Continuity Logic’s Frontline Live 5™ is the first leader in Gartner’s Magic Quadrant Business Continuity (BCMP) software category that has effectively converged continuity, risk and compliance in a one easy to use cloud-based solution.

Fall World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 28, Issue 3

Full Contents Now Available!

Jon Seals

Thursday, 05 February 2015 00:00

What’s ‘Good Enough’ Data Quality?

When you dig into data quality—and more of you are—you’ll hear a lot about “good enough” data quality. But what the heck does that mean? And how do you know if you’ve achieved it?

Data folks have long understood that data quality is a continuum. Data quality comes with an associated cost and, at some point, that cost is not worth paying to further “perfect” the data; hence, the concept of “good enough” data quality.

That may have made sense in a relational database world, but now … it’s complicated. The data isn’t just being used for reporting, but is also being leveraged in BI and analytics systems. Data has left IT and is being used to drive decisions across the organization. What’s more, data looks different—it’s now social data, sensor data, external data, Big Data.



Thursday, 05 February 2015 00:00

The Inevitable Decline of Shadow IT

Sometimes it seems as if the enterprise is so caught up in preparing for the future that it fails to notice what is happening in the present.

The cloud is a prime example, with most top data executives enamored by visions of limitless, federated infrastructure able to do anyone’s bidding at the touch of a few mouse clicks. In the meantime, however, few are overly concerned by the unorganized spread of data across external cloud platforms, the so-called shadow IT, despite the significant loss of control it represents.

According to CipherCloud, about 86 percent of enterprise applications are now tied to shadow IT, especially those involved in publishing, social networking and career-based functions. This should be of particular concern to the enterprise considering the increasing sophistication of mobile malware and the ongoing spate of massive data breaches. However, many organizations are not even aware of the scope of the problem: One major enterprise in the survey claimed to have only 15 file-sharing apps in use when in reality it was nearly 70.



Thursday, 05 February 2015 00:00

12-Step Program for Emergency Managers

There are 12-step programs for many personal issues, so I figured there should be a 12-Step Program for Emergency Managers. I’ve written about our addiction to Department of Homeland Security grants that are administered by FEMA. Therefore it is only natural that we look for ways to escape our addiction and gain control over our individual programs. Getting out of addictive behavior can be difficult. 

Generally the concept of 12-step programs is to acknowledge a higher power and give everything over to its control. The only “higher power” that emergency managers have is FEMA, so we are in a bit of a Catch-22 in that we are trying to escape its grant clutches while at the same time giving our lives over to its control. We should at least try this 12-step program that I’ve adapted from Alcoholics Anonymous.



Thursday, 05 February 2015 00:00

Building the Agile Database

Is fast development the enemy of good development? Not necessarily. Agile development requires that databases are designed and built quickly enough to meet fast-based delivery schedules - but in a way that also delivers maximum business value and reuse. How can these requirements both be satisfied? This book, suitable for practitioners at all levels, will explain how to design and build enterprise-quality high-value databases within the constraints of an agile project.

Starting with an overview of the business case for good data management practices, the book defines the various stakeholder groups involved in the software development process, explains the economics of software development (including "time to market" vs. "time to money"), and describes an approach to agile database development based on the five PRISM principles.



Anthem Health has disclosed that it has suffered a major data breach. This special alert is being sent to apprise you of what has occurred based on statements made by Anthem. It is important to understand that this breach is far more serious than the Target or Home Depot breaches. Those breaches affected credit and debit cards and did not put your identity at risk.  This breach contains information that can allow full and easy theft of your identity.

Please feel free to share this information with your colleagues and friends. 

The Incident: Anthem has disclosed that its systems were breached from the outside by unknown attackers.  It is being reported  that as many as 80 million past and present clients may have been affected.

Who is at risk:  Anyone who has been or is currently covered by a policy from any Anthem operating company.  This includes Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, Empire Blue Cross and Blue Shield, Amerigroup, Caremore, Unicare, Healthlink, DeCare, and possibly others yet to be reported.

What Information was stolen: Information stolen includes names, birthdays, medical IDs, Social Security numbers, street addresses, e-mail addresses and employment information including income data.  In the Hacker world a complete data set like this is referred to as a Fulz.  A Fulz data set contains everything necessary to assume another person’s identity and is extremely valuable due to the completeness of information.  

Children are at the highest risk: The data taken includes birth dates which will allow criminals to determine the age of the person. Children are at the highest risk of having their identity stolen because they do not check their credit history.  Think of it this way; if a criminal assumes the identity of an 8 year old child and changes the mailing address, s/he can easily assume the child’s identity for at least10 years with perhaps no one becoming any wiser until after that child reaches 18 and begins to apply for a loan or credit card. . At that point the damage is done and it could take years to straighten this situation out.

Some tips if you are insured by an Anthem company:

  • Start monitoring your credit now.  This breach took place weeks or months ago and the data may already be on the street.
  • If you receive an email from Anthem or one of its companies, be very careful before you click on any links.  Chances are it may be a fake and you will only make matters worse by clicking on the link.  You may be redirected to an official looking page that is actually phony and asks you to log in at which point the criminals can steal your login credentials or worse, they may infect your machine with a virus or malware that steals your data or locks it up (encrypts it) until you pay a ransom.
  • Consider setting a fraud alert for new credit applications or freezing your credit report now.  Also known as a security freeze, a credit freeze lets you restrict access to your credit report, which in turn makes it more difficult for identity thieves to open new accounts in your name. Creditors look at your credit report before they approve a new account. If they can’t see your file, they will most likely not open the account or extend the credit.  The Federal Trade Commission has full information on freezing your credit report at this link: http://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs
  • Don’t forget to protect your children.  They are most likely at the highest risk for identity theft and fraud.  Consider also applying the same precautions to their files.
  • Share this information. The more people that protect their credit early on, the less valuable the stolen data becomes to the criminals.

JANUS Associates has been assisting clients with their cyber-security needs for over twenty-six years. JANUS currently works with federal, state and local governments, educational institutions, and the business community to better secure their computing environment, prepare for disasters, and undertake forensics data recovery.  We invite you to contact us to discuss any IT security concerns or initiatives you may have.

Please see our website at http://www.janusassociates.com

For more information about our services please contact info@janusassociates.com or call 203-251-0200.

ENERGY STAR® qualified rackmount UPS enables fast deployment with the Liebert Power Assurance Package


COLUMBUS, OhioEmerson Network Power, a business of Emerson (NYSE: EMR) and a global leader in maximizing availability, capacity and efficiency of critical infrastructure, today introduced the Liebert® GXT4 UPS system for businesses that need critical power protection at the edge of IT infrastructures and remote locations. This true on-line, double conversion Liebert UPS is available for immediate shipment in 500VA to 3000VA at 120V; 3kVA to 10kVA ratings at 208V; and 700VA to 10kVA models at 230V. The Liebert GXT4 is available in the United States and Canada and in most regions of Asia Pacific – check locally for details.


The Liebert GXT4 UPS provides maximum resiliency and efficient power protection that allows IT managers to respond quickly and easily to changing and growing demands of critical computing performed outside of the core data center. The flexible configurations and design of the Liebert UPS enable faster and easier installation and deployment. Additionally, a high power factor provides more usable capacity, and the selectable Eco-Mode operation helps to maximize efficiency and improve PUE.


“As financial, retail and other organizations move more sensitive compute and storage capacity to smaller IT centers, network closets and remote locations, it’s important that they have the mission-critical protection needed to support these distributed locations,” said Tracy Collins, vice president IT solutions, Emerson Network Power in North America. “The Liebert GXT4 UPS, when combined with the oversight and management offered by our remote monitoring software and the lifecycle support provided by our Liebert Power Assurance Package, provides an unbeatable level of critical and efficient power protection for growing demands on the edge.”


Liebert GXT4 UPS is convertible for rackmount or tower configurations and includes multiple battery options, with certain models (5kVA to 10kVA) now containing factory-installed batteries. New software allows the predefined system configuration file to be quickly replicated across multiple models of the same size, making it easier to deploy more than one unit. The 500VA to 3kVA models of the Liebert UPS include two pairs of individually configurable power outlets that are controllable and programmable for various settings, such as load shedding or protecting against unauthorized use. Internal ambient temperature sensors also are now standard on all models of the Liebert UPS.


The ENERGY STAR® qualified Liebert GXT4 UPS may be purchased as part of the Liebert Power Assurance Package, which provides convenient and cost-effective support for power delivery to small, remote IT sites. More than an extended warranty, the package offers lifecycle support for the Liebert UPS, including a five-year protection plan with full parts coverage, installation and startup, 24/7 on-site repair or replacement service with a guaranteed four-hour response, and removal and disposal of existing equipment, including batteries.


Remote management and monitoring capabilities are provided through out-of-the-box compatibility with the Emerson Network Power Trellis platform data center infrastructure management system, and with the Liebert Nform and Liebert SiteScan monitoring and reporting systems.


For more information on the Liebert GXT4 UPS or other technologies and services from Emerson Network Power, visit www.EmersonNetworkPower.com.

One of the UK’s few VISA-approved Managed Services Hosting Provider removes guidance grey areas with ‘ready to roll’ PCI cloud environments


Sandwich, Kent – Ultra Secure Cloud service provider, The Bunker has today launched its new PCI Cloud solution. Available as a multi-tenancy or single environment, The Bunker’s PCI Cloud solution has been designed to meet all 12 PCI DSS requirements, making it one of just four UK Managed Services Hosting Providers on the VISA Merchant Agent List capable of delivering full compliance with the new PCI DSS standards v3.0.


Having come into force on January 1 2015, the new PCI DSS standards v3.0 put the responsibility of compliance for all 12 key areas of PCI DSS on the business itself – regardless of whether it is working with a third-party specialist. Many Service Providers currently only have ‘Hosting Provider’ VISA status, which makes them compliant with as little as two of the 12 requirements and leaves the customer to manage the rest. This makes the enterprise more liable to regulatory fines.


“Businesses need to ascertain whether the MSP really understands that their own requirements are in sync with PCI DSS requirements and whether they have the expertise to manage and maintain environments,” warns Peregrine Newton, CEO of The Bunker. “Under the new standards, if an outsourced compliance partner does not offer all 12 of the PCI requirements, the business will be answering direct to auditors and liable to regulatory fines, which can have a grave impact on the bottom line.”


To mitigate this risk, The Bunker has wrapped its Ultra Secure Colocation and Hosting Cloud Services around IBM and Egenera software technologies to ensure customers receive a fully compliant solution and not just a PCI DSS aligned environment. Working with a VISA-approved ‘Managed Services Hosting Provider’ not only addresses all 12 PCI requirements but, by achieving compliancy, acts as a source of business advantage by introducing efficiency and streamlining many operational IT processes.


“PCI DSS is a now a business issue rather than an IT problem, with decisions around compliance being escalated from IT directly to the boardroom,” continues Newton. “With a plethora of service providers now marketing themselves as ‘fully compliant’, it puts businesses at a greater risk under the new standards because the buck stops with them should they fail to apply due diligence where MSPs are concerned. A Hosting Partner is a world away from a Managed Services Hosting Provider and not investigating the difference between the two could land businesses in hot water when it comes to PCI 3.0.”


In the past we have often heard that people got involved with business continuity through another career, perhaps drifitng in to it from facilities management or IT security. Now we are finding that more and more people are starting off in a business continuity role; the industry has developed into a career opportunity in its own right and people are joining it straight from school, college or university. In order to develop the industry further and take it forward, we need to inspire and encourage the right people to become business continuity professionals, and where better to do this than in schools.

To meet this aim, the Business Continuity Institute has formed a new partnership with Inspiring the Future, a free service where volunteers pledge one hour a year to go into state schools and colleges and talk about their job, career, and the education route they took. Already to date, over 7,500 teachers from 4,400 schools and colleges and over 18,500 volunteers have signed up.

Everyone from Apprentices to CEOs can volunteer for Inspiring the Future. Recent graduates, school leavers, apprentices, and people in the early stages of their career can be inspirational to teenagers - being close in age they are easy to relate to; while senior staff have a wealth of knowledge and experience to share. Your insights will help to inspire and equip students for the next steps they need to take.

Inspiring the Future is currently running a campaign called Inspiring Women with the aim to get 15,000 inspirational women from Apprentices to CEOs signed up to Inspiring the Future, to go into state schools and colleges to talk to girls about the range of jobs available, and break down any barriers or stereotypes.  For further information click here

Why volunteer in a local school or college?

  • Going into state schools and colleges can help dispel myths about jobs and professions, and importantly, ensure that young people have a realistic view of the world of work and the routes into it.
  • Getting young people interested in your job, profession or sector can help develop the talent pool and ensure a skilled workforce in the future.

To sign up to Inspiring the Future as a BCI member, simply click here and follow the steps. In the ‘My Personal Details’ section, under the heading ‘My memberships of Professional Association …’ please write Business Continuity Institute and it will appear for you to select.

By signing up, you make it easy for local schools and colleges to get in touch to see if you can help them help their pupils make better decisions about the future.  You might be asked if you could take part in a careers’ fair, in career networking (speed dating about jobs) or do a lunchtime talk to sixth formers about your job and how you got it. 

Volunteering for Inspiring the Future is free, easy, effective and fun. Volunteers and education providers are connected securely online, and volunteering can take place near home or work as employees specify the geographic locations that suit them. Criminal Records Bureau checks are not needed for career insights talks, as a teacher is always present.

Inspiring the Future is a UK initiative but if you know of a similar scheme in another country then get in touch and let us know. Our aim is to inspire people to become business continuity professionals all across the world.




By Leon Adato

In the corporate environment, end users and, more worryingly, the occasional IT pro, are the first to point the finger of blame at the network when an application is sluggish, data transfer is too slow or a crucial Voice over IP (VoIP) call drops, all of which can have a wider impact on the bottom line.

Issues arise when the IT department looks to blame the network as a whole, rather than work to identify problems that are caused by an individual application running on the network. Poor design, large content and memory leaks can all cause an application to fail, yet IT departments can be slow to realise this.

Many companies are reliant on applications to drive business-critical processes. At the same time, applications are becoming increasingly complex and difficult to support, which puts additional pressure on the network. So, the question remains, when there’s an issue with application performance, is it the network or is it the application? How do you short-circuit the ‘blame game’ and determine the root-cause of an issue so it can be solved quickly and efficiently?



Enterprises are scrambling to come up with ways to scale their infrastructure to meet the demands of Big Data and other high-volume initiatives. Many are turning to the cloud for support, which ultimately puts cloud providers under the gun to enable the hyperscale infrastructure that will be needed by multiple Big Data clients.

Increasingly, organizations are turning to in-memory solutions as a means to provide both the scale and flexibility of emerging database platforms like Hadoop. Heavy data loads have already seen a significant performance boost with the introduction of Flash in the storage farm and in the server itself, and the ability to harness non-volatile RAM and other forms of memory into scalable fabrics is quickly moving off the drawing board, according to Evaluator Group’s John Webster. In essence, the same cost/benefit ratio that solid state is bringing to the storage farm is working its way into the broader data infrastructure. And with platforms like SAP HANA hitting the channel, it is becoming quite a simple matter to host entire databases within memory in order to gain real-time performance and other benefits while still maintaining persistent states within traditional storage.