XML FeedJanco Associates 

Disaster Recovery Planning News   ---  

FREE reports on top business
technology priorities

 

Backup For Disaster Recovery and Business Continuity Now Easier

 

Backup and RecoveryQuantum Corp. a global specialist in backup, recovery and archive, announced two new product releases designed to help end users solve the challenges of data backup and recovery across distributed environments by improving local data protection and disaster recovery (DR) while streamlining management and reducing costs. The latest addition of disk backup solutions with deduplication and replication, the appliance is optimized for remote and branch office environments that are part of a distributed enterprise. The other software product release provides new centralized, multi-tier management and reporting capabilities for unifying backup resources, including disk and tape.

more information

 

Disaster Recovery Business Continuity Basics

 

The basics of a Disaster Recovery Business Continuity Plan are defined in the Janco Disaster Recovery Business Continuity Template. They are:

  • Develop the contingency planning policy statement. A formal department or agency policy provides the authority and guidance necessary to develop an effective contingency plan.
  • Conduct the business impact analysis (BIA). The BIA helps to identify and prioritize critical IT systems and components.
  • Identify preventive controls. Measures taken to reduce the effects of system disruptions can increase system availability and reduce contingency life cycle costs.
  • Develop recovery strategies. Thorough recovery strategies ensure that the system may be recovered quickly and effectively following a disruption.
  • Develop an IT contingency plan. The contingency plan should contain detailed guidance and procedures for restoring a damaged system.
  • Plan testing, training and exercises. Testing the plan identifies planning gaps, whereas training prepares recovery personnel for plan activation; both activities improve plan effectiveness and overall agency preparedness.
  • Plan maintenance. The plan should be a living document that is updated regularly to remain current with system enhancements.
 more information

 

New Devices Make Backup Easier to Implement

 

Backup and recovery while complex may be easier as media vendors release new advanced products. While many external drives now come with a physical push-button backup option, a new genre of backup devices is emerging one-touch USB flash drives that combine the convenience of small size with relatively sophisticated backup applications for data protection.

The latest to arrive is the SanDisk Ultra Backup USB Flash Drive, which combines push-button backups with SanDisk's U3 smart-drive technology that allows a user to store Windows PC user preferences, profiles and settings as well as download and launch a limited number of applications from the flash drive.

 more information

 

Disaster Recovery Business Continuity Templates Addresses Mid-sized Requirement

 

Mid-sized businesses have long struggled to protect their IT systems. Many firms are inadequately protected and mistakenly think that a disaster is rare and will not happen to them anytime soon.  There is a lot of confusion and misunderstanding regarding what disaster recovery encompasses and how to implement it effectively. The Janco Disaster Recovery / Business Continuity Temple provides CIO and CFO with tools that address minor and major disaster scenarios. This template also clarifies what true disaster recovery means and how backup and high availability are not true DR solutions. Janco studies the newest technology trends, such as virtualization and storage replication, which make powerful DR solutions attainable and affordable even for mid-sized businesses.

more information

 

What is critical in creating a DRP BCP that works?

 

Good disaster recovery planning is about identifying those processes and resources that are truly critical, developing realistic recovery objectives for them and then developing a plan that can achieve those objectives as simply and cost-effectively as possible.

The reality is that a sophisticated DR plan that is too complex or expensive to properly maintain and test is worse than a plan that only does the minimum because it gives a false sense of security.

CIOs must make the right decisions in order to develop an effective, executable plan that allows their organization to create a process which will help them to recover critical enterprise functions after a disaster.

 more information

 

Backup Service Providers May Not Be Enough

 

Your data is only as safe as its most recent backup.  But what happens when you have worked on your laptop with enterprise critical data and it is lost or damaged.  You data is only as redundant as the integrity of the data that you have stored on your servers, but in this case you may have a compliance issue that you have not addressed. For companies that service customers in the cloud, if they cannot offer 99.9999% uptime and absolutely ensure data backup and restoration, they might as well not be in business.

There are a few issues at hand here. Not only must the backup provider ensure that the data is accurately and securely backed up whereby every packet and byte is accounted for, but you must also ensure that when the time comes, the data is "clean" enough to be plugged back into the system without a hiccup. It's the hiccup that companies need to avoid which is why they look for ways to backup their data to begin with, however they aren't always as proactive as the results they were expecting.

 more information

 

CIOs see Disaster Recovery and Business Continuity Budgets Slashed

 

Many CIOs have seen their disaster recovery budget for 2009 slashed and are wondering how they can recover when a disaster occurs.  CIOs are now looking for solution that that will not cost any money upfront. CIOs feel they can get money to recover if they have solution in place. CIOs cannot sit idly by while they roll out critical services without the safety net of Disaster Recovery / Business Continuity Plan in place - that is like skiing without a helmet or driving a car with no seat belt. For most, there is a very good chance that nothing bad will happen, but if something does go wrong, the consequences can be so severe that the overall risk is unacceptable.

more information

 

Recovery Time Objective (RTO) Defined

 

The two most common metrics for business continuity solutions are Recovery Time Objective (RTO) and Recovery Point Objective (RPO). RTO measures the window of time when service is unavailable and RPO represents the amount of data lost as measured in time before the failure.

Metrics

For example, organizations that use tape backup for Exchange recovery typically perform a full backup weekly and a differential backup nightly. If the introduction of a new software patch destabilizes an application server and it takes 2 hours to restore the server from the differential backup and put it back into operation, an RTO of 2 hours is achieved. However, it is likely that some hours of log files will need to be replayed to bring the RPO down to zero from the time of the last backup.

 more information

 

How a CIO should chose a backup site

 

 Disater Plan Site SelectionDisasters cost money, interrupt business operations and may cause the enterprise or government agency to fail, which makes planning a business continuity issue. Disasters can interfere with or even terminate IT and communications services. It does not matter whether the disaster affects the enterprise, government or service provider. Floods, fire, volcanoes, earthquakes and other events can destroy a primary and backup site if they are too close together.

Telecom service providers can offer expert advice on where to locate a backup facility and should position themselves with CIOs to offer both consulting and services. After all, they have experience planning for their own primary and backup facilities, as well.

A CIO's selection of the backup site location will always have risks and liabilities attached to the decision. Adequate and reliable communications to the backup site and communications between the primary and backup sites are what most service providers can successfully offer to the CIO.

      

In choosing a backup site, CIO's must first determine how big a disaster plan for and budget for it. The level of disaster planning increases as you goes down the following list:

  • Building closed/evacuated
  • Loss of power
  • Loss of communications
  • Facility damaged/destroyed
  • Community disaster (10-to-30 mile range)
  • Regional disaster (30-to100 mile range)
more information

 

Overlooked items in many Business Continuity Plans

 

Business Continuity PlanTraditional business continuity and disaster recovery address issues related to preparing the IT department and the office infrastructure to function. The typical policies, procedures, and process that deal with data backup and recovery, distributed data centers with redundant capacity, and preparedness plans for the technical staff.  Are that are often overlooked are:

  • Surge in remote connections - As employees and contractor turn into mobile workers, the volume of remote connections increases sharply placing more demand on the IT infrastructure. The support group must have ways to set up new mobile users quickly and give them access rights to the proper resources within the enterprise network.
  • First-time mobile users support - Technical support and IT staffs will be called upon to assist employees whose only experience has been using computers on a corporate LAN. Support staffs should trained and implement tools that make remote support easier.
 more information

 

Disaster Recover Process Defined

 

Preparation for Disaster Recovery / Business Continuity in light of SOX has two primary parts. The first is putting systems in place to completely protect all financial and other data required to meet the reporting regulations and to archive the data to meet future requests for clarification of those reports. The second is to clearly and expressly document all these procedures so that in the event of a SOX audit, the auditors clearly see that the DRP exists and will appropriately protect the data.

 

  

 

Analize

  • Define business continuity and what it means to your enterprise
  • Understand the impact of a potential disaster
  • Differentiate location vs. data destruction disasters
  • Calculate the cost of downtime

Document

  • Know your recovery objectives; define the parts of the plan
  • Outline what your business needs to get back up and running

Evaluate

  • Continuous vs. Periodic Replication
  • Weigh the complexities, the costs of replication technology
  • Improve the backup process with a formal backup and retention policy

Implement

  • Pick the technology that best meets your enterpriseÂ’s objectives
  • Test rigorously

 more information

 

Security When Business Continuity Plan is Turned On

 

Have you tested to see if your company's information protected by the security policy and solutions you have in place now work when you execute your disaster recovery business continuity plan ? Are you in full compliance with PCI-DSS, SOX, GLBA and HIPAA regulations, while also complying with your state's information security laws?

 

Federal and state rules enforcing the electronic security of personal information are becoming stricter and more complicated. As a result, companies are reexamining the way they deal with sensitive information to avoid the lawsuits, fines and loss of business reputation associated with a security breach.

Still, despite business's efforts to step up their security protocols, in 2007:

  • More than 79 million personal electronic records containing data such as Social Security numbers and credit-card numbers were compromised in the U.S.
  • This was nearly four times the number reported in 2006. (Source: New State Laws Enforcing Encryption, MessageLabs Whitepaper, Nov. 2008)
 more information

 

Alternative Disaster Recovery and Business Continuity Solutions

 

Disaster Recovery Audit

An alternative to traditional disaster recovery and business continuity planning solutions is needed to meet a number of new and growing business requirements including:

  • Workers increasingly need to collaborate to get their work done
  • Data must be protected from identity theft and to meet new privacy laws
  • Security software needs updat­ing to parry evolving security threats
more information

 

High Availability and Disaster Recovery Business continuity Planning

 

High availability of enterprise systems is a prerequisite for business continuity and or sustaining services to an organizationÂ’s end users and end customers. Achieving high availability during a period of rapid technology change or economic downturn can be challenging for many enterprises, which see too many obstacles to ensuring high availability across many servers and across the enterprise.

 Disaster Recovery Template Sarbanes OxleySecurity Template Sarbanes Oxley

The process of IT transformation brings new opportunities to improve high availability, especially for end-to-end applications that span the enterprise and that leverage the computing power of many servers across the network. That is because IT transformation opens the door to doing things differently breaking down the information silos that prevented a deeper integration across business units and a unified view of all networked servers. In so doing, there is also an opportunity to reduce server footprints via workload consolidation resulting in more efficient computing and in reduced power/cooling costs. In the process of IT transformation, IT infrastructure is optimized so that workloads run on the platforms that support them with the best performance and the greatest efficiency.

Enterprises that want to ensure that end users are able to access key enterprise systems on a 24 x 7 x 365 basis, with little or no perceptible downtime, are studying ways to protect important applications by applying reliable server hardware and high availability software to the workloads being deployed. Efficiency in operating these systems is essential to holding down operational costs associated with IT staff time, system downtime, and power/cooling for deployed systems.

 more information

 

Tape Backup Hinders Many Disaster Plans

 

Disaster Plan SecurityEffective disaster planning and business continuity planning has historically been out of reach for many small and medium sized businesses because it was too costly and complicated. While large companies could afford expensive hardware solutions, the highly trained staff to manage them, duplicate data centers, channel extenders, and expensive replication software, small and medium sized businesses are often limited to making backup tapes and carting them to the storage administratorÂ’s basement for safe keeping.

While tape backup remains a good long-term archiving method for many organizations, numerous problems limit its usefulness including:

  • Backup windows are shrinking – due to the huge growth in data volumes, requirements for longer retention and faster access, and generally greater reliance on data and technology.
  • Backup is not easy or quick, many organizations cannot backup often enough to adequately protect themselves – backing up once a week leaves a lot of data vulnerable.
  • Tape is not the most reliable medium – hardware failures, media failures, and human errors are common. Tape management is a constant IT headache and administrative costs are high.
 more information

 

Metrics for Organizations with no Disaster Recovery Business Continuity Plan

 

Disaster Recovery Business ContinuityAccording to Janco Associates, an International Disaster Recovery - Business Continuity consultancy the most common form of enterprise wide disaster is related to power outages.  Janco has found that in disaster recovery and business continuity cases it has reviewed the following is true:

  • Over one third companies take more than a day to recover from a major power outage caused by events like hurricanes and extensive disasters.
  • Over eleven percent of companies take more than a week to recover from these events.
  • The typical time to reconfigure a network that has not been planned for can take up to 72 hours - if the resources are available.
  • Data that is lost (not backup up electronically) can take weeks to re-enter if there is paper trail and if there is none the data can be lost forever.
  • Over 85 percent of companies that experience a computer disaster and do not have a Disaster Recovery - Business Continuity Plan go out of business within 18 months.
 more information

 

What You Need to Know Before Creating Your Disaster Recovery / Business Continuity Plan

 

Disaster Plan AuditThere are a number of standard answers that are needed before your create a Disaster Recovery / Business Continuity Plan.  They are:

  • Current critical business processes
  • Specific recovery time and recovery point objectives
  • List of key personnel involved in the D/R process
  • List of personnel needing information access after the disaster
  • How personnel will access information – from home, from a secondary data center, from a leased facility
  • What systems, applications, and data will be required, and for how long
  • Chronologically, how far back you need data to conduct business as if the disaster never occurred
 more information

 

Water Damage Is the Most Frequent Form of Disaster

 

While water damage is the most common form of disaster, every enterprise with assets of  needs a good fire-protection system. Since most emergencies seem to happen outside normal working hours, reliable fire detection systems on professional, twenty-four-hour monitors are a wise investment. Wherever possible, assets should also be protected by a fire-suppression system. The use of halon is no longer recommended. Professionals now recommend wet-pipe sprinklers for most enterprise record archives. In addition, water misting suppression systems have become available within the last several years; these can provide fire suppression using much less water than conventional sprinkler systems. Before choosing a fire-protection system, be sure to contact a professional or a fire-protection consultant for information about the latest developments in fire protection and for advice appropriate to your enterprise.

Disaster Recovery Template Sarbanes OxleySecurity Template Sarbanes Oxley
Disaster Planning AuditMetrics Internet IT

All fire-protection systems should be designed and installed by professionals with experience in servicing enterprise of your type, because the needs of your type of business differ from the needs for others.

more information

 

How the credit crunch has impacted the Disaster Planning and Business Continuity Process in Enterprises

 

In a survey of our JancoÂ’s clients 67 percent said that the financial crisis and the credit crunch has had an impact on business continuity planning in their organizations. Over one third of our clients reported that it had had a negative impact.

Medium sized organizations reported the most impact on business continuity activities, with over forty percent reporting a negative impact. While only one third of large organizations reported a negative impact and one fifth of small organizations did.

 Business continuityLarge organizations were most likely to state that the global financial crisis and the credit crunch had had a positive impact on business continuity activities.

Regional differences were quite striking, those located in the United States were the most badly impacted and Western Europe-based organizations apparently being least affected, closely followed by UK organizations.

The following shows the percentage of regional respondents who said that the global financial crisis and the credit crunch was having a negative impact on business continuity planning in their organization:

  • United States: 52 percent
  • Western Europe: 28 percent
  • United Kingdom: 35 percent
  • South East Asia: 47 percent
  • Canada: 48 percent
  • Pacific (Including Australia): 49 percent
 more information

 

Disaster Recovery Planning

 Disaster Recovery Planning TemplateEvery business and organization can experience a serious incident which can prevent it from continuing normal operations. This this can happen any day at any time. The potential causes are many and varied: flood, explosion, computer malfunction, accident, grievious act... the list is endless.  The Disaster Recovery Planning Template is designed to help you plan for these scenarios. They will help you reduce both the risk and impact should the worst occur.  The Disaster Recovery Planning Template  is intended to be a launch pad for those seeking help with the business continuity planning process. It offers information, guidance, tips, and links to a range of resources.

Creating a disaster recovery plan is considerably simplified by use of this template. Using detailed questionnaires and checklists, this MS-Word toolkit will help you create and review both your contingency practices and recovery arrangements.

more information

 

 

 Disaster Recovery Template Sarbanes Oxley

Metrics

Security Template Sarbanes Oxley
Sensitive Information Policy Personal Data Security
Sarbanes Oxley Compliance Tool Kit
Job Descriptions IT Salary Data
IT Salary Survey

© 2009 Janco Associates, Inc. - ALL RIGHTS RESERVED