right device.
- more information   

Local back up as part of the business continuity plan

06/01/2011 -

Backup PolicyOnsite disk backups - According to research from International Data Corp., 58% of businesses do only local backup. Local backups are a critical first step in any good data-protection plan. There are several well-known backup applications on the market. Both the Windows and Mac operating systems have native applications and there are several third-party applications from vendors like StorageCraft and Symantec.

Local backup provides adequate protection against common data-loss scenarios, such as human errors, hardware failures, etc. However, local backups alone are not a complete data-protection solution. They do not protect against theft, natural disasters such as flooding or fire, or multiple hardware failures that could be caused by something as simple as a power surge.

- more information   

Cost of system downtime is high

05/31/2011 -

Do you know what it would cost your business if your systems and data were unavailable for just an hour, or a day or even a week or more? Various studies conducted after natural disasters such as Hurricane Katrina and other major outages have shown that an estimated 25% never reopen after such a loss, and about 50% will be out of business within 2 years. Even an application and data loss that is not recoverable within three days can permanently impact a companyÂ’s financial health - in fact, 40% of all businesses will never recover from such a loss. Even a few hours of downtime can ring up a very high price, so it makes financial sense to evaluate your business now, and come up with a backup plan to protect the vital core of your company.

Disaster Types

Order Disaster PlanDisaster Plan Template

Not all downtime is created equal: A brief outage in the middle of the night when a company is closed may incur little cost and no impact, while a prolonged total failure during the height of holiday sales can be devastating in both regards. The impact of downtime is felt in a variety of ways, and may be immediate or have long term repercussions.

Over the past several years, it has been estimated the hourly costs of downtime for computer networks at an average of $42,000. With a typical company experiencing an average of 87 hours of downtime per year, thatÂ’s $3.6 million annually. And for companies that rely entirely on technology, such as online brokerages, trading platforms, and e-commerce sites, hourly downtime risks can be $1 million or more, making availability an even greater concern.

- more information   

SharePoint disaster recovery planning

05/29/2011 -

Disaster PlanningSharePoint's availability is essential to your company's success. To keep the SharePoint servers and the business rolling along smoothly, a good disaster recovery (DR) strategy must be in place. Are you prepared for the worst? Do you what the types of disasters are that threaten SharePoint installations, how they impact the business, and why a disaster recovery strategy is necessary for any organization, along with guidance on choosing the right disaster recovery tool.

Next to personnel, data is your most irreplaceable asset.  Networks, application hosting platforms, and end user computing environments can be replaced quickly.  However, without your customer lists, product catalogs, inventory, financial records, and other operational data your business cannot recover.

- more information   

DRP versus BCP

05/14/2011 - Disaster recovery planning is one of the most important jobs of the IT professional. It includes working with upper management and winning the cooperation of all departments to make a working recovery plan. The two main parts are the Business Continuity Plan (BCP) and the Disaster Recovery Plan (DRP). These have to go hand-in-hand procedurally. The BCP focuses more on the schedule and timing of the DRP, so that in the event of a disaster the business can function normally. The three stages of a DRP are Prevent, Detect and Correct.

 
- more information   

Cost of Disaster in excess of $26 Billion

05/07/2011 -

The cost of downtime is extremely high.  In a recent study it was found that:Disaster Planning

  • North American businesses are collectively losing $26.5 billion in revenue each year through IT downtime and data recovery. On average, each company loses $159,331 per year.
  • North American businesses collectively suffer from 1,661,321 hours of IT downtime each year. That is an average of 10 hours per company, per year.
  • During these periods, when business critical systems are interrupted, companies estimate that their ability to generate revenue is reduced by 29%.
  • Post IT downtime, (i.e. when IT systems are up and running), there is an additional delay of 7.5 hours per year at each firm during which time data is still being recovered. Across North America, that is another 1,255,220 hours when business operations are not fully operational.
  • In this post-outage period when data recovery is taking place, company revenue generation is still severely
    hampered, down by an average of 17%.
- more information   

Lifecycle of data protection

05/04/2011 -

Disaster PlanningProtecting your compan's data and applications means much more than just running a simple backup routine. It is about protecting your business assets throughout their lifecycle – in terms of preservation, recoverability and availability. A sound data protection approach can help your company adapt more rapidly to changing and increasing opportunities. For example:

  • It can help ensure that your applications are continually in operation, serving your customers, and enabling your business
  • In the event of a file loss or disaster, it can minimize the length and severity of the disruption
  • It can support cost-effective compliance with regulations, reducing business risk and the cost of compliance

Implementing an effective data protection strategy begins with evaluating the value of your company's data and then determining the proper set of business requirements for protecting it. Simply put, data that is mission-critical to your business requires a more robust data protection solution, and requires more frequent protection. This is a sound approach no matter how much data you have.

- more information   

Cloud computing disaster planning lacking at Amazon

04/27/2011 -

Amazon has recovered from the crash of its cloud-computing services has been , but there will be lasting damage.

Outsourcing Template

Amazon reported that it has succeeded in recovering nearly all of the stuck volumes of data in its US-East Region facility, but 0.07 percent of those volumes will not be fully recoverable.

The 0.07 percent of irrecoverable data represents just a portion of losses that Amazon's customers suffered from the outage. Some companies saw the Web-based portion of their service stop for hours due to the outage. User were cut off from their data. While users were left frustrated, companies lost revenue.

The severity of the outage caught many companies off guard for a couple of reasons: First, Cloud services had been very reliable; previous outages had been far and few in between and hadn't lasted longer than 30 minutes. Second, companies assumed  that a large provider of cloud services like Amazon would not have a single point of failure.

During the outage, companies did have the option of transferring older snapshots of user data to another cloud facilities facility, but it would have been a time-consuming endeavor. Most opted to wait and see when Amazon would be able to restore service.

Many companies are  reassessing alternatives to its current cloud computing solutions. They could pay extra to have its service hosted simultaneously in multiple facilities facilities. Or the could invest in their own IT gear and collocate in a third-party data center. Another option: It could sign on with an alternative provider.

- more information   

Disaster recovery done in place should use outside experts

04/15/2011 -

Many organizations simply do not have the luxury of being able to move to an alternative recovery site following a physical disruption. In these cases disaster recovery plans should include the support of a disaster recovery company that will aid the internal recovery and incident team to mitigate against secondary damage, administer triage to the affected areas and expedite the correct equipment, methods and manpower to restore their facility as quickly as possible to a suitable working environment, so that service can be resumed.

Disaster Types

Order Disaster PlanDisaster Plan Template

Such disaster recovery responders will be on 24/7 standby to attend the client site. The responder will have conducted a survey of the site in advance of an incident, noting critical information so that any recovery and restoration objectives will be expedited without delay.

Speed of response is vital: in order to reduce the level of disruption and physical secondary damage; and to limit the time in which function is lost. Dealing with an incident within the first few hours may reduce the total time of the disruptive event by weeks.

- more information   

Cloud services impacted by natural disasters

04/08/2011 -

Cloud OutsourcingNatural disasters have damaged communication cables recently. In Taiwan impacted internet and cloud services for several days last spring. In 2009 an earthquake in Taiwan and undersea landslides following a deadly typhoon cut cables off the island's southeast coast, disrupting Internet service in China.

As a result of the recent Japanese events, several sections of the undersea data and telephone transmission cables that were damaged. Part of the damage includes the fiber-optic cable, PC-1 which extends for over 13,000 miles between Japan and the US's West Coast.

In addition there was damage to several other sections of the Japan-U.S. cable as well as the cable that links China, Taiwan, South Korea and much of Southeast Asia. All of these optical cables can transmit voice and data.

A total of 20 cable systems provide service to Japan.

- more information   

Backup requirments defined

04/06/2011 -

CIOs, CSO's, Disaster Recovery Managers, and Business Continuity Mangers constantly are working to improve their recovery point objective (RPO) and recovery time objectives (RTO) by performing fast, non-disruptive backups, and by performing data restoration.  All comprehensive data protection solutions involve many considerations and contingencies.

Backup PolicyHere are some of the things that can go wrong with your data and the backup requirements that need to be addressed:

  • Accidental or malicious deletion of critical data - Requirement that provides the ability to quickly and easily restore individual files and folders.
  • Data that is lost or corrupted over a period of time - Requirement to roll back individual records to fix  database corruptions. The ability to recover data from any previous point in time, and have it as granular as possible.
  • A crashed disk - Requirement to recover a disk volume is different than recovering a single file, but it should be done just as quickly, and with automation to help keep operational disruptions to a minimum.
  • A server failure - Requirement to restore operations when replacing a broken server may be complicated by the need to install different drivers on the new system if the hardware is not an exact match. It helps to have the capability to move the application workload to a standby server (with different hardware) or virtual server while the system is being replaced or repaired.
  • A local or regional disaster - Requirement when you lose an entire office to fire, flood, or other disaster, have a current copy of your important information in another location that is outside the disaster zone.
  • Remote offices and branch offices - Requirement  to have a process in place to restore with minimal technical support as remote and branch offices often do not have the luxury of having an on-site technical resource to assist in backups and restores.
  • Resource-intensive backup processes - Requirement frequent or even continuous backup that is not resource-intensive .
  •  Security breaches - Requirement to secure data. When moving data between sites, it needs to be protected from potential security breaches. A breach of data security, whether actual damage is done or not, can be devastating to your company's reputation, as dozens of large enterprises and government agencies have found in recent years.
- more information   

BCP template has social network checklist integrated

03/12/2011 -

During the business continuity processes many Japanese companies proved the worth of having social networks integrated in their disaster recovery and business continuity plans. However, Janco has found only about 25% of businesses have added social media like Facebook or Twitter to their disaster recovery and business continuity plans.

Depending on the scope of the disaster -- a national horror such as September 11 or an 8.9 earthquake -- the use of social media can ease some of the communication burden for government and businesses. Australian government agencies extensively used social media during the country's recent regional flooding. In the United Kingdom, the Resilient Nation project recommends that government set forth initiatives to leverage citizens' ready access to social networks.

Janco's disaster recovery business continuity template take this into consideration.

Disaster Planning
Order Disaster PlanDisaster Plan Template

The Disaster Recovery Plan (DRP) is provided in Word and PDF format. It is a complete DRP and can be used in whole or in part to establish defined responsibilities, actions and procedures to recover the computer, communication and network environment in the event of an unexpected and unscheduled interruption.

- more information   

Disaster Recovery and Business Continuity a critical part of enterprise operations

03/09/2011 -

Disaster recovery is becoming an increasingly important aspect of enterprise computing. As devices, systems, and networks become ever more complex, there are simply more things that can go wrong. As a consequence, recovery plans have also become more complex. According to Janco Associates (the author of the Disaster Recovery Business Continuity Template). For example, fifteen or twenty years ago if there was a threat to systems from a fire, a disaster recovery plan might consist of powering down the mainframe  and other computers before the sprinkler system came on, disassembling components, and subsequently drying circuit boards in the parking lot with a hair dryer. Current enterprise systems tend to be too large and complicated for such simple and hands-on approaches, however, and interruption of service or loss of data can have serious financial impact, whether directly or through loss of customer confidence.

DRP/BCP Security Templates

Appropriate plans vary from one enterprise to another, depending on variables such as the type of business, the processes involved, and the level of security needed. Disaster recovery planning may be developed within an organization or purchased as a software application or a service. It is not unusual for an enterprise to spend 25% of its information technology budget on disaster recovery.

Nevertheless, the consensus within the DR industry is that most enterprises are still ill-prepared for a disaster. According to the Janco Associates Disaster Recover Business Continuity web site, Despite the number of very public disasters since 9/11, still only about 50 percent of companies report having a disaster recovery plan. Of those that do, nearly half have never tested their plan, which is tantamount to not having one at all.

- more information   

Data De-duplication is a required tool for Disaster Planning

03/01/2011 -

When it comes to backup and recovery, mid-market organizations are challenged to improve backup performance and reliability, manage costs, keep pace with capacity requirements, improve recovery performance and reliability and deal with tape media management. These requirements are driving deployment of disks with de-duplication in backup processes.

Backup Policy

Order PolicySample Policy

But data de-duplication is only beginning to take hold in backup processes. For organizations employing tape-based backup strategies, use of de-duplication could enable disk-based protection while driving the cost of secondary disks closer to that of tape storage.

- more information   

Wiring meltdown can be a disaster

02/25/2011 -

Disaster PlanningThe design of data centers and large computer rooms always includes a cooling system. Yet many IT devices are located in distributed spaces outside of the computer room in closets, branch offices, and other locations that were never designed with provisions for cooling IT equipment. The power density of IT equipment has increased over time and the result is that distributed IT equipment such as VoIP routers, switches or servers often overheat or fail prematurely due to inadequate cooling.

To properly specify the appropriate cooling solution for a wiring closet, the temperature at which that closet should operate must first be specified. IT equipment vendors usually provide a maximum temperature under which their devices are designed to operate. For active IT equipment typically found in a wiring closet, this temperature is usually 104°F (40°C). This is the maximum temperature at which the vendor is able to guarantee performance and reliability for the stated warranty period. It is important to understand that although the maximum published operating temperature is acceptable per the manufacturer, operating at that temperature will not generally provide the same level of availability or longevity as operating at lower temperatures. Because of this, some IT equipment vendors also publish recommended operating temperatures for their equipment in addition to the maximum allowed. Typical recommended operating temperatures from IT equipment vendors are between 70°F (21°C) and 75°F (24°C).

- more information   

Security and DRP play a role in CIO Infrastructure Design

02/18/2011 -

IT Infrastructure, Strategy, & Charter TemplateDesigning IT Infrastructure requires CIOs to consider the globalized world they are now in. It is necessary and valuable for CIOs to understand the fundamental trends that are pushing businesses to redesign their operations around this new reality.  Factors they need to consider are:

  • Security - With the growing importance of digital applications and data, the sources of threats to enterprise data have multiplied dramatically. Everything from natural disasters to criminals to corrupt sources within the company might try to steal or corrupt data. While businesses do everything that they can to stop these threats in the first place, they still must be prepared to recover from these threats as quickly as possible.
  • Business Continuity and Disaster Planning - As businesses have expanded the need for anytime, anywhere application access has become a requirement. At the same time, “follow the sun” (global 24/7) operations have shrinking maintenance windows and a need for applications to be running at all times. Delay or loss of data for any reason – system failure, natural disasters – has a domino-like effect across the entire organization, at any time of the day or night.
  • Flexibility - Most businesses now operate across international borders and CIOs must be able to respond to opportunities and challenges faster than ever before. CIOs are usually battling well-resourced organizations that may be based where the opportunity originated, or another globalizing company that is reaching out for new opportunities. In order to compete, a business has to be faster to deliver a product or service as good, or better, than that of potentially any other company in the world.
  • Simplicity - Increases in technology have typically led to increased complexity. While per unit costs of technology are always decreasing, in aggregate companies see an increase in cost. With the pressure on IT to act less as a cost center and more as a way to increase the profitability of business units, just adding more storage, more bandwidth, or additional technologies throughout the organization is no longer an acceptable approach to managing information technology. Successful CIOs are investing in numerous technologies including; continuous data protection, virtualization, and wireless connectivity.  They are trying slim down ITÂ’s footprint while increasing their businessÂ’s competitive advantages. The CIO is typically in a difficult position, assessing where to try and cut costs while still moving forward with a plan to continually enhance IT services to the business.
- more information   

Moving to Cloud Backup For Disaster Planning

02/12/2011 -

Disaster Recovery Security

While disaster recovery planning trends can be tricky, it is safe to say that the job of managing and safeguarding data in a distributed environment is leading to a cloudconnected future. Step one in this shift is to stay ahead of the curve. If you have not upgraded your organization's infrastructure to move beyond legacy technologies, you should consider the dramatic benefits provided by this new generation of more capable, secure, efficient, and affordable cloud-connected data protection solutions.

If you are planning an overhaul of key IT responsibilities such as backup and recovery, you should look beyond disk-to-disk offerings to the benefits of cloud connectivity. With distinct yet seamlessly integrated on-premise, SaaS, and hybrid deployment models, you are sure to find the right mixture for your enterprise. And if you need assistance, CCSP-certified VARs and resellers are ready to help you get started.

- more information   

Cloud computing makes disaster recovery easier for SMBs

01/29/2011 -

Cloud computing has completely revolutionizing business continuity for small to mid-sized businesses (SMBs). The United States Small Business Administration stated that SMBs fall into one of two categories: those that have endured a disaster and those that will. They go on to say that nearly 40 Cloud Outsourcingpercent of those who go through a disaster will not be able to recover. The threat is real, and SMB owners are aware of it. However with tight budgets, there is little room for hardware infrastructure and specialized staff to maintain it. Still, SMBs rely heavily on technology like Websites, inventory, point-of-sale software, staff scheduling programs, email, and record keeping. In the case of legal and medical (also, financial and some manufacturing), there are strict compliance regulations about things like how long records must be kept and how much time businesses are allotted to produce a record on demand. If one of these businesses loses access to its technology for a day, or even an hour, serious consequences (fines, lost revenue, lost customer data and confidence)
could occur that are difficult to recover from. It remains critical that SMBs have a current copy of their data stored somewhere safe and accessible. In the past decade, this process was so expensive that many SMBs resorted to dodgy tape-based backup systems - or, worse, theyÂ’ve done nothing and hoped for the best.

Disaster PlanningWith the advent of cloud computing, instead of just crossing their fingers or paying for the hardware, software, space, and staff required for storage, an entire mid-sized corporation can rent enough cloud space to keep a real-time, full-server backup copy of all its data, applications, and operating systems. Real time means that every keystroke, every email, every bit and byte is safe, and full-server means that every application and even the whole operating system is safe and available. And it gets better: it's also now possible to copy data into the cloud in real time, and itÂ’s possible to retrieve it from the cloud... just as fast.

What this means for SMBs is that if the store burns down or is flooded, daily operations can resume in minutes instead of daysÂ…or never.

- more information   



Other News Links

CTO Toolkits.com
e-janco.com
IT Productivity.org
IT-Toolkits.com
ejobdescription.com
psrinc.com
psrorders.com
newsgroupworld.com
ntcity.com
disaster-planning-template.com
disaster-recovey-planning.org
disaster-recovery-planning.com
disaster-recovey-planning-template.com
 

 
 

Chief Technology Officer.

© 2009 Janco Associates, Inc. - ALL RIGHTS RESERVED -- Revised: 01/11/09.