Disaster Recovery Template Sarbanes Oxley
Sarbanes Oxley Compliance Tool Kit
 Information Technology Service  Management ITSM - Change Control, Help Desk, and Service Request
Security Template  Sarbanes Oxley
Sensitive Information Policy Personal Data Security

RSS News Feeds

Janco

IT Productivity Center

ejobdescription -

  psrinc

  IT-Toolkits

  Disaster Recovery Planning

 

 

 

IT Infrastructure - News

 


May 16th, 2012

[New Topic]

Disaster Planning

Whether you arfe a one-man operation or an international corporation, your business relies on a set of core processes used by people in specific roles who require certain IT systems and data. When disaster strikes, these people need to find a way to keep these processes up and running.

But too often, DR strategies focus more on the type of disaster than the particular business processes you need to protect. Focusing on the business instead of merely on the disaster helps to ensure your business can survive many challenges you might never have considered.

 Order Disaster Plan TemplateDisaster Plan Sample

This disaster recovery plan template is a road map for how businesses of all sizes can develop an effective business continuity plan designed to minimize the impact of disasters and reduce risk of time, money, valuable data, and reputation.

- more info 


April 29th, 2012

Disaster Recovery Business Continuity Strategy Definition

One recent survey finds that onetime events, such as the Japanese tsunami, the Arab Spring, and Europe's sovereign debt crisis, exposed vulnerabilities in private companies' business continuity preparedness. Among the chief executives surveyed only a minority say they are very confident that their current risk management strategies will prove effective over the next few years, with nearly one-third (29 percent) citing the need to revisit those strategies.

Disaster Types

 Order Disaster Plan TemplateDisaster Plan Sample

The need to revisit business continuity strategy was also cited by a greater percentage of companies that have over seas operations (39 percent), compared with US-only companies (21 percent). International companies are also more alert to the threat and potential effects of low-probability, high-impact events: 81 percent of companies that feel a need to revisit business continuity plans in light of last year's events.

Among companies that are changing their business continuity plans, there seems to be a disconnect between where they think their focus should be and where it actually is. While most of them (87 percent) agree that they need to focus more on planning for a broad range of emerging risks, the bulk of their business continuity effort (70 percent) goes into preparing for known, recurring risks; a considerably smaller 30 percent of their effort goes into planning for as-yet-unknown events.

- more info 


April 28th, 2012

A business continuity plan defined

A business continuity plan is a users' guide - the documentation - for how to preserve an organization.  In order for a plan to be useful, it must be created before an interruption occurs.  Business continuity is disaster recovery.  Lost revenue is a driving force in business continuity.  The reason to do a recovery plan is essentially to keep the funding coming in and the services going, and the clients being served.

  • Emergency planning are those procedures and steps done immediately after an interruption to business.
  • Disaster recovery are the steps taken to restore some functions so that some level of services can be offered.
  • Business continuity is restoration planning, completing the full circle to get your organization back to where it was before an interruption.

 Order Disaster Plan TemplateDisaster Plan Sample

MTO Disaster Timeline

- more info 


April 2nd, 2012

Business Continuity Planning 101

Disaster Business Continuity

The basic process for developing a business continuity plan is:

Order Disaster Plan TemplateDisaster Plan Template

  • Create a business continuity planning team: Members should be from operations management, the chief security officer, the IT department, legal staff, and human resources.
  • Define leadership roles: Determine which executives and employees are critical to operating the business (and supporting customers) that need to have access to key systems and information at all time.
  • Assume the worst and plan for needed extra capacity: Before an event occurs, businesses need to plan ahead for increased network bandwidth and secured remote access requirements.
  • Define emergency voice and data communications solutions: There are many to choose from, but a SSL VPN is one of the leading solutions to provide flexible, remote access, which is essential to any business continuity plan.
  • Define access points for operations, network and IT: Create a business continuity portal for employees and partners. If the company has an Intranet, this site becomes command central from which employees can access information - HR policies, emergency contacts and a "start here" feature should be included.
  • Contract for a secondary back-up site: Should the primary site be unavailable, companies should have a real-time mirror of data and staff housed at a secure facility.
  • Backup data: In the event that the secondary site is unavailable, organizations should plan for multiple layers of failover.
  • Plan to utilize smartphones and tablets: With mobile devices and "wireless networks", IT departments can leverage these tools to ensure complete connectivity in times of emergencies.
  • Pre-arrange Internet meeting capabilities: In the event of an office closure, employees still need to communicate internally or with external parties (i.e. suppliers, customers). Implement the technology before it is needed
  • Review number of sites and VPN gateways: Conducting an annual audit to provide a complete picture of your network and the ability to address problem areas before a disaster strikes.
  • Test and  test again: These 'fire drills' enable the business continuity team to see how the current system is working, especially when employees are accessing information from remote locations (i.e. from home, a relative's house, and hotel). Once complete, those in management, IT and human resources can modify their business continuity plan accordingly.
- more info 


March 1st, 2012

Many large companies believe they are immune to disasters

Disaster Strikes Amazon - Europe down for two days

A lightning strike knocked out servers at Amazon's only European data center and the provider has warned some of those affected face delays of up to two days before they get back online.

Preparing for Disaster

     

Amazon has told its EC2 customers in Europe some of them could face outages of as long as 24 to 48 hours as the cloud provider struggles to recover from a lightning strike that disrupted power supplies to its Dublin, Ireland data center. It took 3 hours to recover the first of the affected instances last evening European time (midday Pacific Time) and after almost 12 hours a quarter still remained offline, with knock-on effects slowing their likely recovery time.

- more info 


February 25th, 2012

Small business interruptions often become full scale disasters

DRP/BCP Security Templates
Many business interruptions which can be classified as disasters  are caused by infrastructure outages or human error, but they can also be the result of random power outages, natural disasters or international events. Clearly, any of these disruptions can be costly and undermine your ability to maintain IT operations. Unplanned outages can also create far-reaching consequences that impact your long-term revenue stream, your brand and ultimately, your organizationÂ’s survival. Forward-thinking leaders are experiencing a wake-up call, recognizing that the probability and types of risk to business continuity are higher than commonly believed, and they are taking steps to improve their resiliency capabilities.

Disaster Types

Order Disaster Plan TemplateDisaster Plan Template

Supply chain interdependencies, increasing regulatory requirements and geographically dispersed businesses encompassing everything from traditional storefronts to online operations, organizations are facing intense pressure to improve performance, maintain continuous availability and ensure data integrity. Areas of concern that organizations need to focus on include enterprise and work area risk, availability of critical data and business applications, IT stability, recoverability of IT infrastructure, data backup and disaster recovery.

They also need to determine the constantly changing governmental and industry regulations associated with business continuity that apply to them and have a plan in place to manage compliance. Meeting these demands in a global economy means today's enterprise must be highly resilient and able to anticipate multiple risks. At the same time, organizations should be prepared to withstand unexpected disruptions of all types while remaining poised to take advantage of new opportunities.

- more info 


February 18th, 2012

Disaster Reovery Planning

Preparing for Disaster

Effective disaster recovery planning depends on the people involved.  The resulting strategies and procedures are born out of cooperation and collaboration, combining requirements, strategies and steps to form a cohesive program for employee safety and business continuity.  To create a full-fledged program for disaster recovery, the right resources must be pulled together, at the right time, and for the right purpose.

Order Disaster Plan TemplateDisaster Plan Template

- more info 


February 12th, 2012

Disaster planning needs to consider political violence and terrorisim

Cloud DRP Security
Incident Communication PolicyThe Terrorism and Political Violence Map shows increased risk of political violence in the Middle East and North Africa, reflecting the significant turbulence of the Arab Spring uprisings in the region. The risk of coup d'etat and rebellions in Africa reflect a continent that presents a significant political violence risk. Civil unrest and employment disputes arising from austerity measures in Western European nations such as Greece, France, Spain and the UK are also reflected on the map. Meanwhile, terrorism continues to severely afflict established conflict zones like Iraq, Afghanistan, Pakistan and Somalia as well as parts of Nigeria and the Sahel region. The threat of occasional acts of international terrorism remains significant for most Western nations and major powers.

Disaster Plan

Explosion, Terrorist Attack, or Random act of Violence

  Order BCP Sample BCP

- more info 


January 20th, 2012

Core backup and recovery concerns

Backup PolicyCIOs and IT Managers need to consider manadated compliance requirements

  • Question that need to be answered are:
  • Is our data safe in transit and at rest?
  • What prevents hackers from gaining access to our data?
  • Is our data properly handled, stored, and deleted?
  • Who can access our data?
  • What are the benchmark measurements?
  • Is our data backup strategy compliant?
  • Will our recovery be successful?
- more info 


January 7th, 2012

How long should it take to create a business continuity plan?

Disaster Business Continuity

Business continuity planning is a continual process, and not something that is done once and filed away to be used in an emergency. In error many organisations treat the creation of a business continuity plan as a normal project, subsequently deploying the plan and handing over to an operational department for maintenance.

In most organizations, DR is the quintessential complex, unfamiliar task. Disasters happen so rarely that recovery operations are the opposite of routine. What's more the myriad, interconnected data, application and other resources that must be recovered after a disaster make recovery an exceptionally difficult and error-prone effort.

How to create a business continuity plan...

- more info 


December 14th, 2011

Which states had the fewest major weather disasters

The U.S. has sustained 112 weather/climate disasters over the past quarter century in which overall damages/costs reached or exceeded $1 billion. The total standardized losses for the 112 events exceed $750 billion, according to The National Oceanic and Atmospheric Administration (NOAA), National Climatic Data Center.

Disaster Types

Order Disaster Plan TemplateDisaster Plan Template
- more info 


November 5th, 2011

Foundation necessary for disaster recovery and business continuity

As an essential foundation step toward disaster recovery and business continuity readiness, are these best practices:

Preparing for Disaster
Order Disaster PlanDisaster Plan Template
  • Extending management technologies that automate the process of asset management, system configuration, and software distribution (This reduced the number of steps that required hands-on intervention and reduced IT staff time.)
  • Constraining their environment to a finite number of standard processors, operating systems, database products - making it easier to maintain and update
  • Consolidating servers over a long-term road map, reducing the number of server "footprints" that had to be maintained and updated
  • Standardizing IT practices, especially management of settings and configurations
  • Providing protected storage space within the organization's storage resources and establishing rules for backup of mission-critical data (This ensured adequate capacity for backup and recovery procedures and for restart of applications.)
Backup PolicyBlog PolicyCommunication PlanElectronic CommunicationMobile Device UseOutsourcing Policy
Records Management
Sensitive InformationSLA PolicySocial Networking PolicyTelecommutingTravel Laptop PDA
Disaster PlanningSecurity Policies ProceduresJob DescriptionsIT Infrastructure, Strategy, & Charter TemplateIT Salary SurveyDRP Security
- more info 


October 27th, 2011

Information security incident management - 27035:2011

ISO has announced the official launch of the new International Standard entitled 'Information technology – Security techniques – Information security incident management', the standard gives ‘how to’ guidance on detecting, reporting and assessing information security incidents and vulnerabilities.

Information technology – Security techniques – Information security incident managementISO says that ISO/IEC 27035:2011 will help organizations respond to information security incidents, including the activation of appropriate controls for the prevention and reduction of, and recovery from, impacts, and, in so doing, learn and improve their overall approach.

Edward Humphreys, whose team developed the original version of the standard, ISO/IEC TR 18044:2004, commented: “Effective and timely handling of major incidents can make the difference between the survival or death of an organization. The new ISO/IEC 27035 standard provides tried and tested advice on the processes and methods that need to be deployed for ensuring effective management of information security incidents.

Incidents can vary from the minor, which may have an impact on an isolated business system to a major incident, which affects all business systems. Some incidents have the effect of disrupting an organization and the use of its business resources for 24-72 hours or more; some cause a serious loss and/or destruction of data and some can leave the organization with a serious crime on their hands. ISO/IEC 27035:2011 offers a solution.

Order PolicySample Policy

ISO/IEC 27035:2011, which replaces technical report ISO/IEC TR 18044:2004, supports the general concepts specified in ISO/IEC 27001:2005.

The new standard is applicable to any organization, irrespective of size. It covers a range of information security incidents, whether deliberate or accidental, and whether caused by technical or physical means.

- more info 


October 16th, 2011

Business Continuity Experts Do Not Agree on a Key Definition

The maximum tolerable period of disruption (MTPD) is the term used for the requirement within which a recovery time objective (RTO) needs to be set. It is not universally accepted by business continuity practitioners and still seems to cause a great deal of confusion.

Disaster Business Continuity

The Business Continuity Institute's Good Practice Guidelines defines MTPD as "The duration after which an organization's viability will be irreparably damaged if a product or service delivery cannot be resumed." This seems straightforward and unambiguous enough, but it's only when you look closely at the definition and try to think about how it might be applied in practice that you'll see that not only is it of very little use, but it is also different from what was originally intended.

If something does not work in practice then the theory is wrong. The idea that there is some point beyond which an organization's viability will be irreparably damaged if a product or service delivery cannot be resumed would be an extremely useful concept if such a thing existed. However, in practice, you will never really know if an organization's viability has been irreparably damaged until the organization fails, let along the point at which this happens.

- more info 


October 1st, 2011

Disasters can occur any where at any time

Disasters are unpredictable by nature and can strike anywhere at anytime with little or no warning. Recovering from one is expensive and time consuming, particularly for those who have not taken the time to think ahead and prepare for such possibilities.

Disaster Planning - Janco has found that 80% of all enterprises that do not have a disaster recovery / business continuity plan in place before a disaster occurs never reopen.  However, when disaster strikes, those who have prepared and made recovery plans survive with comparatively minimal loss and/or disruption of productivity.

Disaster Business Continuity

Disasters can take several different forms. Some primarily impact individuals -- e.g., hard drive meltdowns -- while others have a larger, collective impact. Disasters can occur such as power outages, floods, fires, storms, equipment failure, sabotage, terrorism, or even epidemic illness. Each of these can at the very least cause short-term disruptions in normal business operation. But recovering from the impact of many of the aforementioned disasters can take much longer, especially if organizations have not made preparations in advance.

Most of us recognize that these potential problems as possibilities. Unfortunately the randomness of some of these disasters lulls some organizations into a sense of false security-"that's not likely to happen here." However, if proper preparations have been made, the disaster recovery process does not have to be exceedingly stressful. Instead the process can be streamlined, but this facilitation of recovery will only happen where preparations have been made. Organizations that take the time to implement disaster recovery plans ahead of time often ride out catastrophes with minimal or no loss of data, hardware, or business revenue. This in turn allows them to maintain the faith and confidence of their customers and investors.

Disaster Recovery Planning is the factor that makes the critical difference between the organizations that can successfully manage crises with minimal cost and effort and maximum speed, and those that are left picking up the pieces for untold lengths of time and at whatever cost providers decide to charge; organizations forced to make decision out of desperation.

- more info 


September 16th, 2011

Reducing recovery time

Rather than thinking of a recovery effort as a sequence of three steps performed in a more or less linear way - first, data recovery, then application re-hosting, then user reconnection.

Janco suggests an alternative. First, sufficient data (including application software) is used to re-host the application and users are reconnected to the recovery platform where they can proceed with order taking, email, and other functions. At the same time, more and more of the production systemÂ’s historical data is recovered.

 Order Disaster PlanDisaster Plan Sample

Such a strategy has the potential to abbreviate time-to-recovery by making critical application functionality available to workers sooner, enabling work to continue almost immediately after an
interruption event occurs and while the impact of the event is being reduced.

This strategy has enormous potential to improve business continuity strategies without significantly increasing their costs.

- more info 


September 12th, 2011

Disaster Planning for international enterprises

Disaster recovery and business continutiy plans for internationaly base organizations need to take in to account limitiations that various counties place on location of data.

Many parts of Europe forbid some data from being transmitted or stored outside of the country. Canada also has some rules that prohibit some data being stored in the United States due to the U.S. Patriot Act's provisions that let the federal government examine corporate records.

It's important to note that the legal issues are local to where your customer resides. You have to understand the laws and make sure that personally identifiable data and some financial records are kept local if required by the law.

This could be an issue as cloud computing systems become more distributed. Indeed, while the primary facility may be in-country, the failover site, or perhaps the site used when the primary site is under maintenance, could be across the border and, thus, noncompliant.

- more info 


September 8th, 2011

Business continuity framework

ISO 22301 Business Continuity Standard

  • Identify all critical applications and servers. Include ancillary systems like domain servers.
  • In collaboration with business management and technical experts, set recovery objectives (RTO and RPO) that strike the right balance between risk mitigation and practicality.
  • Create a well-defined IT disaster recovery plan, and update it at least annually. Include allowances for locating and activating the right people.
  • Test your recovery process at least monthly. Choose the most critical servers, not just the most convenient.
  • Use test results to update your IT disaster recovery plan.
  • When reviewing potential solutions, include the recovery process a part of your evaluation. Test not only the technical backup capability, but also the complexity of the recovery.
- more info 


September 5th, 2011

Next Disaster Requires Culture of Preparedness

At the center of the recent White House report, there is a call to "foster a new, robust culture of preparedness."

Disaster Recovery Security

Order DRP BCP SecuritySample DRP

The challenge comes after the report details the long list of tragedies that last year's deadly hurricane wrought, including more than 1,330 deaths and $96 billion in property damage. In terms of communications, 38 centers that normally handled 911 calls failed, while 3 million customers lost phone service.

The report urges a wide variety of players to build this new culture, including myriad federal agencies and tens of thousands of state and local emergency first responder agencies. And it calls on private citizens and the private sector to take part.

- more info 


September 5th, 2011

How well did you disaster plan survive the latest storm

Cloud DRP SecurityIncident Communication PolicySecurity Audit Program




Many businesses had not tested the recovery plans before the hurricane for a server or site failure. With business continuity a core component of risk management, a well-rehearsed plan lays the foundation for confidence that your IT systems will work when needed most. Testing at least once per month is important to maintain engineering best practices, to comply with stringent standards for data protection and recovery, and to gain confidence and peace of mind. In the midst of disaster is not the time to determine the flaws in your backup and recovery system. - more info 

 

 

IT Salary Survey
IT Hiring IT Job Descriptions IT Salary Survey
Metrics Internet IT
Job Descriptions IT Salary Data
IT Business Strategic Alignment




Other News Links

CTO Toolkits.com

e-janco.com

IT Productivity.org

IT-Toolkits.com

ejobdescription.com

psrinc.com

psrorders.com

newsgroupworld.com

ntcity.com

disaster-planning-template.com

disaster-recovey-planning.org

disaster-recovery-planning.com

disaster-recovey-planning-template.com

 

© 2009 Janco Associates, Inc. - ALL RIGHTS RESERVED -- Revised: 06/16/09.