Spring World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 27, Issue 3

Full Contents Now Available!

Jon Seals

By Luke Bird

I was recently watching the Sochi Winter Olympic Games and hasn’t it been amazing? The speed and adrenaline of the race and jump events are enough to raise the blood pressure of the calmest person! These finely tuned athletes from around the world dedicate years of their life training day after day as they try to maximise their performance and it got me thinking...

Everybody knows the age-old saying “practice makes perfect”. The idea being that you can become progressively better at something the more times you do it. This certainly is the case with business continuity. If we anticipate an issue or problem before it occurs and we practice how to fix it in advance of it happening then we can reduce the overall impact or even prevent it happening in the first place: but in my experience I’d have to say it’s not as simple as that.

How do you practice responding to an incident that can be caused by any number of different reasons, at any time, and may also result in different impacts occurring depending on its magnitude? The truth is we couldn’t possibly prepare and practice our response for every conceivable business disruption even if we trained until the next Olympics! We have to be generally prepared for everything!

...

http://www.continuitycentral.com/feature1153.html

Too many organizations are unwilling to face the facts when it comes to their information security risks and protective status. To move forward, an honest assessment is required…

By Dr. Jim Kennedy

Industry and government continue to spend tremendous amounts of money on information security process, technology and people. Despite this expenditure the breaches continue to happen and the costs of these breaches continue to grow as well.

A prudent person would ask why. Then we see blogs entitled: ‘CFOs don’t want to get it when it comes to risk and security’ or magazine articles entitled: ‘Senior managers cause far more security headaches than workers they out rank’; and some of the answers becomes clear. Senior management and board level people simply do not perform their fiduciary responsibilities well or at all in this area. C levels are too high up in the food chain to be bothered with the day-to-day tribulations of information security.

...

http://www.continuitycentral.com/feature1151.html

A new report published by the Business Continuity Institute (BCI), in association with BSI, has revealed that ICT-related threats are continuing to provide the greatest concern for organizations.The annual BCI Horizon Scan shows that three quarters (77 percent) of business continuity managers fear the possibility of an unplanned IT and telecoms outage and 73 percent worry about the possibility of a cyber-attack or data breach.

The report also identifies long-term trends, with 73 percent seeing the use of the Internet for malicious attacks as a major threat that needs to be closely monitored, with 63 percent feeling the same way about the influence of social media.

This year’s top ten threats to business continuity are:

1. Unplanned IT and telecom outages
2. Cyber attack
3. Data breach
4. Adverse weather
5. Interruption to utility supply
6. Fire
7. Security incident
8. Health & Safety incident
9. Act of terrorism
10. New laws or regulations.

The Horizon Scan found that only 18 percent of organizations are increasing their level of investment in business continuity programmes while 11 percent are actively reducing theirs. In addition only 22 percent of organizations conducted no trend analysis as part of their business continuity process so are potentially failing to assess emerging threats altogether.

Other findings:

  • Supply chain disruption, last year within the top ten concerns, moved down the list to 16th place.
  • Adverse weather moved up the list of threats with 57 percent of respondents expressing concern or extreme concern. This was before the storms that have swept the UK and those on the eastern seaboard of the United States and Canada.
  • Geography and industry play an important role in determining threat levels with respondents from Japan and New Zealand showing greater levels of concern for earthquakes, while those in the manufacturing industry rate supply chain disruption and product quality control as greater threats.
  • Of the 71 percent of respondents who stated that they did conduct a trend analysis, a fifth of them claimed they had no access to the final output.
  • Less than half of the respondents (44 percent) use the international standard ISO22301 as the framework for their business continuity management programme.

A copy of the report can be downloaded from the BCI website after free registration.

To coincide with US National Severe Weather Preparedness Week (March 2-8, 2014) the Diesel Technology Forum has published a checklist which will help ensure that your power supply contingency plans work as planned:

  • Assess the risk: Identifying your facility's critical loads is an important first step. Assign a cost to the risks associated with utility power interruptions, production losses and downtime. Make considerations if natural gas pipeline service is disrupted in your community.
  • Install a standby generator: Frequent outages of a few seconds, a few minutes or more can often disrupt production lines and have significant cost implications to businesses. While other generator drivers take up to two minutes to engage, diesel-powered generators are uniquely qualified to provide power quickly during a power outage and offers the most cost-effective source of reliable backup power available.
  • Have sufficient fuel storage: Diesel fuel's energy density and the engine's high efficiency allow for smaller fuel storage facilities compared to other fuels, which provides a cost savings to owners. Still, it is important to make sure that you have sufficient fuel storage capacity on-site for an extended outage of several days.
  • Maintain your equipment: As required by electrical and safety codes, standby generators should be exercised periodically to ensure they will operate as designed in the event of an emergency.
  • Contract rental power: If installing your own standby generation is not feasible for your business, you might consider contracting with a firm to reserve rental generator power for use in the event of an extended outage.
  • Recheck your system and set up: One of the great lessons of Superstorm Sandy was that even the best generators won't work underwater when subjected to extreme flooding. Is your unit properly located? Is your fuel source also located in a protected area? Also, check the connections and assure you have the proper gauge extension cord for the electrical load and distance.
  • Never operate a generator in an enclosed area! Generators need to be used safely in an outdoor setting. Carbon monoxide fumes from generators can build up in enclosed areas and poison people. Never use generators or other gasoline or charcoal-burning devices in an enclosed area or outside near an open window.
  • Check your load: Have you added any new demands or critical circuits to protect? If you've added new computers or other power-hungry devices, consider updating switchgear.
  • Renew your commitment to maintenance: Make sure you are current on all oil and filter changes, service contracts etc. You want your generator to start when you need it.
  • Exercise is important: All manufacturers suggest you run the units periodically before you need them in an emergency. Many stationary units have automated weekly run cycles.
  • Plan your refuel strategy: You don't want to have a generator without fuel to operate it. Consider fuel contracts for your generator.
  • Follow the rules: If you're a business operating a stationary unit, make sure you have the proper permits and records on operations.

www.dieselforum.org

CHICAGO – Do you know your tornado and severe weather risks and what to do if bad weather threatens your community? FEMA wants to make sure you’re not relying on severe weather myths when it comes to keeping your family safe.

"Severe weather can strike unexpectedly, but there are steps you can take to prepare for it,” said Andrew Velasquez III, regional administrator, FEMA Region V. "Learn your risk and what to do now so you're ready to act in dangerous weather conditions."

Myth 1: Urban areas and communities near lakes, rivers, and mountains are safe from tornadoes.

Fact & Act: No place is safe from tornadoes. Ensure you know the warning system in your community and where to go in the event of a tornado. Contact your local emergency management office to learn the warning system in your area. Outdoor warning sirens are intended to alert individuals who are already outside, so it is important to have a weather radio so you’ll be aware of dangerous weather no matter where you are.

Myth 2:Tornadoes aren’t a risk during the winter months.

Fact & Act: Although the likelihood is lowerduring colder months, tornadoes are a risk any time of year. Most recently, an outbreak of destructive tornadoes hit southern Illinois on February 29, 2012; two days later, a second string caused widespread damage in southern Indiana. It’s important to have a family preparedness plan year-round to ensure you’re always ready for severe weather.

Myth 3:Windows should be opened before a tornado approaches to equalize pressure and minimize damage.

Fact & Act: Opening windows doesn’t reduce the risk of home damage from a tornado or severe weather. Instead, close windows tokeep high winds out and minimize damage from flying debris.

Myth 4: If a tornado hits while you’re driving, seek shelter under highway overpasses.

Fact & Act: Do not seek shelter under highway overpasses or under bridges – these areas can actually become dangerous wind tunnels that collect flying debris. If possible, you should drive away from the tornado or seek shelter in a nearby structure. If a shelter isn’t available,and driving away is not an option, stay in the car with the seat belt on, placing your head below the window and covering it with your hands. If you can safely get lower than the roadway, exit your car, lie in that area and coveryour head with your hands.

Myth 5: Staying in a mobile home is safer than going outside.

Fact & Act: Evacuate immediately! Mobile homes are vulnerable to overturning and destruction from strong winds and tornadoes. If possible, leave and go to a community shelter. If no shelter is available, a ditch, culvert, or other low lying area may offer better protection, but be wary that debris tends to collect in these areas and flash flooding may be possible as well. Have a plan of action prepared before a storm hits.

You can always find valuable tips to help you prepare for severe weather at www.ready.gov/severe-weather and or download the free FEMA app, available for your Android, Apple or Blackberry device. Visit the site or download the app today so you have the information you need to prepare for severe weather.

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. Follow FEMA online at twitter.com/femaregion5, www.facebook.com/fema, and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at twitter.com/craigatfema. The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

CHICAGO – Do you know your tornado and severe weather risks and what to do if bad weather threatens your community? FEMA wants to make sure you’re not relying on severe weather myths when it comes to keeping your family safe.

"Severe weather can strike unexpectedly, but there are steps you can take to prepare for it,” said Andrew Velasquez III, regional administrator, FEMA Region V. "Learn your risk and what to do now so you're ready to act in dangerous weather conditions."

Myth 1: Urban areas and communities near lakes, rivers, and mountains are safe from tornadoes.

Fact & Act: No place is safe from tornadoes. Ensure you know the warning system in your community and where to go in the event of a tornado. Contact your local emergency management office to learn the warning system in your area. Outdoor warning sirens are intended to alert individuals who are already outside, so it is important to have a weather radio so you’ll be aware of dangerous weather no matter where you are.

Myth 2:Tornadoes aren’t a risk during the winter months.

Fact & Act: Although the likelihood is lowerduring colder months, tornadoes are a risk any time of year. Most recently, an outbreak of destructive tornadoes hit southern Illinois on February 29, 2012; two days later, a second string caused widespread damage in southern Indiana. It’s important to have a family preparedness plan year-round to ensure you’re always ready for severe weather.

Myth 3:Windows should be opened before a tornado approaches to equalize pressure and minimize damage.

Fact & Act: Opening windows doesn’t reduce the risk of home damage from a tornado or severe weather. Instead, close windows tokeep high winds out and minimize damage from flying debris.

Myth 4: If a tornado hits while you’re driving, seek shelter under highway overpasses.

Fact & Act: Do not seek shelter under highway overpasses or under bridges – these areas can actually become dangerous wind tunnels that collect flying debris. If possible, you should drive away from the tornado or seek shelter in a nearby structure. If a shelter isn’t available,and driving away is not an option, stay in the car with the seat belt on, placing your head below the window and covering it with your hands. If you can safely get lower than the roadway, exit your car, lie in that area and coveryour head with your hands.

Myth 5: Staying in a mobile home is safer than going outside.

Fact & Act: Evacuate immediately! Mobile homes are vulnerable to overturning and destruction from strong winds and tornadoes. If possible, leave and go to a community shelter. If no shelter is available, a ditch, culvert, or other low lying area may offer better protection, but be wary that debris tends to collect in these areas and flash flooding may be possible as well. Have a plan of action prepared before a storm hits.

You can always find valuable tips to help you prepare for severe weather at www.ready.gov/severe-weather and or download the free FEMA app, available for your Android, Apple or Blackberry device. Visit the site or download the app today so you have the information you need to prepare for severe weather.

FEMA's mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. Follow FEMA online at twitter.com/femaregion5, www.facebook.com/fema, and www.youtube.com/fema.  Also, follow Administrator Craig Fugate's activities at twitter.com/craigatfema. The social media links provided are for reference only. FEMA does not endorse any non-government websites, companies or applications.

A new study from the Disaster Recovery Preparedness (DRP) Council has nothing but doom and gloom when it comes to the state of disaster recovery.

The study size was small, only 1,000 organizations from both large and small enterprise, but the data is sure to hit close to home – especially where virtualized environments are concerned. The harsh reality is that for most firms, disaster recovery plans are something to have and show, but practice is another matter entirely.

According to the DRP, an independent research organization that focuses on disaster recovery management, research, and benchmarking, 73 percent of the respondents are failing to take adequate steps to protect their assets. As such, the lack of prep when it comes to disaster recovery has led to more than $5 million worth of critical application failures, data center outages, and data loss.

- See more at: http://blogs.csoonline.com/disaster-recovery/3037/when-it-comes-disaster-recovery-its-nothing-failure#sthash.Fs12Xg4f.dpuf

A new study from the Disaster Recovery Preparedness (DRP) Council has nothing but doom and gloom when it comes to the state of disaster recovery.

The study size was small, only 1,000 organizations from both large and small enterprise, but the data is sure to hit close to home – especially where virtualized environments are concerned. The harsh reality is that for most firms, disaster recovery plans are something to have and show, but practice is another matter entirely.

According to the DRP, an independent research organization that focuses on disaster recovery management, research, and benchmarking, 73 percent of the respondents are failing to take adequate steps to protect their assets. As such, the lack of prep when it comes to disaster recovery has led to more than $5 million worth of critical application failures, data center outages, and data loss.

- See more at: http://blogs.csoonline.com/disaster-recovery/3037/when-it-comes-disaster-recovery-its-nothing-failure#sthash.Fs12Xg4f.dpuf

SAN FRANCISCO — Metadata has had a bad rap lately, with disclosures tying its collection to government spying programs. But those bits of information lurking behind our phone calls, photos and online chats can be useful in other ways if they're harnessed properly.

Metadata that reveals when and where photos and videos were taken can help establish trust in eyewitness footage documenting events as they unfold. Without it, establishing what's real and what's not can be hard, if not impossible.

How do news organizations determine which bystander's footage is legitimate before they show it on the nightly news? How do attorneys find the most reliable footage of an assault to build a case?

...

http://www.cio.com/article/749280/Tracking_with_metadata_It_39_s_not_all_bad

CIO — Operational intelligence specialist Splunk and visual analytics specialist Tableau Software announced a strategic alliance today that focuses on unlocking machine data for business users.

The joint technology investment is designed to leverage Splunk's recently released open database connectivity (ODBC) driver to make Splunk Enterprise available as a native data source in the latest version of Tableau's software.

"This integration is exciting for several reasons," says Ted Wasserman, product management at Tableau. "First, Splunk is one of those technologies that has truly disrupted the operational intelligence space and has provided IT professionals with incredible productivity gains and insights into their IT environments. Second, there is a wealth of potential value lying in the machine data that Splunk collects. This machine data could include server and application logs, as well as data from APIs and message queues, change events and sensor data from remote equipment. The integration now makes this new class of data available to business users in true Table drag-and-drop fashion."

...

http://www.cio.com/article/749218/Splunk_and_Tableau_Join_Forces_to_Give_Machine_Data_to_Business_Users

Computerworld — That someone had to take the fall for the massive breach at Target is neither surprising nor unexpected. The only question is whether more heads will roll in the aftermath of one the biggest data compromises in retail history.

Target on Wednesday announced that Beth Jacob, its CIO of more than five years, had resigned. The move comes less than two months after the retail giant disclosed it had suffered a data breach that exposed sensitive data on more than 40 million credit and debit cards.

Later, the company announced that emails, addresses and other information on another 70 million people might also have been exposed as the result of the intrusion, which occurred over the 2013 Thanksgiving weekend.

In a statement to the Associated Press, Target CEO Gregg Steinhafel said the company is searching for an interim CIO to help it through an information security overhaul that began after the breach.

...

http://www.cio.com/article/749279/CIO_Not_the_Only_One_to_Blame_for_Target_Breach

WASHINGTON, D.C— The U.S. Congress should mandate that banks, retailers and payment card processors adopt new security standards to protect against widespread data breaches, some lawmakers said Wednesday.

In the wake of several high-profile retail data breaches, some members of the U.S. House of Representatives Financial Services Committee called for new cybersecurity mandates, with Representative David Scott, a Georgia Democrat, asking if Congress should require the U.S. financial industry to adopt new card security measures used in other countries.

The U.S. payments and financial system makes "things easy for fraudsters" by relying on magnetic-strip credit and debit cards instead of moving to EMV cards that contain integrated computer chips and require customers to enter PINs at the point of purchase, Scott said.

...

http://www.cio.com/article/749258/U.S._Lawmakers_Call_for_Data_Protection_Standards_to_Avoid_Breaches

Dot Hill AssuredSAN is Ideally Suited for High Performance Digital Asset Management With Disaster Recovery and Replication

LONGMONT, Colo. -- Dot Hill Systems Corp.(Nasdaq:HILL), a trusted supplier of innovative enterprise class storage systems, today announced that leading advertising firm Deutsch Inc. is leveraging Dot Hill AssuredSAN™ storage arrays as part of a digital asset management system with coast-to-coast data replication, supporting disaster recovery and business continuity while preserving network performance vital to ongoing creative work and administration.

Deutsch is renowned in the advertising industry for its award-winning and results-oriented campaigns for blue-chip clients such as: Johnson & Johnson, Volkswagen, Taco Bell, Microsoft, Netflix and PNC Bank. In 2014 Deutsch was named one of the world's top 10 most innovative companies in advertising by Fast Company and to the "A-List" of Stand Out Agencies by Advertising Age. With offices in Los Angeles and New York, Deutsch specializes in digital, design, media planning and buying, direct, search, PR, communications planning, eCRM, experiential and data analytics.

Today's advertising pros are akin to data scientists, compiling data to construct a sophisticated understanding of customer demographics and behavioral characteristics to anchor their creative efforts. As such, they need proven storage solutions to manage and preserve digital assets and data, particularly as the advertising epicenters of New York City and Los Angeles lay subject to manmade and natural disasters.

"When we attempted to use a competing storage solution, we experienced a tremendous performance hit when we tried to replicate our data from site to site that was completely unacceptable," said Tripp McCune, executive vice president and chief information officer, Deutsch Inc. "We are really impressed that the Dot Hill AssuredSAN solution is able to accommodate our data replication and deliver the performance and support needed at a price point that's very affordable."

By leveraging two AssuredSAN arrays, JBODs and Dot Hill's AssuredRemote™ replication software, Deutsch now has an affordable disaster recovery solution in place for bi-directional site-to-site replication, offering a total of 240 terabytes of storage. The AssuredSAN 3920 features both 8Gb Fibre Channel and 1Gb iSCSI in one hybrid array; this enables Deutsch to leverage the benefits of Fibre Channel for local data management and iSCSI for cost-effective, long-distance replication. Dot Hill AssuredSnap™ instantly takes volume snapshots, creating point-in-time backups that can be used to instantly restore data in the event of a system failure. Dot Hill AssuredCopy™ protects against disk failures. The solution was introduced to Deutsch by NAPC, a reseller that fully understands the complexities and workflow of creative environments.

Despite the challenge of low-bandwidth links, which are a common occurrence in SMB data centers, the AssuredSAN 3920's efficient block-level replication is providing Deutsch with the data protection and network performance it needs. The solution enables approximately 300 GB/day of block changes to be captured via snapshots and sent overnight, with only minimal performance degradation during the work day.

"We're really pleased to be working with Deutsch, one of the most respected and successful advertising agencies in the country,” said Jim Jonez, senior director of marketing, Dot Hill. "Data and creative assets are the lifeblood of the advertising industry and firms can ill afford to operate without the requisite data protection or compromise their day-to-day network performance. Our Assured SAN 3920, equipped with AssuredRemote remote replication software, provides the easiest array-to-array remote replication solution on the market today. Now Deutsch has disaster recovery protection and business continuity, yet won't be impeded in day-to-day operations focused on delivering the 'wow factor' to clients."

About Dot Hill

Leveraging its proprietary Assured family of storage solutions, Dot Hill solves many of today's most challenging storage problems - helping IT to improve performance, increase availability, simplify operations, and reduce costs. Dot Hill's solutions combine breakthrough software with the industry's most flexible and extensive hardware platform and automated management to deliver best-in-class solutions. Headquartered in Longmont, Colo., Dot Hill has offices and/or representatives in China, Germany, India, Japan, Singapore, the United Kingdom, and the United States.

For more information, visit us atwww.dothill.com.