|
RSS News Feeds
 Janco
IT Productivity Center
ejobdescription
-
psrinc
IT-Toolkits
Disaster Recovery Planning
|
IT Infrastructure - News
January 10th, 2008
Disaster Planning and Down Time Planning
There is an increase in the number of companies
and organizations requiring 24 x 365 days of IT uptime. In fact, research
indicates that 36% of enterprises indicate they will incur significant revenue
loss or other adverse business impact if they have even an hour or less of
downtime on their mission-critical applications.
Almost 15% indicate
they cannot tolerate any downtime. More and more organizations of all sizes now
require applications to be running and data to be always available. The needs of
these organizations go far beyond simply recovery, requiring an environment that
maintains business continuity during and immediately after a disaster. To make
it more interesting, the number and types of applications that require this
level of protection is very diverse.
In fact, in the enterprise space 14% of the
businesses polled said they cannot tolerate any application downtime. More than
58% cannot tolerate four hours or less of application downtime. All told, more
than 80% of Enterprise-class and mid-tier respondents reported that they cannot
tolerate more than 24 hours of application unavailability2. What is even more
interesting is that survey respondents were not just from the
Financial
Sector but also included Government, Manufacturing, Retail and Health Care
(including Pharmaceutical). Some of the reasons for these survey results include
the following:
 Retail: The critical applications that track point-of-sales data and
enable inventory and distribution require applications that are always
available. Being able to react quickly to changing conditions can mean
the difference between profitability and loss. Online shopping and the
customer’s experience are also very important to retailers
, and downtime is not acceptable.
- Health Care: With the digitization of medical
images and patient records, retaining and ensuring availability of these
applications and files is beyond mission-critical. Especially when you
consider the pervasive use of technology in the operating room, effectiveness
can actually be measured in the number of lives, not just dollars, saved.
- Manufacturing: Competitive pressures drive
companies to run as efficiently as possible. Just-in-time manufacturing
processes that coordinate shipments from suppliers around the world demand 24
x 7 availability.
- Globalization: Companies are becoming increasingly
dependent on a global economy. Many have established key technology in
“follow-the-sun” modes that require 24 x 7 availability.
- Increased sensitivity to outages: Business
continuity is now a boardroom-level concern. In many cases, it is the CEO who
mandates that the business be fully protected. Even worse than an outage
itself is the fallout from negative press, loss of customer confidence and,
for public companies, potential impact to stock prices.
Regardless of the industry, the trend is clear: more
businesses require highly available solutions. Not only is this expanding along
industry lines, but we also see mid-tier companies requiring disaster tolerant
solutions. -
more info
December 4th, 2007
Will Internet Storage Work in a Disaster
 Internet-based storage has traditionally been the domain of
smaller start-ups or directly associated with targeted services (e.g. photo
sharing, online backup, etc.). But it's now drawing the interest of larger
companies as well, most notably Microsoft, which has public betas under way for
two interesting services. SkyDrive
provides online file storage (public, private and shared folders, with
drag-and-drop capability) and a (currently) unrelated service, FolderShare, offers controlled
peer-to-peer file synchronization. While most of these services are presently
targeted at individual users, it is not much of a stretch to envision future
business-focused offerings.
 One major hurdle to business acceptance of such services is, of
course, the degree of willingness to store corporate data externally. There is
already some precedence for this in the growing adoption of SaaS-based
applications, where data is housed externally, often in common databases.
Another more unusual, but apparently effective, example of Internet storage
usage is The New York Times'
decision to house in PDF format 11 million
articles written between 1851 and 1980, using Amazon.com's Simple Storage Service.
 So, how does a generic file storage service differ from these
other models? The unstructured, multipurpose nature of file data inherently
provokes more concerns about security. Already, there are significant corporate
concerns about data leakage via physical devices (such as USB drives and iPods),
as well as through online methods (such as private e-mail accounts). A Web-based
document folder where a user can drag and drop pretty much any file is subject
to far less control than, say, interacting with and storing data through a
SaaS-based application. The lack of centralized policy management and monitoring
for Internet-based storage becomes a major inhibitor.
 At its core, this issue reflects a fundamental shortcoming of the
traditional file-server model. Corporate file servers ultimately become
repositories (or perhaps receptacles) for all sorts of data, both high-value and
low. Data classification assessments have regularly demonstrated that a
surprising amount of sensitive information can unexpectedly turn up in all sorts
of places within shared file directories. The fact that this information is
buried in a server within corporate boundaries is one thing, but sitting
somewhere out in cyberspace is quite another.
-
more info
November 5th, 2007
Can the cellular network survive a major disaster?
 After the
fires the cellular network in Southern California was flooded. The same think occurred in Northern
California after a minor earthquake last week. With so much dependence on the land
based cellular network are enterprises at risk because they assume the network
will be there and will be working.
Some enterprises are assuming the land based network will not be there
and are starting to look at more expensive satellite based phones. There are no blind spots and the service
is always there. The issues are
size of instruments and cost of operation. -
more info
November 2nd, 2007
Disaster Plan Audit Program Released
The Disaster Recovery and Business Continuity Audit Program is the second audit program that has been released by Janco in
a month. Earlier Janco released its Security Audit Program. These two
audit programs in concert with is SOX Compliance Monitoring and Auditing Tools provide a set of tools that enterprises of all sizes need and can easily
implement. -
more info
October 31st, 2007
Disaster Planning Giant to Acquire Electronic Delvery Company
 Iron Mountain Incorporated, the global leader in information
protection and storage services, announced the signing of a definitive agreement
to acquire Stratify, Inc. for approximately $158 million in cash. Stratify, a
leader in advanced electronic discovery services for the legal market, offers
in-depth discovery and data investigation solutions for AmLaw 200 law firms and
leading Fortune 500 corporations. With this acquisition, Iron Mountain augments
its suite of eDiscovery services, providing businesses with a complete,
end-to-end Discovery Services solution that efficiently manages paper and
digital information for discovery and data investigations, compliance and
associated records management, and litigation matters.
 As the risks and volume of litigation and regulatory
investigations continue to grow, so do the complexities associated with managing
the exponential growth of information. In acquiring Stratify, Iron Mountain
expands its core data protection and management capabilities by integrating
Stratify's advanced service offerings that address discovery issues for both
paper and digital records. The acquisition enables Iron Mountain to directly
help businesses minimize the risks of eDiscovery by simplifying the electronic
discovery process to facilitate a secure chain of custody, increasing the
accuracy and consistency of review, and enabling attorneys to easily identify
and protect privileged documents during review.
 As a division of Iron Mountain Digital, Stratify will continue
to provide its market-leading electronic discovery services and software to
AmLaw 200, Fortune 500 and other firms for investigative, regulatory and
litigation matters, augmented by Iron Mountain's scale and distribution. In
addition, Iron Mountain customers will now be able to maximize their investment
in Iron Mountain Digital's storage and data protection solutions by leveraging
the capabilities of Stratify's solution integrated as a value-added
service.
-
more info
October 22nd, 2007
When Should the DRP / BCP be activated
 Disasters are not just big events. A disaster can be an intermittent
failure that continues over a several days, weeks, and even months which costs
the enterprise in many ways including:
Some examples we have
seen include:
In all of these cases
enterprises need have a trigger
mechanism to activate their DRP and Business Continuity
Plan
-
more info
October 13th, 2007
Enterprises are at risk as more of their operations are automated
and placed on the Internet. Information Technology systems are vulnerable to a
variety of disruptions, ranging from mild (e.g., short-term power outage, disk
drive failure) to severe (e.g., equipment destruction, fire) from a variety of
sources such as natural disasters to terrorists actions. While much
vulnerability may be minimized or eliminated through technical, management, or
operational solutions as part of the organizations risk management effort, it is
virtually impossible to completely eliminate all risks.
In many cases, critical resources may reside outside the
enterprises control (such as electric power, Internet connectivity, and or
telecommunications), and the enterprise may not be able to ensure their
availability. Thus effective disaster recovery and business contingency
planning, execution, and testing are essential to minimize the risk of system
and service unavailability. Accordingly, in order for disaster recovery and
business contingency planning to be successful the enterprises management must
ensure the following:
-
Understand the Disaster Recovery and Business
Contingency Planning Process and its place within the overall Continuity of
Operations Plan and Business Continuity Plan process.
-
Develop or reexamine their Disaster Recovery and
Business Contingency policy and planning process and apply the elements of the
planning cycle, including preliminary planning, business impact analysis,
alternate site selection, and recovery strategies.
-
Develop or reexamine their Disaster Recovery and Business
Contingency policies and plans with emphasis on maintenance, training, and
exercising the contingency plan.
-
more info
October 3rd, 2007
Core Components of a Disaster Recovery and Business Continuity Plan Are a Challenge
One of the biggest challenges in creating a functional disaster
recovery and business continuity plan is identifying and protecting essential
elements of the enterprise. An effective plan must be departmentally broad, and
consider the needs of the entire enterprise. The goal is to understand what is
critical, and to encompass all of the necessary components (personnel, network,
platforms, applications and data) when evaluating the process that support the
critical functions of the enterprise. Good disaster recovery (DRP) and business
continuity planning (BCP) needs to take a broad view, embracing people, human
behavior, customers and other factors that lie outside the data center in the
core operations of the enterprise. It is also imperative to secure the vision
(and endorsement) of executive management. -
more info
September 25th, 2007
Why Smart Phones Are a Must For Every Disaster Recovery
There
at least four reasons why Smart Phones are a must during any Disaster Recovery /
Business Continuity Process.
-
Even when power and phone service has
been interrupted, the DRP / BCP staff can still
use their smartphones to send and receive emails and instant messages, keep their calendars and contacts up-to-date, review documents, and place and accept phone calls.
-
Smartphones enable DRP /
BCP staff to not only coordinate
internal responses to breaking news but also
effectively communicate with customers,
vendors, partners, and other external contacts.
-
A well planned DRP /
BCP includes the ability to remotely provision smartphones, no matter where their owners take the devices.
-
A well architected DRP / BCP
also allows DRP
/ BCP staff to remotely wipe the data from the
smartphones if they are lost or
stolen. -
more info
September 21st, 2007
IT and Business DRP challenges
 Disaster plan need to take into account mainframes, blade
servers as well as distributed file servers. The problem is more complex
as enterprises slowly move away from IT and Business alignment towards IT and
Business convergence. For example,
3mMainframes continue to hold their own against the onslaught of distributed
server architectures, not because they are considered superior to newer
technologies but because they still have a unique role to play in the
enterprise. Recent market research indicates that 90 percent of mainframe users
see the devices as long-term data hub and transaction server solutions fully
suited to expected future workloads, particularly in SOA and Web services
endeavors. Distributed servers, meanwhile, are likely to appeal to specialized
shops with low MIPS requirements.
-
more info
September 13th, 2007
Janco Disaster and Business Continuity Now the International Standard
Disaster Recovery Business
Continuity Template Now Accepted as the International Standard
Version 4.4 of the Disaster Recovery Business
Continuity Template has just been released by Janco Associates..
Park City, UT The Disaster Recovery Business Continuity template has been
sold to enterprise in over 65 countries around the globe. With the release
a of version 4.4 of the template it is in complete compliance with
Sarbanes-Oxley, HIPAA, ITIL (Ver 3), ISO 17799, and PCI DSS.
M V
Janulaitis the CEO of Janco said, "Our DRP /BCP Template has been accepted by
enterprise around the globe as the standard for disaster recovery plan and
business continuity plan creation." In response to that need Janco has updated
its "Disaster Recovery / Business Continuity Template" by increasing the content
of the template as well as updating the entire document to be compliant with
Sarbanes-Oxley, HIPAA, ITIL (Ver. 3), ISO 17799, and PCI DSS.
The Disaster Recovery Business Continuity Plan has
been purchased for use in over 65 countries around the globe
including:
- Angola
- Australia
- Austria
- Bahamas
- Barbados
- Belgium
- Belize
- Bermuda
- Brazil
- Bulgaria
- Canada
- Cayman Islands
- Columbia
- Croatia
- Czech Republic
- Denmark
- Egypt
|
- Finland
- France
- Germany
- Greece
- Honduras
- Hungary
- Iceland
- India
- Indonesia
- Israel
- Italy
- Jamaica
- Japan
- Jordan
- Kenya
- Lebanon
- Lithuania
|
- Macao
- Malta
- Mexico
- Mozambique
- Namibia
- Netherlands
- New Zealand
- Nigeria
- Norway
- Panama
- Philippines
- Poland
- Portugal
- Puerto Rico
- Qatar
- Republic of Ireland
- Romania
|
- Russia
- Saudi Arabia
- Singapore
- South Africa
- South Korea
- Spain
- Sri Lanka
- Swaziland
- Switzerland
- Taiwan
- Thailand
- Trinidad & Tobago
- Uganda
- United Kingdom
- United States
- Venezuela
- Zambia
|
The Disaster Recovery Business Continuity Plan has
been purchased for use in government, public, and private enterprises in
almost all industries including:
- Federal Government
- State Governments
- Local Governments
- Law Firms
- Think Tanks
- Chemical
- Telecommunication
- Real Estate
- Manufacturing
|
- Universities
- School Districts
- Consulting Firms
- Banks
- Financial Service
- Investment Banks
- Credit Unions
- Outsourcers
- Property Mgt
|
- Heavy Industry
- Light Industry
- Distribution
- Retail
- Hospitality
- Energy
- Insurance
- Medical
- ISPs
|
- Application Development
- Construction
- Graphics
- Entertainment
- Paper Products
- Defense
- Aerospace
- Media
| -
more info
August 28th, 2007
Is Your Disaster Recovery / Business Continuity Plan up to date?
It
used to be easy to create a Disaster Recovery plan. You would back up your mainframe every
evening or at least over the
weekend and then ship the backu-up tapes off-site. Now you have to worry about much
more.
-
Mainframe
-
Departmental File
Servers
-
Branch Offices & Retail
Locations
-
Wireless Network File
Servers
-
Data at Outsourced
Sites
-
Desktop
workstations
-
Laptop Work
Stations
-
PDAs and Smart
phones
The latest version of JancoÂ’s Disaster
Recovery / Business Continuity Template addresses each of these areas. Click here to download the Table
of Contents for the template.
-
more info
August 16th, 2007
(IT Business Edge) Are municipal wireless projects better
positioned as primarily infrastructure to aid government and business or
consumers and tourists? Of course, an existing network, no matter who it
primarily serves on a normal day, can be put to good use in an emergency.
We're not too sure how great the technical differences are between the two
approaches. The point is that the distinction can be vital during the critical
funding phase. It's instructive to examine the story of how the subsidiary of
U.S. Internet that is working on Wireless Minneapolis pitched in when a bridge
spanning the Mississippi collapsed. As the tragedy unfolded, the subsidiary
disabled the network's paid log-in process, thus making connectivity freely
available. Within hours, about six times the normal 1,000 paid users were on the
system. -
more info
August 13th, 2007
Disasters Don't Care If You're Ready
Unforeseen
events that disrupt business will happen. It's just a matter of time. Disasters
impact everyone, but technology is usually burdened the most because it's your
job to get the operation back up and running! So, you never want to get stuck
without a plan.
The
Disaster
Recovery Plan Template is a freshly-updated resource available to
subscribers that will quickly and logically guide you through the planning
process. From viruses to hurricanes, this resource will help your company
respond to any type of technology-related disaster and minimize your business
downtime.
Make Sure Your Business is Not a Casualty of
the Next Big Disaster
The Disaster Recovery
Plan Template is a practical tool that can help any
organization work through the nuts and bolts of disaster recovery planning.
Taking a consequences-based approach, this resource will help your company
respond to multiple types of technology related disasters, from virus incidents
to hurricanes.
This newly updated package,
produced by Janco Associates, has all of the information and tools you need to
prepare Disaster Recovery Plan documents that meet your business specific
needs. -
more info
August 9th, 2007
Cisco Web Site Goes Down!!!!!
(Computerworld) -- A power outage
caused by an accident at a San Jose, Calif., data center blacked out the
Cisco.com site for three hours today.
Cisco was able to communicate the problem over its
official blog, but word about the cause came via e-mail from
a spokeswoman at 5 p.m. EST.
We have traced the cause of the issue to an accident
during maintenance of a San Jose data center that resulted in a power outage in
that facility, the spokeswoman said. We would like to thank our customers and
partners for their patience. We expect to resolve the issue shortly.
Users around the U.S. reported the outage sometime
before 2 p.m. EST via various blogs, and then noted that service was restored
about 4:50 p.m. EST.
Cisco did not describe the duration of the outage or
exactly what happened and why a backup system was not available to quickly
restore service, as would be common with a large Web site -- especially one run
by the largest networking vendor in the world.
Bloggers questioned what was happening, and asked
whether such a normally resilient site could have been attacked before they
found out about the data center accident.
With all its mighty power, network behemoth's main
website www.cisco.com is down, wrote slidersv at Slashdot. No news describing the reason as
of now. I have tried accessing the site for the past hour, since our operations
heavily rely on Cisco online documentation, with no luck. After all the advocacy of
high-availability, security and performance.... Oh, the irony.
-
more info
August 9th, 2007
Business Contunity is now more of a challenge
With
expectations for system availability continually increasing and more businesses
relying on 24 x 7 mission-critical applications, disaster recovery planning has
risen to the forefront of IT's priorities. But complexities and costs associated
with implementing a comprehensive data protection strategy often keep the vision
from becoming reality, whether due to time, bandwidth and budget
restraints.
The
DRP / BC is the one answer that we can all agree on. It is current, meets
all mandated needs like Sarbanes-Oxley, and is compliant to
ITIL. -
more info
August 1st, 2007
Back-up Power Failure Shuts down Major Web Host Provider
(IDG News Service) -- SAN FRANCISCO -- A Web hosting
company cited a faulty controller as the reason its backup electrical system
failed during a San Francisco power outage last week, dousing the Web sites of
several customers.
Service was interrupted to 40% of 365 Main Inc.'s
customers when an electrical surge caused Pacific
Gas & Electric Co., the local utility, to
shut off power. Three of 10 backup generators failed to start at 365 Main, and
the Web sites Craigslist.com, RedEnvelope.com, Yelp.com, Technorati.com and others went
down for about 45 minutes.
365 Main traced the generator failures to a
weakness in a controller in backup diesel generators. An incorrect setting on
the device -- called a DDEC, for Detroit Diesel Electronic Controller -- was not
allowing it to correctly reset its memory. Erroneous data left in the DDECs
memory subsequently caused the diesel generators to misfire or fail to start,
the company said.
365 Main corrected the settings on all the generators
at its San Francisco data center and at another center it operates in El
Segundo, Calif., because both use the same model of generators from Hitec Power
Protection Ltd. Three other 365 Main data centers use other Hitec models.
The power outage resulted in 365 Main breaking the service-level
agreements it has with its client Web sites. As a result, 365 Main said it will
refund a portion of the monthly Web hosting fee that clients pay.
Even with last weeks outage, the San Francisco data
center has delivered 99.9942% uptime, but that is no consolation to clients
whose Web sites were out of service.
What we learned from this is that
there remains a delta between any number of 9s and perfection.
-
more info
July 27th, 2007
Disaster Plan and Business Continuity Template Updated
Continuing on it quest to be the most current Disaster Plan
Template in the market, Janco has updated its DRP / Busniess Continuity Template
for the second time this year. Janco contiues to update its
templates to meet the ever changing requirements of the business
environment.
With
this new version a fully indexed PDF copy of the template is now provided in
addition to the two versions of WORD (2003 and 2007).
The
updates to the template included:
1.
Defined generic
metrics for DR/BC success
2.
Business & IT
Impact Analysis Questionnaire Updated
3.
Updated references to
DRP card
4.
Updated formatting to
meet WORD 2007 requirements
The
version history for updates to template can be seen at http://www.e-janco.com/drpversion.htm
and the full Table of Contents with sample pages can be downloaded at http://www.e-janco.com/Register_drp.asp
. -
more info
July 23rd, 2007
DRP Data Protection for Remote Offices
Many organizations are struggling with the massive
changes in data storage requirements that have transpired over the last decade.
The almost exponential growth of business critical data from email, e-commerce,
and electronic systems shows no sign of decreasing. With relatively new data
types such as voice and video now in use, enterprise storage administrators will
soon have to manage petabytes of data.
According to a recent study by the
School of Information Management and Systems at the University of California at
Berkeley, the world produces between 1 and 2 exabytes of unique information per
year, which is roughly 250 megabytes for every man, woman, and child on earth.
An exabyte is a billion gigabytes and printed documents of all kinds comprise
only .003 percent of the total. Magnetic storage is by far the largest medium
for storing information and is the most rapidly growing, with shipped hard-drive
capacity doubling every year. Magnetic storage is becoming the universal medium
for information storage. -
more info
July 18th, 2007
Physical and cyber attack - DRP Implications
(Jeff Bardin - Blog) - The combination of a
physical and cyber attack using our own infrastructure is inevitable. Attempts
have already been made and continue to be made.
It is easy to
appreciate the devastation of a physical attack and what it can bring because as
Americans, we need to see things in order to understand them. But we must not
underestimate the potentially devastating consequences of an electronic attack,
especially when used in conjunction with or as a precursor to a physical attack.
It may be just that cyber attack that enables the physical attack. Just like our
combined sea, air and land battle plans, ‘cyber’ is a core
component.
Our first responders depend upon our electronic
infrastructure in order to respond to physical attacks. If we suffer a
devastating blow to our electronic capabilities that stymies our efforts to
respond to the corresponding physical attacks, and clogs the cyber arteries we
depend upon, there will be a new 9/11 report asking why once
more.
In April of this year, a former engineer at the nation's
largest nuclear power plant (Palo Verde Nuclear Generation Station outside
Phoenix) was charged with taking computer access codes and software to Iran and
using it to download details of plant control rooms and reactors. Using these
codes could potentially combine the two (electronic/physical) for a massive loss
of life and thousands of years of radiation contamination. Are you scared
yet?
Information technology strikes are number two on Al QaedaÂ’s
(pronounced Al-Qaw-ed-da) list for strikes at our economy.
How many
of the 9/11 attackers were from the Kingdom of Saudi Arabia? How many study
computer science and engineering in the US? Thousands! When living in Saudi,
several organizations required students to attend the University of Tampa not
far from the US Special Operations Command and Cincom and of course, return to
the KSA. Those who were corrupted by the infidels in this country faced
significant scrutiny and pressure. Some linked to the royals even faced a
potential stint in the ‘Rub Al-Khali or Empty Quarter. Regardless, the point is
that when they return with their new found knowledge, they have no real job
which turns to apathy, anger and attendance at the radicalized schools or as
they are known in the West as madrasa (or school).
Electronic jihad
sections of online jihadist sites host the cyber war information and gives up to
the minute instructions or warnings of website penetration, suggestions for
targets or timing of attacks, with detailed advice on the
methods.
Just to ensure you have the proper level of paranoia and
fear, there is a book and movie entitled Ameristan by Charles Welty. The major
premise is that the United States of America becomes a conservative Muslim state
where Islamic Sharia is the law of the land. You can even download it for a
small fee.
Pakistanis harbor Usama bin Laden and the rest of terror
incorporated while we prop up a Shah Reza Pahlavi type regime that already has
nuclear weapons. General MusharrafÂ’s regime is on shaky ground. Pakistanis have
since October 2001 attempted cyber jihad against the US. We all know what
happened on Novermber 4, 1979 in Teheran, donÂ’t we.
What will you
do when the day comes? What will I do for that matter when we are hit? Are you
and your security and risk teams read for such activity? Is our critical
infrastructure prepared for such a hit that is not only multi-vector but
multi-faceted in its approach? Will we be prepared? Inshallah
bukarah -
more info
|
Other News Links
CTO Toolkits.com
e-janco.com
IT
Productivity.org
IT-Toolkits.com
ejobdescription.com
psrinc.com
psrorders.com
newsgroupworld.com
ntcity.com
disaster-planning-template.com
disaster-recovey-planning.org
disaster-recovery-planning.com
disaster-recovey-planning-template.com
|
     |
