News

CTO Toolkits

Janco

IT Productivity

IT Toolkits

eJobDescription

PSR

CIO and CTO

newsgroupworld

disaster planning
template

ntcity

disaster planning
template

DR Knowledge Base

disaster recovery planning
org

disaster recovery
planning template


IT Hiring IT Job Descriptions IT Salary Survey

Metrics Internet IT

Disaster Business Continuity

Security Policies Procedures

Job Descriptions

IT Salary Survey

 

Janco

RSS Standard XML
RSS Latest 25 items
RSS Latest 10 items
RSS Latest 5 items
RSS Historical Feed

Other Feeds

RSS IT Productivity Center
RSS eJobDescription
RSS psrinc
RSS IT-Toolkits
RSS Disaster Planning

 

News for the Disaster Planning Template

The Disaster Planning Template News feed is an XML news feed that you can subscribe to and re-publish on your web site or blog. The only requirement that you need to meet is that the feed is included with no modifications and that the links within the feed are retained as is.

If you wish to subscribe to this news feed the option that you have is:



Business continuity after a terroist attack or a pandemic

Most aspects of business continuity and disaster recovery planning apply to terrorist attacks and pandemics just as much as to fires, hurricanes, floods, earthquakes, and other natural and manmade disasters.  Business Continuity However, there are a number of areas that need to be re-visited because of the uniqueness of these types of interruptions. 

  • Communication - While communication is important in any disaster recovery scenario, it is particularly critical in the event of a terrorist attack or a pandemic. Employees and their families may be personally threatened, and they may be exposed to rumors and panics, it is particularly important that they receive accurate, up-to-date information on safety and health issues. Employees also need detailed information on company policies and procedures for working in the new environment, and open communication channels to company officials to help resolve personal and work-related issues in high-stress situations.
  • Security and Connectivity - Enterprises must plan to provide secure and reliable access to corporate networks for employees who work in their homes, hotels, or other remote locations. Administrators must have a plan for distributing software to remote computers, ensuring security on computers outside of the corporate firewall, and providing backup and data encryption capabilities to mitigate the risk of mobile devices with sensitive data being lost or stolen.
  • Collaboration and Re-Engineered Processes - Planners and developers must re-engineer business processes so they can continue without face-to-face interaction between employees.

 

 - more info


Business continutiy defined

Disaster Recovery Plan Template
In the simplest of terms, it is good business for a company to secure its assets. CIO under the direction of CEOs and enterprise shareholders must be prepared to budget for and secure the necessary resources to support business continuity.

It is necessary that an appropriate administrative structure be created to effectively deal with crisis management. This will ensure that all concerned understand who makes decisions, how the decisions are implemented, and what the roles and responsibilities of participants are. Personnel used for crisis management should be assigned to perform these roles as part of their normal duties and not be expected to perform them on a voluntary basis. Regardless of the organization - for profit, not for profit, faith-based, non-governmental - its leadership has a duty to stakeholders to plan for its survival.

OrderDownload Table of Contents

With the explosion of technology into every facet of the day-to-day business environment there is a need to define an effective infrastructure to support operating environment; have a strategy for the deployment and technology; and clearly define responsibilities and accountabilities for the use and application of technology.

The template comes as both a WORD document utilizing a CSS style sheet that is easily modifiable. 

 - more info


Security Breaches Are a Disaster Recovery Business Continuity Concern

DRP BCP SecurityServers are so compact that they could be removed from the building in a briefcase. When you consider the magnitude of the IT investment, and the value of the data and applications that ride on it, you can appreciate the critical importance of protecting it from unauthorized access.  This is especially true after a disaster - anyone can walk off with you enterprise's key assets.

Server enclosures provide access control options such as lock-and-key, electronic control, RFID local readers and access cards.  

  • Keys can be matched to individual cabinets, multiple cabinets of a certain type (such as containing networking equipment, telephone company equipment or servers), or any other combination desired.
  • Electronic control can provide multiple types of access, such as remote control, timed control, card reader control or a combination of all of these methods.
  • Diversified access-control strategies enable you to manage access at the level of function and/or individual, while a top-level disaster recovery administrator has a master key.
 - more info


Wi-Fi Proves Itself in a Disaster Area

When Hurricane Katrina hit New Orleans, the only communication system that had not broken down was the wireless mesh network deployed in the downtown area to support surveillance cameras credited with reducing the citys prestorm violent-crime rate.

Today it still performs police duties, but as the lone public communications system left in the city, it also carries VoIP traffic that is the lifeline for many city businesses.

The storm wiped out wireline phone service and cellular networks, and those that it didn't destroy outright couldn't be kept up because the city could not get fuel to the backup generators needed to keep the networks running, Meffert told an audience at a session during Spring VON 2006 this week.

 - more info


Email Disaster Recovery and Business Continuity Requirements

 BuyTable of Contents

Disaster Recovery and Business Continuity for email requires at least six factors to be included when the plan is created.  They are:

  • Emergency backup for primary mail server
  • Ability to send and receive emails
  • View "some" email history
  • Retain history during the recovery period
  • Spam and virus filtering
  • After the fact synchronization with primary email server

Based on working with thousands of customers, Janco Associates has developed a Disaster Recovery and Business Continuity Template that includes everything that you need to create a custom Disaster Plan.

You can download a full copy of the table of contents by going to http://www.e-janco.com/Register_drp.asp.

 - more info


Disaster plans are not keeping up with increased volumes

Data volumes are expanding rapidly and many Disaster Recovery and Business Continuity plans are not keeping up.  It is estimated that over half of large US enterprises had 11 terabytes or more of unstructured data - business documents, virtual machine images, email, media files, etc. - in their environments, with annual growth rates hovering around 60%. This is compounded by a 20% or more annual growth rate for transactional data, historically the bulk of data processing. With remote office staffing levels in decline, IT's ability to track and secure these growing data sets is in jeopardy. - more info


Business Continuity Planning Key to Business Operations

Business Continuity planning is key requirement for running any modern enterprise that takes its operations and its clients seriously. With so many potential disasters looming that can befall an organization at any time, it seems unwise not to take actions to prepare for and try to prevent the devastating impact of such catastrophes.

Disaster Business Continuity

There is a multiplicity of benefits in planning for Business Continuity and disaster planning within your organization. Not only will your data, hardware, software, etc., be better protected, but the people that compose your organization will be better safeguarded should a disaster occur. In addition, employees will be informed and rehearsed as to what actions to take to immediately start the recovery process and ensure business continuity if disaster strikes.

Without this type of preparation any unexpected event can severely disrupt the operation, continuity, and effectiveness of your business. Disabling events can come in all shapes and varieties. They can vary from the more common calamities like hard drive corruption, building fires or flooding to the rarer, yet more severe and often longer lasting disruptions that can occur on a city-wide or even national basis; events such as disruptions in transport (oil crises, metro shut-downs, transport worker, strikes, etc.), infrastructure weakening from terrorist attacks, or even severe loss of staff due to illness like a pandemic flu. All of these strikes a blow at an organization's struggle for business continuity.

For smaller companies the impact of  even lesser disasters can hit much harder. For example, unexpected non-availability of key workers alone could be catastrophic, potentially causing as much disruption to business continuity as technological hardship, especially if it occurs during the height of the company's busy season. If only one person is trained to do particular and/or essential tasks, their unexpected absence can severely disrupt productivity.

 - more info


Cloud services impact disaster planning

The typical cloud computing contract can look downright simple to an experienced IT outsourcing customer accustomed to inking pacts hundreds of pages long that outline service levels and penalties, pricing and benchmarks, processes and procedures, security and business continuity requirements, and clauses delineating the rights and responsibilities of the IT services supplier and customer.

And that simplicity, say IT outsourcing experts, is the problem with cloud computing. Failure to understand the true meaning of the cloud and to address the serious legal and contractual issues associated with cloud computing can be catastrophic. The data security issues and business continuity issues are particularly challenging, and failure to address them in the contract can expose a customer to serious business interruption and violation of mandated security requirements.

If a cloud services contract (whether it's for software, infrastructure, or platform-as a service) seems less complex, that's because it's designed to offer products and services "as is"--without any vendor representations or warranties, responsibility for adequate security or data protection, or liability for damages.

 - more info


Disaster Planning and Business Continuity Best Practices

Disaster recovery and business continuity best practices - The top 7 best practices

1.       Focus on operations

2.       Train everyone on how to execute the DRP and BCP

3.       Have a clear definition for declaring when a disaster or business interruption occurs that will set the DRP and BCP process into motion -

4.       Integrate DRP and BCP with change management

5.       Focus on addressing issues BEFORE they impact the enterprise

6.       Validate that all technology is properly installed and configured right from the start

7.       Monitor the processes and people to know what critical

 

.

 - more info


Which disasters should CIOs plan for?

Planning for a disaster is a difficult task at best. A major provider of disaster recovery   services, lists hardware problems as the number one cause of disaster, followed   by power outages, hurricanes and floods. CIOs often ask "What scenarios should we prepare for" and "How likely is it that it will happen to us" When one thinks of disasters, big events such as Hurricane Katrina or 9/11 are the first come to mind. But if we look at the ultimate consequence of a disaster - downtime - we can see that any event, large or small, can have the same effect on IT infrastructure

Certain areas of the United States have also had power supply problems in the recent past. Most notable is California with its infamous rolling blackouts. Parts of Texas also implemented rolling blackouts when there are abnormally high temperatures. Other regions of the country implement brownouts, where the voltage is reduced to customers during power emergencies. Brownouts can severely affect electronic equipment not protected with an UPS or voltage regulation device. A CIO whose data center was located in   the region of California affected by the power crises said: You have to restore   and operate your systems from an alternate location that has power. Obviously, that site is usually pretty far away and it is not practical to physically move systems. Moving an interconnected web of storage and servers to another set of   infrastructure is a huge challenge. These things just were not designed for that kind of mobility and that is exactly the problem that virtualization solves.

 - more info


What to do after you have created a Disaster Recovery Business Continuity Plan

Now that you have a disaster recovery plan in place, you still have work to do.

Disaster Types

Order Disaster PlanDisaster Plan Template

  • Test your disaster recovery plan at least quarterly. Simply having a plan in place is not enough. Develop and regularly (quarterly) test your plan so that the first time it is executed is not during an emergency. Remember to test under realistic conditions and make the plan robust enough to address extended recovery that may require utilization of new facilities, relocation of staff and involvement of outside personnel.
  • Review and reassign responsibilities at least monthly. Factor in changes to your organization caused by recent layoffs and restructurings. Assign new responsibilities to employees based on the current organizational structure and available resources. Test this updated plan to ensure all tools and protocols are in place to operate during a disaster, reaching out to all parts of the organization and employee family members as well as vendors, government agencies and emergency responders.
  • Update your notification system at least monthly. Critical during any potential interruption, notification should be an integral part of an organization’s disaster recovery plan. Make sure all contact numbers are up-to-date, allowing the organization to get in touch with key personnel in the event of an emergency. This will also help prioritize methods of communication and track which employees have received messages.
  • Know where staff will work if you lose your facility. Employees are the heart of an organization; however, many human resources aspects are frequently overlooked in disaster recovery planning. Businesses must identify alternate locations where employees can go in the event a primary work location is unavailable and address the physical safety and psychological well-being of employees. Assign backup roles for the inevitable times when key players are not available or missing, and time-sensitive actions need to be taken. Employ cross training to have alternative contacts ready to go.
  • If a Disaster is DECLARED EXECUTE your plan. If an organization has access to hot or cold back-up sites, a common mistake is to wait too long before declaring an emergency and relocating personnel. If an organization is located in an area for which a government evacuation order has been issued, it should declare and relocate immediately.
  • Document your technology infrastructure. Develop procedures for technical recovery scripts that will be deployed to help get your IT infrastructure up and running. Make the scripts comprehensive and easy to understand so people who are not familiar with them can easily follow along.
  • Update your vendor list at least monthly. Strictly enforce change management and control processes to help ensure vendor contacts are current so vital services will be quickly available when needed.
  • Review the use of contractors and outsourced facilities. In the event of a disaster, will your vendors be able to perform their roles in supporting your critical technical infrastructure and business processes? Consider looking at secondary providers as a precaution. Take time to evaluate whether support or maintenance contracts need to be extended or have levels of support modified.
  • Review and test readiness and completeness of offsite data storage. Paper records and backup tapes may be totally lost, destroyed or unavailable. Develop contingencies in the event delivery of offsite-stored data is delayed. Investigate using electronic media - through disk-to-disk backup - to help safeguard and provide backup information.
  • Have a current plan in place to re-build your critical servers. Should a disaster occur, re-building servers from the ground up consumes time and stretches internal IT resources. Consider working with a third-party provider that can simplify these processes by rebuilding your operating systems on its own servers - enabling a speedy and more cost-effective recovery.
 - more info


Disaster Recovery Plans Not Keeping Up With Business Requirements

Disaster planning is in trouble as many enterprises are not keeping up with changing requirements.

Many disaster recovery plans cannot keep up with the speed of doing business in today's world. A 24-hour recovery time from a disaster is enough to put many companies out of business.

Many business executives feel their disaster recovery strategy is woefully inadequate and that their disaster recovery plans are out-of-date and provide for minimal coverage. This coverage includes having their legacy applications run on their mainframe or proprietary systems. Very few disaster recovery plans go much deeper into the application suite.  In interviews with business executives Janco estimates their coverage to be about 10% of their critical applications. According to the some estimates, 75% of all critical applications operate 24/7. That is precisely why corporations are moving away from disaster recovery to replicated data and processing. However, this falls short as well. Instead, what is needed is an architectural approach to the problem.

The Janco Disaster Recovery - Business Continuity Template directly address these issues.

 - more info


Causes of Disasters

Disaster Causes

According to Janco Associates, the primary factor in the activiation of Disaster Recovery and Business Continuity Plans is computer hardware failure.

 - more info


Google person finder may be an options to include in disaster plans

Disaster plans need to include a way to contact individuals who are in the area after an event.

Google has a tool to help people locate friends and loved ones who have been affected by the 8.8.-magnitude earthquake in Chile.

Google Person Finder allows users to search for information about people by name or leave information about people in both English and Spanish. The page said it contained 22,900 records. However, the page cautions users that all data input would be viewable and usable by all and that the company plays no role in verifying the information. Google had set up a similar Person Finder tool after Haiti's recent earthquake.

 - more info


IT Systems Will Soon Start to Fail on a Regular Basis

There is a big crunch coming, and companies will start to experience ever greater IT failures unless they start buying new hardware.

When the recession started, IT spending fell off a cliff.  Hardware and software companies are hoping that IT spending will make a strong comeback because of the pent up demand and the fact that there is a lot of aging IT gear installed today.

Most companies have extended their maintenance contracts, but, at some point, that will not be enough as IT systems start failing.

Predicting IT failure is not a hard thing to do. When you deal with tens of thousands, and even hundreds of thousands of servers, data storage systems, network equipment, etc, it is a relatively simple statistical exercise.

The fact that IT systems are aging.  Maintenance contract prices increase every year that older equipment is kept working. At some point it becomes more expensive than upgrading. And upgrading brings additional benefits such as higher performance from the latest processors and subsystems.

Currently, a large part of an organization's IT budget is being spent on regulatory compliance issues, and on security, which is related to regulatory compliance. For the executives, being in compliance means not going to jail.

But if you can't run your business IT applications reliably then being compliant becomes a moot point. So, will spending on basic IT infrastructure come roaring back this quarter? Or will companies try to eek out another few months of performance out of their aging IT systems?

 - more info


Disaster Planning is Complex

An increasing number of professionals know that small-scale emergencies can be contained if staff members are prepared to react quickly. Damage can be limited even in the face of a large-scale disaster. For example, cultural institutions in Charleston, South Carolina, formed a consortium that focused on disaster preparedness several years before they were hit by a hurricane. Many of those institutions sustained only minor damage because they were able to put their early warning procedures into operation.

Disaster planning is complex; the written plan is the result of a wide range of preliminary activities. The entire process is most efficient if it is formally assigned to one person who acts as the disaster planner for the institution and is perhaps assisted by a planning team or committee. The enterprise's director may play this primary role or may delegate the responsibility, but it is important to remember that the process must be supported at the highest level of the organization if it is to be effective. The planner should establish a timetable for the project and should define the scope and goals of the plan, which will depend largely on the risks faced by the enterprise.

 - more info


Data protection in a state of flux

The state of IT Disaster Planning and data protection is in flux. Conventional models of backup and restore have become obsolete and are being replaced by newer dynamic paradigms that involve disk-to-disk, virtual server provisioning, sophisticated data deduplication, and appliance-based operations. 

Disaster Recovery Plan - Business Continuity Plan Template

ISO 27000 ( formerly ISO 17799 ) - Sarbanes-Oxley - HIPAA - PCI-DSS Compliant

OrderDownload Table of ContentsLessons Learned

Janco has identified four primary business drivers of data protection:

  • Provide Business Continuity and Disaster Recovery. This is the traditional concern of mitigating exposure to information loss. However it has grown more complicated as 24/7, global economy, and open source have become standard business issues. Of paramount importance is overcoming the hurdles associated with backup window requirements, application performance, reliability and consistency, and recovery time.
  • Streamline Process Management and Increase Productivity. As staff and resources become overburdened, companies are refocusing on process management. Easing critical pressure points is often the catalyst to surviving a difficult fiscal climate.
  • Contain Storage and Server Costs. Controlling cost of operations has become a top priority for many organizations. With data growing at exponential rates, these costs can easily mushroom.
  • Support IT Infrastructure Consolidation. Today's data protection architecture seems to be intrinsically broken - as characterized by slow backups, complex recoveries, compromised application performance, and difficult resource administration. IT infrastructure consolidation including server virtualization magnifies the problems and elevates the rearchitecture of storage and data protection as a priority. Finding high performing, easy-to-use, scalable data protection remains a key imperative. Further, system migration of production servers and critical applications to a virtual environment are likely to be costly and painful unless an easy and minimum-impact solution to migration is built into the rearchitecture.
 - more info


Data deduplication as part of your backup strategy

Traditional backup solutions create duplicate data in two ways:

  • Repeated full backups
  • Repeated incrementals of the same file when it changes multiple times.

A deduplication system identifies both situations and eliminates redundant files, reducing the amount of disk necessary to store your backups anywhere from 10:1 to 50:1 and beyond,
depending on the level of redundancy in your data. Deduplication systems also work their magic at the subfile level. To do so, they identify segments of data (a segment is typically smaller than a file but bigger than one byte) that are redundant with other segments and eliminate them. The most obvious use for this technology is to allow users to switch from disk staging strategies (where they’re storing only one night’s worth of backups) to disk backup strategies (where they’re storing all onsite backups on disk).

Record Management   Backup Policy

There are two main types of deduplication. Target dedupe systems allow customers to send traditional backups to a storage system that will then dedupe them; they are typically used in medium to large datacenters and perform at high speed. Source dedupe systems use different backup software to eliminate the redundant data from the very beginning of the process and serve to back up remote offices and mobile users.

 - more info


What is new in Disaster Recovery and Business Continuity Planning

Compliant Audit ProgramDisaster Recovery and Business Continuity planning (DRP / BCP) is not new - many organizations have employed some form of (DRP / BCP) for quite some time.
Companies have been replicating their mainframe, storage, and database systems for years. Before that, they moved paper documents to offsite locations.
So, what' s new with DRP / BCP?

As business technology proliferated over the past 10 to 15 years, DRP / BCP coverage expanded from back office systems to all types of additional business applications.

Order DRP BCPSample DRP BCP

New business applications and IT services help organizations react quickly to a dynamic marketplace and provide access to information -  wherever and whenever it's needed. Areas of concern include:

  • Companies are reducing the overall number of data centers, consolidating remote and branch office assets in the process.
  • E-mail, instant messaging, IP telephony, and collaboration applications have become integral parts of many companies’ business processes.
  • Given the volume of users accessing information, securing the environment is crucial. Allowing unauthorized users to access classified information or failing to protect data in flight could result in significant security breaches.
 - more info


Tape Versus Disk for Data Retention

Tape vs Disk Debate

Backup PolicyLong-term data retention includes weekly, monthly or other long-term backup, primary backup copy of data, off-line copy of static or fixed content data, archive and strategic data preservation. The emphasis is on low cost, long-term durability, compatibility, and energy efficiency for lengthy data retention. Tape is leveraged as a high performance bulk storage medium to off-load the disk cache, boosting the effectiveness and utilization of disk-based systems. From a green and economic efficiency standpoint, data staged off-line to tape consumes no energy while enabling exceptional performance during bulk restore operations. The combination results in both very green and economically efficient storage in addition to supporting business sustainability and enabling compliance.

A tape copy operation may be made locally and then physically transported to another location for safe off-site storage, or data may be replicated as part of the backup and data protection process to a remote VTL or tape library where a removable tape copy is made. Hybrid solutions also leverage diskto- disk locally with snapshots or other point-intime copies that are then replicated to another location or to a cloud-based storage managed service provider (MSP). Data and network bandwidth optimization techniques and technologies, including compression and deduplication among others, enable more data to be moved on available networks or to reduce networking requirements.

 - more info