According to Janco Associates, the primary factor in the activiation of Disaster Recovery and Business Continuity Plans is computer hardware failure.

Google has a tool to help people locate friends and loved ones who have been affected by the 8.8.-magnitude earthquake in Chile.

Google Person Finder allows users to search for information about people by name or leave information about people in both English and Spanish. The page said it contained 22,900 records. However, the page cautions users that all data input would be viewable and usable by all and that the company plays no role in verifying the information. Google had set up a similar Person Finder tool after Haiti's recent earthquake.

When the recession started, IT spending fell off a cliff.  Hardware and software companies are hoping that IT spending will make a strong comeback because of the pent up demand and the fact that there is a lot of aging IT gear installed today.

Most companies have extended their maintenance contracts, but, at some point, that will not be enough as IT systems start failing.

Predicting IT failure is not a hard thing to do. When you deal with tens of thousands, and even hundreds of thousands of servers, data storage systems, network equipment, etc, it is a relatively simple statistical exercise.

The fact that IT systems are aging.  Maintenance contract prices increase every year that older equipment is kept working. At some point it becomes more expensive than upgrading. And upgrading brings additional benefits such as higher performance from the latest processors and subsystems.

Currently, a large part of an organization's IT budget is being spent on regulatory compliance issues, and on security, which is related to regulatory compliance. For the executives, being in compliance means not going to jail.

But if you can't run your business IT applications reliably then being compliant becomes a moot point. So, will spending on basic IT infrastructure come roaring back this quarter? Or will companies try to eek out another few months of performance out of their aging IT systems?

Disaster planning is complex; the written plan is the result of a wide range of preliminary activities. The entire process is most efficient if it is formally assigned to one person who acts as the disaster planner for the institution and is perhaps assisted by a planning team or committee. The enterprise's director may play this primary role or may delegate the responsibility, but it is important to remember that the process must be supported at the highest level of the organization if it is to be effective. The planner should establish a timetable for the project and should define the scope and goals of the plan, which will depend largely on the risks faced by the enterprise.

Janco has identified four primary business drivers of data protection:

• Provide Business Continuity and Disaster Recovery. This is the traditional concern of mitigating exposure to information loss. However it has grown more complicated as 24/7, global economy, and open source have become standard business issues. Of paramount importance is overcoming the hurdles associated with backup window requirements, application performance, reliability and consistency, and recovery time.
• Streamline Process Management and Increase Productivity. As staff and resources become overburdened, companies are refocusing on process management. Easing critical pressure points is often the catalyst to surviving a difficult fiscal climate.
• Contain Storage and Server Costs. Controlling cost of operations has become a top priority for many organizations. With data growing at exponential rates, these costs can easily mushroom.
• Support IT Infrastructure Consolidation. Today's data protection architecture seems to be intrinsically broken - as characterized by slow backups, complex recoveries, compromised application performance, and difficult resource administration. IT infrastructure consolidation including server virtualization magnifies the problems and elevates the rearchitecture of storage and data protection as a priority. Finding high performing, easy-to-use, scalable data protection remains a key imperative. Further, system migration of production servers and critical applications to a virtual environment are likely to be costly and painful unless an easy and minimum-impact solution to migration is built into the rearchitecture.

Certain areas of the United States have also had power supply problems in the recent past. Most notable is California with its infamous rolling blackouts. Parts of Texas also implemented rolling blackouts when there are abnormally high temperatures. Other regions of the country implement brownouts, where the voltage is reduced to customers during power emergencies. Brownouts can severely affect electronic equipment not protected with an UPS or voltage regulation device. A CIO whose data center was located in the region of California affected by the power crises said: You have to restore and operate your systems from an alternate location that has power. Obviously, that site is usually pretty far away and it is not practical to physically move systems. Moving an interconnected web of storage and servers to another set of infrastructure is a huge challenge. These things just were not designed for that kind of mobility and that is exactly the problem that virtualization solves.

• Repeated full backups
• Repeated incrementals of the same file when it changes multiple times.

A deduplication system identifies both situations and eliminates redundant files, reducing the amount of disk necessary to store your backups anywhere from 10:1 to 50:1 and beyond,
depending on the level of redundancy in your data. Deduplication systems also work their magic at the subfile level. To do so, they identify segments of data (a segment is typically smaller than a file but bigger than one byte) that are redundant with other segments and eliminate them. The most obvious use for this technology is to allow users to switch from disk staging strategies (where theyÂ’re storing only one nightÂ’s worth of backups) to disk backup strategies (where theyÂ’re storing all onsite backups on disk).

There are two main types of deduplication. Target dedupe systems allow customers to send traditional backups to a storage system that will then dedupe them; they are typically used in medium to large datacenters and perform at high speed. Source dedupe systems use different backup software to eliminate the redundant data from the very beginning of the process and serve to back up remote offices and mobile users.

As business technology proliferated over the past 10 to 15 years, DRP / BCP coverage expanded from back office systems to all types of additional business applications.

New business applications and IT services help organizations react quickly to a dynamic marketplace and provide access to information -  wherever and whenever it's needed. Areas of concern include:

• Companies are reducing the overall number of data centers, consolidating remote and branch office assets in the process.
• E-mail, instant messaging, IP telephony, and collaboration applications have become integral parts of many companiesÂ’ business processes.
• Given the volume of users accessing information, securing the environment is crucial. Allowing unauthorized users to access classified information or failing to protect data in flight could result in significant security breaches.

Long-term data retention includes weekly, monthly or other long-term backup, primary backup copy of data, off-line copy of static or fixed content data, archive and strategic data preservation. The emphasis is on low cost, long-term durability, compatibility, and energy efficiency for lengthy data retention. Tape is leveraged as a high performance bulk storage medium to off-load the disk cache, boosting the effectiveness and utilization of disk-based systems. From a green and economic efficiency standpoint, data staged off-line to tape consumes no energy while enabling exceptional performance during bulk restore operations. The combination results in both very green and economically efficient storage in addition to supporting business sustainability and enabling compliance.

A tape copy operation may be made locally and then physically transported to another location for safe off-site storage, or data may be replicated as part of the backup and data protection process to a remote VTL or tape library where a removable tape copy is made. Hybrid solutions also leverage diskto- disk locally with snapshots or other point-intime copies that are then replicated to another location or to a cloud-based storage managed service provider (MSP). Data and network bandwidth optimization techniques and technologies, including compression and deduplication among others, enable more data to be moved on available networks or to reduce networking requirements.

Server enclosures provide access control options such as lock-and-key, electronic control, RFID local readers and access cards.  

• Keys can be matched to individual cabinets, multiple cabinets of a certain type (such as containing networking equipment, telephone company equipment or servers), or any other combination desired.
• Electronic control can provide multiple types of access, such as remote control, timed control, card reader control or a combination of all of these methods.
• Diversified access-control strategies enable you to manage access at the level of function and/or individual, while a top-level disaster recovery administrator has a master key.

1.       Focus on operations

2.       Train everyone on how to execute the DRP and BCP

3.       Have a clear definition for declaring when a disaster or business interruption occurs that will set the DRP and BCP process into motion -

4.       Integrate DRP and BCP with change management

5.       Focus on addressing issues BEFORE they impact the enterprise

6.       Validate that all technology is properly installed and configured right from the start

7.       Monitor the processes and people to know what critical

.

Many disaster recovery plans cannot keep up with the speed of doing business in today's world. A 24-hour recovery time from a disaster is enough to put many companies out of business.

Many business executives feel their disaster recovery strategy is woefully inadequate and that their disaster recovery plans are out-of-date and provide for minimal coverage. This coverage includes having their legacy applications run on their mainframe or proprietary systems. Very few disaster recovery plans go much deeper into the application suite.  In interviews with business executives Janco estimates their coverage to be about 10% of their critical applications. According to the some estimates, 75% of all critical applications operate 24/7. That is precisely why corporations are moving away from disaster recovery to replicated data and processing. However, this falls short as well. Instead, what is needed is an architectural approach to the problem.

The Janco Disaster Recovery - Business Continuity Template directly address these issues.

A disaster recovery is a response to a declared disaster or a regional disaster. It is the restoration or recovery of an entire Agent computer. A disaster recovery plan describes how an organization is to deal with potential disasters.

Just as a disaster is an event that makes the continuation of normal functions impossible, a disaster recovery plan consists of the precautions taken so that the effects of a disaster will be minimized, and the organization will be able to either maintain or quickly resume mission-critical functions.

In unveiling the Smart Business Storage Cloud, IBM said it also planned to launch a business-grade public cloud that would offer "flexible consumption models and a self-service user interface to fully abstract the technology from the end user." However, no timetable or pricing was offered.

Cloud storage is a broad term that typically applies to storage systems that are highly scalable and can be used internally or externally. The systems often use some form of clustered or grid-based storage.

IT organizations looking at cloud storage are typically under mandates to reduce escalating storage costs. In addition, they are faced with meeting increasing performance demands and dealing with massive data growth and overworked IT staff.

IBM's proposed solution to these problems for large organizations comprises the tech company's XIV storage arrays, BladeCenter servers, and General Parallel File System. The system would support multiple petabytes of data, including text, audio, and video, in a single global namespace.

Key to IBM's private-cloud offering is a new Information Archive, an integrated hardware and software system that provides a single unified platform for information retention. GPFS is a core component of the system, as is policy-based management software that automatically moves less active information to inexpensive storage systems, such as tape.

While making better use of tape, the system also retains access to data in those systems. "Using a customizable 'collections-based' approach, the archived data can be accessed in a private cloud computing environment, even if it's stored on tape media," IBM said in a statement. "This capability is critical as an increasing amount of data is expected to exist in archived formats."

IBM promises a "highly secure" environment that's built using a customer's existing security and authentication infrastructure.

IBM Global Business Services launched cloud-consulting offerings to complement the latest products. The services are geared toward helping organization build a business case for cloud computing, identify processes that would benefit the most, and define a roadmap for deployment.

IBM's entry into cloud storage is likely to present a serious challenge to other vendors, such as Amazon, Microsoft, AT&T, and Hewlett-Packard. A recent survey by Evans Data found that developers considered IBM as being able to provide the most secure private cloud environment, and was also rated high in reliability and ability to execute.

An IT products catalog combines detailed information about all of the hardware and software used by an organization, as well as relevant alternatives and planned technologies. It normalizes data (identifying the different variants and versions of software, for example), associates solutions with vendors, puts solutions into categories, and potentially adds related data, such as support information, power consumption, pricing and more.

Unfortunately, creating and maintaining a comprehensive IT products catalog is an enormous challenge. There are tens of thousands of vendors, millions of products, and an exponentially larger set of product attributes. As a result, most IT catalog attempts suffer from limited scope, out-of-date data, and the lack of relevant business context.

ISO 17799 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 17799:2005 contains best practices of control objectives and controls in the following areas of information security management:

• security policy;
• organization of information security; 
• asset management;
• human resources security;
• physical and environmental security;
• communications and operations management;
• access control;
• information systems acquisition, development and maintenance;
• information security incident management;
• business continuity management;
• compliance.

The control objectives and controls in ISO/IEC 17799 are intended to be implemented to meet the requirements identified by a risk assessment. ISO/IEC 17799 is intended as a common basis and practical guideline for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities

When a pandemic strikes your enterprise the business continuity and disaster recovery plans need to allow IT workers to manage computer systems from home.  There is no other alternative but to have them in the office.

A Level 6 alert means that company officials will be asked by the U.S. Centers for Disease Control and Prevention to undertake a number of efforts to fight any pandemic -- including the appointment of a workplace Pandemic Coordinator or team.

The Pandemic Coordinator is responsible for monitoring employees to ensure they follow basic rules of hygiene, such as washing hands, and to make sure that breathing masks are available. If a worker becomes sick, the Pandemic Coordinator must ensure they go home.

The real issue is not sick employees, but an inability to get supplies and deliveries.

If your enterprise is in a locality that gets to pandemic levels of infection your enterprise is going to see issues like suppliers not being able to get deliveries to you because they are sick.  This will be a regional issue, even if your organization is not directly affected by the flu.

There is a multiplicity of benefits in planning for Business Continuity within your organization. Not only will your data, hardware, software, etc., be better protected, but the people that compose your organization will be better safeguarded should a disaster occur. In addition, employees will be informed and rehearsed as to what actions to take to immediately start the recovery process and ensure business continuity if disaster strikes.

Without this type of preparation any unexpected event can severely disrupt the operation, continuity, and effectiveness of your business. Disabling events can come in all shapes and varieties. They can vary from the more common calamities like hard drive corruption, building fires or flooding to the rarer, yet more severe and often longer lasting disruptions that can occur on a city-wide or even national basis; events such as disruptions in transport (oil crises, metro shut-downs, transport worker, strikes, etc.), infrastructure weakening from terrorist attacks, or even severe loss of staff due to illness like a pandemic flu. All of these strikes a blow at an organization's struggle for business continuity.

For smaller companies the impact of  even lesser disasters can hit much harder. For example, unexpected non-availability of key workers alone could be catastrophic, potentially causing as much disruption to business continuity as technological hardship, especially if it occurs during the height of the company's busy season. If only one person is trained to do particular and/or essential tasks, their unexpected absence can severely disrupt productivity.

It is necessary that an appropriate administrative structure be created to effectively deal with crisis management. This will ensure that all concerned understand who makes decisions, how the decisions are implemented, and what the roles and responsibilities of participants are. Personnel used for crisis management should be assigned to perform these roles as part of their normal duties and not be expected to perform them on a voluntary basis. Regardless of the organization - for profit, not for profit, faith-based, non-governmental - its leadership has a duty to stakeholders to plan for its survival.

With the explosion of technology into every facet of the day-to-day business environment there is a need to define an effective infrastructure to support operating environment; have a strategy for the deployment and technology; and clearly define responsibilities and accountabilities for the use and application of technology.

The template comes as both a WORD document utilizing a CSS style sheet that is easily modifiable. 

Access to Web sites based in the U.S. and some Asian countries stopped or slowed on Monday afternoon for many Chinese Internet users. The partial service outage affected China Unicom and China Telecom, the countryÂ’s two major fixed-line operators.

Nine undersea cables were damaged off the southeast coast of Taiwan during the earthquake Monday and in undersea landslides caused by Typhoon Morakot last week, China Telecom said in a statement. The operator had been using five of those cables, including the APCN2 (Asia-Pacific Cable Network 2), it said.

The carrier is rerouting traffic through backup channels and working with foreign operators to rent or buy their international bandwidth.

China Unicom cables were damaged in the typhoon last week as well, but Internet service was not affected until a backup cable was damaged as well this week, the company said in a statement.