IT Infrastructure - News

Enterprises faced with decisions which follow serious flooding and water damage from the aftermath of fire, and related water-damaged exposure, need to be reminded that replacement is nearly always much less costly than salvage and restoration. The necessity for making sound, on-the- spot, cost-effective judgments is the best reason for being prepared in advance by developing a pre-disaster preparedness plan.

When you consider the impact on the enerprise if you are not ready, it is easy to see why a plan is necessary.  Given that why is it that almost 40% of all enterprised do not have a plan in place.  Plus many that do have a plan have not tested it to see if it meets the enteprises needs.

Read on....  or better yet order a Disaster Planning Template for $399.

Realistically, many large corporations will not trust their data to newer third party providers like Google because of well published failures of their Gmail system.  However, they may trust major corporations like IBM, AT&T as they expand their offerings.

Managed backup and data recovery services do exist today, but they tend to be very expensive "enterprise-class" or very mediocre consumer-oriented services. There should be a way for cloud infrastructure to become a real option for enterprises.  But there are issues:

• Regulatory Compliance: Does your third party provider meet all mandated security and identity theft requirement? If they fail will the compensate you and individuals harmed?
• Automation: How does the data get from internal servers to the service provider, or how does it get from individual desktops?
• Security: How secure is your data? What exposure do you put your enterprise in
• Data integrity: How do you know that your data is actually your data if it is not in private space or virtual machines?
• Risk: What is the risk of losing your data without a defined service-level agreement?

Almost 15% indicate they cannot tolerate any downtime.1 In the past, this type of business demand was only consigned to a relatively small group. However, many more organizations of all sizes, in all industries and located across the globe, now require applications to be running and data to be always available. The needs of these organizations go far beyond simply recovery, requiring an environment that maintains business continuity during and immediately after a disaster. To make it more interesting, the number and types of applications that require this level of protection is very diverse.

Available as software, a hardware and software combination, or a service where a company transmits its data across the Internet to the provider's data vaults, these tools are designed to store data in a compliant manner while providing quick, accurate copies in case of emergency. Many of these backup tools monitor and report on backups across multiple vendors' backup products, therefore easing the auditing process. Encryption plays a big role in these tools, as many industry and federal regulations mandate safeguarding data. Compression and incremental back-up features are designed to save on storage space.

• Human error -  an administrator might delete an entire organizational unit (OU) instead of a particular user, or accidentally delete a service account, which could affect hundreds of users.
• Unexpected consequences -  an administrator might use a script to set one of the Extension Attributes in Active Directory only to find out that Extension Attribute contained data for another mission critical application that wonÂ’t work anymore because of the changes. The data must be restored as soon as possible.
• Malicious activity - both current and recently-terminated employees, as well as external service providers, might find ways to access your sensitive systems and data, and their knowledge can enable them to cause significant damage.  According to Entrepreneur, "four out of five IT-related crimes are committed from within an organization".  Moreover, CSO Online reports that "inside security breaches affect 49% of companies". Once your network is under attack, it's too late to plan - you need to have your diagnostic and recovery tools in place.
• Viruses -  Viruses can damage Active Directory data, and the replication process propagates those unwanted changes. Anti-virus software, of course, provides protection, but it is critical to be able to respond quickly to viruses that get through.

1.       Acknowledge that at disaster can occur

2.       List and prioritize the risks your enterprise faces  from each disaster threat

3.       Inventory your enterpriseÂ’s technology and operational structure

4.       Inventory your enterpriseÂ’s technology assets

5.       Define the necessary service levels your enterprise and its customers need

6.       Develop a plan to operate during and after the disaster

7.       Test the plan that you have created

The rush to find ways to send tens of thousands of SMS messages to student cell phones has been intensified becasue all of the recent on campus incidents.

However, these incidents are not the only recent incentive for schools to look for ways to reach their students in an emergency. Other reasons include weather emergencies, especially in the South where hurricane evacuations are almost an annual event.

And, of course, there's the fact that the U.S. Department of Education requires colleges and universities to have the means to reach their students in a timely manner in times of crisis. The question for university administrators has always been what is the best way to notify students, and in many cases, that boils down to e-mail, since virtually every student has a school e-mail account. The problem is, as Virginia Tech found to its sorrow, that e-mail is rarely an adequate solution.

A maker of computer games in Cedar Falls, may be permanently displaced after Cedar River floodwaters reached 6 feet in its administrative offices and 5.5 feet in an adjoining warehouse. The company sustained about $250,000 in damage to inventory.

The firm's president said all 65 employees are now working temporarily in borrowed offices in three facilities.

As the floodwaters approached on June 9, employees scurried to save 120 PCs, 80 monitors and eight servers. Three high-end printers could not be removed in time.

The company plans to revise his disaster recovery plan. "When a river comes up 6 feet higher than it ever has before, it's tough to have that foresight," they said. "But it is probably going to happen again."

A software development company has plans to deal with tornados and electrical outages, but executives never dreamed they would have to contend with the Cedar River surpassing 500-year-flood levels. "Going through this experience [will] make those plans [more] than just part of an IT checklist," he said.

A key lesson learned was that companies must prepare for employees to miss work to help families and communities after natural disasters.

Â…People living near the proposed projects would have limited opportunities to object. The government argues that the reform is needed to ensure the planning system can "meet the long-term challenges we face as a society."

Â…But the Planning Disaster Coalition, which include Friends of the Earth, the National Trust and the Campaign to Protect Rural England says the change will make a "mockery" of democracy, by taking away the rights of people to have their say on developments in their local areaÂ….

However, before placing the technology cart before the horse, a critical phase in any form of disaster recovery planning and design is to establish a solid understanding of applications and their interdependencies. A good initial step in this process is the establishment of a disaster recovery application inventory.

What should such an inventory include? While requirements can vary depending on the organization, a basic listing should include the following items:

• Application name and description
• Business function -- the business unit or functional area the application supports
• Business process -- the specific business process supported
• Recovery objectives -- stated recovery time objective (RTO) and recovery point objective (RPO) targets for the application
• Known related applications -- this includes both applications that act as sources and targets in the business process
• Server details -- a list of the actual servers, both physical and virtual, on which the application resides, along with configuration details
• Storage details -- the actual storage devices and logical unit numbers (LUN) allocated to the servers
• Software requirements -- specific information about the software
  

Disk-based vs. Tape Backup: The Pros and Cons All organizations use tape to back up data nightly. Tape is fairly inexpensive and low-tech, but managing and administering tape, backing up to tape and restoring files from it can be time consuming, unreliable and complex. Disk has always been an easier, more reliable alternative, but until recently its high acquisition cost has made it untouchable for many organizations. Fortunately, new disk and data reduction technologies have recently converged to make disk-based backup available at about the same price of tape backup systems.

But what about organizational insiders? Which applications or appliances are scrutinizing the information being passed out of the network? Intrusion prevention systems and firewalls aren’t looking for intellectual property sliding out the door right under their virtual noses. Specifically in healthcare organizations, what about patient information sent unprotected over the Internet to another provider? Add in the always-changing regulatory environment, and security is a unique challenge. All it takes is one misstep to compromise sensitive information. These are legitimate, authorized users communicating in an above-board way – but potentially exposing sensitive data in the process. This is the core of the immensely complex problem of data loss.

To address the data loss problem, organizations need to focus now on content filtering and blocking of electronic communications leaving the network – and not just email, but instant messaging (IM), webmail, HTTP and FTP communications as well . All avenues of electronic communication need to be policed to prevent intellectual property, financial information, patient information, personal credit card data, and a variety of sensitive information (depending on the business and the industry) from falling into the wrong hands.

To meet these growing demands at a reasonable cost, organizations are moving to IP-based networks; 70 percent of North American and 79 percent of European organizations use some combination of the Internet, MPLS or Ethernet to connect to their primary backup datacenter. Bandwidth prices may be in decline, but that doesnÂ’t mean it comes cheap. Bandwidth, on average, is 29 percent of the total cost of replication, backup and recovery solutions, and is often constrained by the effects of latency.

End-to-end plans for turning disaster recovery into full business continuity are very complex, but from an IP-network perspective it can be reduced to three main challenges.

University police and IT and communications professionals from around the nation said in recent interviews that the killings of Virginia Tech students and faculty on the Blacksburg, Va., campus by gunman Seung-Hui Cho led to a buying spree of new communications technologies and services. The goal was to bolster the capabilities of existing e-mail and voice-mail systems, as well as outdoor sirens.

The Virginia Tech shootings heightened our awareness of additional ways to disseminate crucial information -- including the use of text messaging because of its popularity with college students, said the president-elect of The Association for Communications Technology Professionals in Higher Education (ACUTA) and an IT professional at Columbia University in New York. a flurry of activity has ensued in the past year, she added, with both large and small colleges evaluating their emergency communications needs.