Fall World 2014

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 27, Issue 3

Full Contents Now Available!

Jon Seals

Company's 97th Patent Describes Improvements to Snapshot Performance for Faster System Recovery

LONGMONT, Colo. – Dot Hill Systems Corp. (Nasdaq:HILL), a trusted supplier of innovative enterprise-class storage systems, today announced innovative technology described in its latest addition to its patent portfolio - a new innovation that improves snapshot performance in storage arrays.

Generated by Dot Hill's AssuredSnap™ snapshot software, which is part of the company's Data Management Services (DMS) suite, snapshots are versatile and extremely useful tools for backup and data recovery operations. By reducing the number of operations required to access snapshot metadata, the invention disclosed in Dot Hill's 97th US patent, numbered 8,751,467, improves storage controller performance when using data snapshots, which can result in faster system recovery.

Traditionally, when an application on a storage controller wants to access snapshot data from a storage system, the application first needs to retrieve the storage device's snapshot metadata. The status quo approach of accessing metadata is inefficient since it involves multiple steps of copying cache pages. Using Dot Hill's patented approach the application can use the cache page address to access the metadata. A second application is allowed to access the cache page and can also update the metadata in this approach. After the application finishes its update, cache pages are mirrored to the remote system and written back to the appropriate storage devices. This patented approach streamlines the data recovery process.

"Our customers run demanding applications that require high-performance storage with rock-solid reliability," said Ken Day, chief technology officer, Dot Hill. "Besides providing 99.999 percent data availability in all our AssuredSAN storage systems, we never stop innovating to set ourselves apart from the competition. Dot Hill's growing patent portfolio is a reflection of a world-class engineering team that develops highly differentiated storage solutions."

Dot Hill's patent portfolio builds on the extensive intellectual property behind Dot Hill AssuredSAN and AssuredSAN Pro solutions, which deliver rock-solid, wicked-fast solutions to customers and OEM partners. Dot Hill's continuous innovation benefits the company's key vertical market customers in the Media & Entertainment, Telecommunications, Oil & Gas, Big Data & Analytics and Digital Imaging sectors, that require high-performing storage to support demanding applications.

About Dot Hill

Leveraging its proprietary Assured family of storage solutions, Dot Hill solves many of today's most challenging storage problems - helping IT to improve performance, increase availability, simplify operations, and reduce costs. Dot Hill's solutions combine breakthrough software with the industry's most flexible and extensive hardware platform and automated management to deliver best-in-class solutions. Headquartered in Longmont, Colo., Dot Hill has offices and/or representatives in China, Germany, India, Japan, Singapore, the United Kingdom, and the United States.

For more information, visit us at www.dothill.com.

BCM 2000:  Essentials of BCM Series
Implementing ISO 22301, 22313,
22320, 22398, 27031, 31000, 19011 & 17022
Includes BCI's 2013 Good Practice Guidelines 
Looking for a course that is based on international standards?
 
Looking for templates and examples on how to develop a Business Continuity Management System that meets the requirements of the standards? 
 
Do you like to have fun (and maybe even laugh out loud!) when you learn?
Then BCM 2000: Essentials of Business Continuity Management is the course for you!  Download the Brochure 

Course Description 
BCM 2000: Essentials of Business Continuity Management provides you with knowledge to develop a standards-based, auditable, and actionable business continuity program for your organization.
This course is the critical starting point to developing a program that can be certified ISO 22301. It is comprised of 10 individual modules that can be taken as a series or in combination over time.

Essentials of Business Continuity Management provides the foundation necessary for new or current professionals interested in either developing a career in Business Continuity Management, seeking certification, or for those professionals responsible for developing a business continuity program for their organization.

It is designed to expose the participant to all aspects of a holistic BCM program and to be a solid "how to"guide for building a business continuity program for all types of organizations.


Student activities are included throughout the course and are designed as knowledge checks to reinforce lesson materials and to provide attendees with hands-on activities that will enable them to become familiar with and apply these principles in their jobs.

Delivery Structure
Essentials of BCM is offered as an elearning course that includes the following elements: Download the Brochure
  • Voice over ppts teaching online
  • pdf's of the course book
  • Templates of how to implement the requirements of the standards (sample policies, reports, etc.)
  • Multi-media that is relevant & fun!
  • BCI's 2013 Good Practice Guidelines 
  • Case study
  • Open for Business Toolkit
  • Course review activities to evaluate for comprehension
  • Practice exam questions (for DRII's Qualifying Exam)
  • Online essay for CEU credit  
  • Email access to a qualified expert for questions
  • Online ISO 22301 Lead Implementer Certification Exam included in course fee 
Certification Requirements
Successful completion of the BCM 2000 series with a passing grade on the online CORS in BCM exam completes the educational component for certification as a Certified Organizational Resilience Specialist (CORS) in BCM / ISO 22301 Lead Implementer.

null
Holders of the CORS certification are entitled to apply for statutory membership with the BCI at the AMBCI or MBCI level, subject to evidence of required experience.
With ISO 22301 as an international standard allowing companies to demonstrate their ability to cope with major threats; as well as provide a management systems approach to business continuity management, this course provides you with what you need todevelop a program that complies with these certification standards.

Register Here

And if you have questions, don't hesitate to call or send an email.
Sincerely,
Lynnda Nelson, President
The International Consortium for Organizational Resilience
Education@theicor.org
866.765.8321 US/Canada  +1630.705.0910 International Calls
BCM 2000: Essentials of Business Continuity Management Series
BCM 2011: Business Continuity Program Development
BCM 2021: The Business Impact Analysis
BCM 2022: The Risk Assessment
BCM 2023: Developing Strategies / Options to Protect the Organization
BCM 2031: Plan Design, Program Structure, & Required Documentation
BCM 2032: Incident Response, Management & Communication
BCM 2033: Business Continuity & Recovery Plans
BCM 2035: Writing the ICT Continuity / IT DR Plan
BCM 2041: Awareness, Training, Testing & Exercising
BCM 2042: Program Evaluation, Improvement & Audit
BCM 2011:  BCM Program Development 
In order to develop a Business Continuity Management System, it is important to understand the requirements of management systems, the core concepts of business continuity, and how to determine the scope of the program, develop policy, and the requirements for leadership and governance. BCM 2011 provides an overview of each of these topics as the foundation for developing and managing the BCMS.

BCM 2021:  The Business Impact Analysis
The BIA process is covered from beginning to end with a focus on the identification of the organization's key products and services and the critical activities and resources that support them.  Examples of BIA data gathering questions, methodology, analysis and reporting provided. 

BCM 2022: The Risk Assessment
Using the ISO 31000 standard on Risk Management as its basis, this course describes the process of conducting a risk assessment and analyzing the results to mitigate risks.  From risk identification, risk description, risk analysis, risk evaluation, risk communication, and risk reporting, this course covers the entire risk assessment process using an enterprise risk management approach.   A key requirement of the standards is the identification of the organization's risk appetite or acceptance and this course provides the methodology for this identification. In addition, BCM 2022 includes a review of different quantitative and qualitative methods for analyzing risk.

BCM 2023:  Developing Strategies / Options to Protect the Organization
This course introduces the student to the challenges of selecting the appropriate strategies / options
for the continuity and recovery of business processes, critical functions, operations and the supporting information technologies within the specified recovery time objective.  Building on the information gathered during the BIA and risk assessment, BCM 2023 explores how to evaluate the different strategies necessary for mitigating risk, continuing operations when possible, and recovering operations if interrupted. BCM 2023 reviews strategies for people, property, assets, technology and information, reputation, suppliers, and financial viability.

BCM 2031:  Plan Design, Program Structure & Required Documentation
In order to develop the actual plan documents the organization will need to decide on the approach, methodology and the plan document structure. BCM 2031 outlines the necessary roles and responsibilities of the members of the organization, the key elements that must be included in every plan type, and how to meet the requirements for managing documentation.

BCM 2032:  Incident Response, Management & Communications
Implementing procedures for responding to an incident of any kind, managing the incident, and ensuring successful communication with all interested parties before, during and after the incident is an essential requirement for all business continuity programs. BCM 2032 also ties to the requirements of ISO 22320 on Incident Management and PAS 200 on Crisis Management & Communications.  The objective of BCM 2032 is to develop and implement procedures for response to and stabilization of the situation following an incident or event, including establishing and managing an Emergency Operations Center and local command centers during the crisis.

BCM 2033:  Business Continuity & Recovery Plans
All of the procedures developed as part of strategy development need to be documented in the business continuity and recovery plan. BCM 2033 reviews the requirements for business continuity plans and how to document procedures according to ISO 22301.

BCM 2034:  ICT Continuity / IT DR Plans & Procedures 
The focus of the ICT Continuity and the IT Disaster Recovery Plan is on the IT infrastructure that supports the business operations and ensuring that the plan in place protects the key infrastructure of
the organization. ISO 27031 on ICT Continuity outlines the methodology for ensuring that the ICT infrastructure supports the BCM infrastructure to ensure that there are no unsupported critical processes and the RTOs can be met. BCM 2034 reviews the guidelines for ICT continuity under ISO 27031, ISO 27001, and NIST 800-34.

BCM 2041:  Awareness, Training, Testing & Exercising 
Building a BCMS culture is an essential component of ensuring a successful program. Determining competence of all parties involved in the business continuity management system and increasing competence through awareness, training, testing, and exercising is a key component of this process and is vital to the success of the BCMS. BCM 2041 also aligns to the guidance of ISO 22398 for developing exercise programs. 

BCM 2042: Program Evaluation, Improvement & Audit 
It is impossible to keep the BCM program current and actionable or to move to a management system without monitoring, measuring, analyzing, and evaluating the BCMS. BCM 2042 explores the requirements for internal audit and management review of the BCMS. Also included are the requirements for writing the audit report based on ISO 19011 and ISO 17022. 
If you would like to submit an article or presentation for a future ICORrespondence Newsletter submit it to Lynnda@theicor.org.
 
Sincerely,
 
Lynnda Nelson, President
The International Consortium for Organizational Resilience
Save 10%
Did you know that you can save 10% on all ICOR courses if you are a member of one of the following organizations?  Contact them to find out how or email info@theicor.org.
  • ICOR
  • ACP
  • AFCOM
  • ASIS
  • BRPA
  • BRPA SW
  • IAEM
  • IFMA
  • NEDRIX 
Become an ICOR Member Today!

Over a series of articles, Hilary Estall, Director of Perpetual Solutions, will be discussing subject areas aimed at those managing a business continuity management system (BCMS) and in particular, those systems certified to ISO 22301. With her pragmatic approach to management systems and auditing in particular, Hilary will offer an insight into areas not widely discussed but still important for the ongoing success of a BCMS.

In the second article of the series, Hilary Estall looks at what’s involved when a certified BCMS reaches its recertification point. What does this mean and what’s involved?

In this article I demystify the process of recertification; the procedure undertaken by certification bodies every third year in the cycle of management system certification. I identify how an organization should prepare and the process of recertification itself. Is it just another audit or is there more to it?

If your organization has a certified business continuity management system (BCMS) you will know that in order to retain it, your certification body will carry out periodical audits. You will also know that when you first achieved certification and were issued with your certificate, it had an expiry date on it, three years hence*. What are the implications of this expiry date and how should you prepare for ‘renewal’?

...

http://www.continuitycentral.com/feature1215.html

When it comes to data restoration, addressing deleted mailboxes or emails is the most common request of IT administrators, according to new survey data from Kroll Ontrack.

When asked how often they receive requests for data restoration, 61 percent of the nearly 200 Ontrack PowerControls customers surveyed across EMEA, North America and APAC report they receive up to five email related restoration requests a month, with an additional 11 percent claiming up to 10 times a month.

In Europe, the second most common data restoration need was disaster recovery (16 percent), followed by missing data (12 percent). In the US, the second most common data restoration need was collection of electronic data for ediscovery (21 percent), followed by consolidating data from older to new applications to eliminate legacy servers (15 percent).

Requests for data restoration came from all departments across an organization, with 24 percent stemming from the internal legal department, 22 percent coming from IT security and 15 percent originating from sales and marketing. Why do these people need their email and documents back? 45 percent of IT administrator respondents note that employees request their email and documents back because they were accidentally deleted. Internal investigations (17 percent) ranked as the second most common source of restoration requests.

http://www.krollontrack.co.uk/software/powercontrols

Historically, vendor solutions for disaster recovery have been created for on-site use for individual enterprises. The client company concerned was the sole owner of the user data involved, and disaster recovery could be implemented without having to worry about anybody else. The cloud computing model changes that situation. It’s possible to use cloud services to have your own dedicated servers and instances of applications, or to share physical space but still have your own application (as in multi-instance setups). However, multi-tenancy (perhaps the defining feature of cloud architectures) makes the application of disaster recovery solutions rather more delicate.

...

http://www.opscentre.com.au/blog/disaster-recovery-services-and-multi-tenancy-in-the-cloud/

We talk about Big Data and, now, Small Data as if it’s always clear with which you’re dealing. Big Data means volume, variety or velocity (or all three) and small data is structured and everything else.

Of course, the reality isn’t always so binary, according to a panel of medical and pharmaceutical experts at the recent MIT Chief Data Officer and Information Quality Symposium.

SearchCIO.com covered the event, and, in a recent article, shared a few lessons from the panel’s trial-and-error approach to dealing with data variety. Mark Schreiber’s experience is a perfect example.

...

http://www.itbusinessedge.com/blogs/integration/how-big-data-can-solve-small-data-problems.html

Codenomicon's discovery of OpenSSL's "Heartbleed" flaw this past spring highlighted the increasing importance of source code assurance and quality control as software grows in prominence in daily life. The Heartbleed memory leak opened the door for infiltrators to obtain passwords and security keys to decode encrypted data — a vulnerability that allegedly still threatens enterprise systems months after its discovery, according to a recent report

 
But Kevin Greene (pictured at left), a project manager in the cybersecurity division of the U. S. Department of Homeland Security's Science and Technology Directorate, claims that he has the answer to these kinds of problems. He manages a program called the Software Assurance Marketplace, aka SWAMP, an online platform that allows software developers to submit their code for vulnerability analysis free of charge.
 
According to Greene, SWAMP could have detected the Heartbleed flaw early in its development phase where other vulnerability tools apparently failed.
 
"None of the tools were able to detect the weakness that led to Heartbleed, so to me, using SWAMP, a software researcher can identify the type of anomalies that are in these tools and start working on the techniques that exist in the state of the art tools," Greene said.
...

(MCT) — Karen Windon still gets chills when she thinks back on Hurricane Charley.

"We were right in the cross-hairs for a long time as Charley barreled up the Gulf of Mexico," Windon recalled Tuesday.

Windon, now a deputy administrator for Manatee County, Fla., was the county's public safety director in 2004.

"For me, it was a mixture of tense moments, and swelling pride, knowing we had such a committed team at the emergency operations center at that time," Windon said.

Although Manatee County escaped much of Charley's fury, with a historic right turn that directed it northeast through Punta Gorda and Arcadia on Aug. 13, 2004, it proved to be a game changer.

It changed the local public perception of hurricanes from something to ride out to knowing there could be a dangerous killer on the loose. And Charley put emergency managers on notice that they needed to step up their games.

Manatee County officials got serious about building a stand-alone, hardened emergency operations center that could withstand such natural disaster as a hurricane. Officials moved ahead with plans for a new Public Safety Center that might otherwise have languished on a wish list for years.

...

http://www.emergencymgmt.com/disaster/Hurricane-Charley-Improvements-Emergency-Response.html

LONG BRANCH, N.J. – Power management company Eaton today announced that its Cooper Notification business has expanded its Wheelock Exceder LED Series to include ceiling models for horns, horn strobes, strobes, speakers and speaker strobes. The Wheelock Exceder Series is the industry’s first line of notification appliances to utilize high-efficiency light emitting diodes (LEDs) as the strobe light source to help reduce overall costs in fire alarm and emergency communication systems.

“The addition of new ceiling appliances completes our low candela line of Wheelock Exceder LED products,” said Huyenchau Villas, product manager, Eaton’s Cooper Notification business. “Our break-through optical design and energy-efficient LED technology leads the industry in low current draw, which equates to lower installation costs, reduction in materials and overall system savings for customers.”

Exceder LED ceiling appliances offer one of the industry’s smallest footprints in a sleek, modern design. For faster and easier installation, the series includes dual voltage (25/70 Voltage Root Mean Square), five field-selectable tap settings (1/8 to 2 watts) for speaker models and multiple audible settings for horn models, field-selectable candela (cd) settings (15, 30, 75, 95 cd), and convenient mounting options for both new and retrofit construction.

The Exceder LED speaker and speaker strobe models feature the widest frequency response range in the industry spanning 300 to 8,000 Hertz. Ideal for mass notification applications, the wider frequency response range allows the speaker to reproduce frequencies closer to the original sound, improving the clarity and comprehension of the intended message for intelligible communications. 

Eaton’s Cooper Notification business offers the Exceder LED ceiling speaker data files for the EASE Evac software design tool from AFMG technologies to help system designers meet intelligibility code requirements,. To import the files, visit www.coopernotification.com.   

To learn more about this solution or others from Eaton’s Cooper Notification business, visitwww.coopernotification.com.

Eaton’s Cooper Notification business is a leader in developing integrated, advanced technology and code-compliant solutions for life safety and mass notification, providing critical, emergency communications for higher education, industrial, commercial, government and military markets.

Eaton’s Electrical Sector is a global leader with expertise in power distribution and circuit protection; backup power protection; control and automation; lighting and security; structural solutions and wiring devices; solutions for harsh and hazardous environments; and engineering services. Eaton is positioned through its global solutions to answer today’s most critical electrical power management challenges.

Eaton is a power management company with 2013 sales of $22.0 billion. Eaton provides energy-efficient solutions that help our customers effectively manage electrical, hydraulic and mechanical power more efficiently, safely and sustainably. Eaton has approximately 103,000 employees and sells products to customers in more than 175 countries. For more information, visit www.eaton.com.

Partnership Enables Smaller Companies to Leverage Advanced BI Solutions Without Necessitating the Involvement of IT

NEW YORKInformation Builders, a leader in business intelligence (BI) and analytics, information integrity and integration solutions, today announced its partnership with Arrow Enterprise Computing Solutions, a global provider of business computing solutions. The company will distribute Information Builders’ WebFOCUS Express offering, a solution designed to deliver the advanced BI benefits enjoyed by large enterprises to smaller organisations.

Information Builders’ WebFOCUS Express offering helps business users transform data into knowledge without the need for IT. By putting the power in the hands of a broader user group, WebFOCUS Express allows smaller organisations – or specific departments within larger organisations – to obtain the far-reaching BI functionality traditionally limited to large enterprises or advanced analyst roles. The solution equips Arrow customers with the ability to integrate all information sources, improve business insight, facilitate faster responses, and enhance productivity.

“Robust BI and analytics solutions are tools that organisations of all types and sizes must actively use to achieve success in today’s business environment,” said Gerald Cohen, president and CEO of Information Builders. “All companies, regardless of size, should have access to the BI tools they need to understand and make positive use of the information generated by their organisations. Information Builders is thrilled to be partnering with Arrow to extend the power of BI to a greater pool of potential users and ensure that more companies have the tools needed to make informed decisions, improve business processes, and boost revenue.”

“The addition of Information Builders’ WebFOCUS to the Arrow portfolio is key to building out our Analytics Solution Practice,” said Mark Taylor, vice president of enterprise servers, systems, and software, Arrow ECS. “This product set will complement our current offerings with its proven performance, ease of use, and self-service abilities of WebFOCUS Express to organisations across the globe.”

Arrow will distribute two versions of WebFOCUS Express via its solution provider network, a software-only version for IBM Power Systems running Linux and an Intel version running both Linux and Windows. As part of the partnership, Arrow will also manufacture and distribute an IBM Power Systems Linux Appliance version of WebFOCUS Express in both North America and EMEA.

About Information Builders

Information Builders helps organisations transform data into business value. Our software solutions for business intelligence and analytics, integration, and data integrity empower people to make smarter decisions, strengthen customer relationships, and drive growth. Our dedication to customer success is unmatched in the industry. That’s why tens of thousands of leading organisations rely on Information Builders to be their trusted partner. Founded in 1975, Information Builders is headquartered in New York, NY, with offices around the world, and remains one of the largest independent, privately held companies in the industry. Visit us at informationbuilders.co.uk, follow us on Twitter at @infobldrsINTL, like us on Facebook, and visit our LinkedIn page.

About Arrow Electronics

Arrow Electronics (www.arrow.com) is a global provider of products, services, and solutions to industrial and commercial users of electronic components and enterprise computing solutions. Arrow serves as a supply channel partner for more than 100,000 original equipment manufacturers, contract manufacturers, and commercial customers through a global network of more than 460 locations in 58 countries.