• PROTECT AND ENHANCE THE VALUE OF YOUR ENTERPRISE

    FREE CUSTOMIZED DEMO

    The Continuity Logic customized demo provides an opportunity for qualifying organizations to evaluate Frontline Live 5™, with their plans, desired controls, policies, and procedures. This first-of-its-kind system for both business continuity and many other areas of Governance, Operational Risk and Compliance (GRC) is powerful, but often best viewed with some of your familiar plans, data and templates.

    LEARN MORE ABOUT FRONTLINE LIVE 5

Fall World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 28, Issue 3

Full Contents Now Available!

Jon Seals

Thursday, 09 April 2015 00:00

A SaaS Ecosystem Overview for MSPs

When Datto acquired Backupify last year, we did so because we knew the technology landscape was shifting for MSPs. Data on-premise isn’t going away, but it isn’t the only place data exists. As more data is moved to the cloud, and to SaaS apps in particular, we realized that to build a Total Data Protection platform we needed expertise in SaaS data protection.  

As a result of the acquisition, Datto now has more than 2 million Google Apps end users protected, and is scheduled to launch an Microsoft Office 365 backup at our partner conference in June. Building these products required us to get deeply embedded in both the Microsoft and Google ecosystems. We now know both companies well, know their key partners, and know the technical road maps of both organizations. So for those MSPs who may be considering whether to invest time in one of these products, here is our view from the trenches about the things you should consider.

...

http://mspmentor.net/blog/saas-ecosystem-overview-msps

group of people and PrepareAthon logo

Are you and your family prepared to face a disaster? What about your neighborhood?  Do you know your neighbors’ emergency plan or how you can help each other during an emergency? April kicks-off America’s PrepareAthon!—a nationwide campaign to increase emergency preparedness and community resilience.  Throughout the month local, state, and federal groups will take the pledge to help improve their preparedness.  All of these activities will lead up to PrepareAthon’s national day of action on April 30, 2015.

So what can you do?

You don’t have to be an expert in emergency preparedness, or the leader of a large community group to take part in America’s PrepareAthon! Learn more about what you can do in your neighborhood or community to become more personally prepared and help build your community’s resilience.

In your Neighborhood.

group of youth with medical supplies practicing first aid.

Youth volunteers performing an emergency response exercise.

If you haven’t taken the time to talk to your neighbors about emergency preparedness, or even just met them, take the PrepareAthon! pledge and make a plan to include your neighbors in your emergency planning. Often the first people on scene after a disaster are not first responders (EMS, police, firefighter, etc.), but rather the people who are closest to where the emergency took place. When a disaster occurs in your community you will most likely have to rely on those around you, especially if the scale of the disaster makes it hard for first responder to get to the scene.

Do not wait for a disaster to occur to meet your neighbors or learn about your community’s preparedness plans. Reach out to people in your  neighborhood and discuss their emergency plans. If you have any medical or physical needs, such as limited mobility or dependence on medication or medical devices, talk to your neighbors about the assistance you may need in a disaster. Likewise, find out about the unique needs of those who live around you. Reach out to elderly neighbors and offer your assistance from shoveling snow to checking on them during a heat wave. No matter what the disaster or emergency, forming relationships with those around you can help improve resilience after a disaster occurs.

In your Community.

Beyond your neighborhood, getting involved in community preparedness groups and emergency response exercises can help improve your own personal preparedness and also your community’s ability to respond to emergencies and natural disasters. Strong community resilience requires people to come together and participate in planning and training before a disaster occurs. A good place to start when looking to become more involved in your community’s preparedness is with groups focused on emergency preparedness, such as your local Community Emergency Response Team (CERT), Medical Reserve Corps, or American Red Cross chapter. You may also consider getting a community group you are already involved in talking about emergency preparedness. Faith-based organizations, schools, or even your workplace are good places to start a conversation about emergency preparedness.

Take the Pledge.

Whether it is meeting your neighbors, joining a local emergency preparedness group, or starting an emergency preparedness initiative within one of your community organizations, make sure to register your efforts with America’s PrepareAthon! Help move your individual community and our entire nation closer to being prepared for any emergency or disaster that comes our way.

http://blogs.cdc.gov/publichealthmatters/2015/04/take-the-pledge-to-improve-your-communitys-preparedness/

Planning Meetings: The Risk Management Plan

This new edition of "Risk Management: Concepts and Guidance" supplies a look at risk in light of current information, yet remains grounded in the history of risk practice. Taking a holistic approach, it examines risk as a blend of environmental, programmatic, and situational concerns. Supplying comprehensive coverage of risk management tools, practices, and protocols, the book presents powerful techniques that can enhance organizational risk identification, assessment, and management—all within the project and program environments.

Updated to reflect the Project Management Institute’s "A Guide to the Project Management Body of Knowledge (PMBOK® Guide), Fifth Edition," this edition is an ideal resource for those seeking Project Management Professional and Risk Management Professional certification.

...

http://www.itbusinessedge.com/itdownloads/it-project-management/risk-management-concepts-and-guidance-fifth-edition.html

(TNS) -- A downed power transmission line in southern Maryland caused a momentary loss of power that led to "widespread outages" in the nation's capital Tuesday afternoon, according to officials.

Previously, District of Columbia emergency management officials had said a reported explosion at a southern Maryland power plant may have been the cause.

A large number of outages were reported throughout the district about 1 p.m., including at the White House, Capitol and State Department headquarters.

According to Sean Kelly, a spokesman for Potomac Electric Power Co., just before 1 p.m., there was a momentary dip in voltage caused by a downed transmission line at a substation in southern Maryland, which is connected to a power plant there.

...

http://www.emergencymgmt.com/safety/White-House-Washington-Lose-Power.html

With the expansion of large multinational corporations into developing countries such as Russia, Brazil, India, Mexico and China, a proliferation of global regulatory enforcement actions, including anti-bribery and anti-corruption, has risen. Recently, HP Russia paid more than $108 million in fines for Foreign Corrupt Practices Act (FCPA) violations that occurred when its subsidiaries in three different countries, Russia, Poland and Mexico, made improper payments to government officials to obtain or retain lucrative public contracts.

Executives, including general counsel, compliance and risk officers, are smart to plan in advance for potential regulatory investigations. The disclosure, or production, of information that might be relevant to the allegations from the requesting regulatory bodies–part of the electronic discovery in the legal realm–is complex, costly and time-consuming in today’s world of information. It involves the identification, acquisition and review of information and communications from a myriad of sources, including day-to-day operations, financials, communications with foreign and government officials, employees and third party representatives, system data reporting, travel and entertainment expenditures, payment data, chat messaging, social media posts, and the like. All of this information is subject to scrutiny by legal counsel and the requesting regulatory body to determine whether there was any wrongdoing.

When some information is in one or more foreign languages, the document review process can become significantly more unwieldy and inefficient. Understanding and implementing best practices is critical for making the process easier.

...

http://www.corporatecomplianceinsights.com/assuring-regulatory-compliance-doesnt-get-lost-in-translation/

LONDON – GBGroup, the global leader in identity intelligence, has today announced its collaboration with Holvi, the Finnish company redefining European banking, with the aim to verify and understand its customers to help grow their businesses.

 

Holvi, an online one-stop-shop banking service for entrepreneurs, combines current accounts with tools to provide a full, digital banking experience for SMEs and sole traders. The company allows customers to easily manage projects and the back office in an embedded online platform. Fully regulated and operational in 30 countries, Holvi serves some 20 million entrepreneurs, freelancers, project workers and sole traders who up to now have struggled with banking services that don't suit their needs.

 

"Current banking systems aren't designed for sole traders; and it can take months for them to open an account, in which time they may have lost out on precious revenue or securing new business. Holvi sets out to take the administrative pain away for small companies - providing easy to use, efficient and synchronised banking services," said Luis Calleja Rodriguez, Chief Compliance Officer at Holvi.

 

"GBGroup helps us provide a real banking experience for SMEs and sole-traders," continued Rodriguez. 

"Working with GBGroup allows our clients to open an account in under a minute, and they don't need to provide data or paper-documents; taking out the stress of the traditional banking system. The speed makes onboarding new customers incredibly easy, allowing both us, and our customers, to focus on business growth."

 

Holvi, which is Finnish for ‘vault', gives customers the security of a bank with the tools of the modern, digital world to streamline their financial and accounting processes; saving them time, eliminating banking stress and allowing them to focus on their most important objective - winning new businesses and increasing income. In fact, Holvi's customers save 5-7 hours on average each month as a result of using the service.

 

"We're dedicated to expanding our business across Europe in an organic manner. We want to truly understand and get to the very heart of every single one of our customers," continued Rodriguez. "GBGroup's insight allows us to understand each of our clients personally, meaning we can ensure we're providing them with the exact services they need."

 

GBGroup started working with Holvi nine months ago to verify the documents of their new customers to prove they are valid and fully compliant on a pan-European level. GBGroup has allowed Holvi to check, verify and authenticate customers across the UK, Austria, Germany, Ireland, Italy, Sweden and Denmark; making their European expansion smoother, more efficient and scalable than using legacy systems. 

 

Glenn Porter, General Manager International Identity Verification, GBGroup comments, "We're incredibly proud to be partnered with Holvi, they're a truly exciting company that's challenging an entire industry. Their disruptive approach is empowering small businesses across Europe and giving them the tools they need to really make an impact. Our identity intelligence solutions are helping companies exploit their digital resources and expand at a faster rate than previously possible. Also, our Matchcode and DecTech solutions provide international data capture, validation and real-time credit checking whilst detecting and preventing transactional fraud. In this sense our partnership feels like the perfect marriage."

 

About Holvi
Holvi, founded in Helsinki in 2011, is a banking service designed for the connected age. Holvi is for the self-employed, micro-businesses and SME's of Europe. The core of Holvi's service is the current account - built for managing a business. The accounts are easy to open and use. They have basic SME tools built in including online shop, an invoicing tool and financial reporting features. Holvi has independently built an end-to-end online banking platform from the ground up. A financial service that does not operate on the legacy backend or balance sheet of any existing bank. Holvi is introducing intuitive design, usability and beauty to banking. Holvi is a licensed payment institution authorised by the Financial Supervisory Authority (FSA) of Finland for operations across the EU under the Payment Service Directive. www.holvi.com

About GBGroup (GBG)
The most profitable and successful organisations recognise the value of understanding the individual identity of their customers and employees. GBG combines this concept of identity with technology to create an environment of trust, so that organisations can employ people and connect, communicate and transact with consumers, safely and responsibly. We call this Identity Intelligence.

GroundWork Monitor Docker Edition one stop IT monitoring for all Docker environments

 

LONDON, UK – GroundWork, Inc. (www.gwos.com), the leading Unified Monitoring solution for IT operations management and cloud monitoring, releases GroundWork Monitor Docker Edition, designed to deploy directly to existing Docker and other Linux container environments. GroundWork Monitor Docker Edition consists of GroundWork Monitor, GroundWork Cloud Hub and GroundWork BoxSpy making it the most comprehensive monitoring system for the container environment today.

 

GroundWork Monitor Docker Edition provides performance and availability monitoring for:

  • Docker containers
  • Linux containers
  • OpenStack private cloud
  • Amazon public cloud
  • Hypervisors (VMware, KVM, RHEV-M, Hyper V)
  • Virtual servers
  • Applications
  • Networks (including OpenDaylight SDNs)
  • Storage
  • Physical devices

GroundWork Monitor Docker Edition version is a complete, pre-packaged version of GroundWork optimised for running as a Docker container. This allows for:

  • Quicker deployment
  • Faster launch times
  • Monitoring Docker environments when used with BoxSpy
  • Gathers metrics for Docker host, containers, applications, hypervisor, HW, network and storage
  • Monitoring other IT infrastructure outside of the Docker environment allowing for complete end-to-end visibility of your IT environment
  • For both development and production environments; using the same measuring tool in both locations for consistent apples to apples comparisons

"GroundWork Monitor Docker Edition is the natural complement to BoxSpy," said David Dennis, VP of Marketing and Products for GroundWork. "Using both together provides a complete container-native solution for monitoring production Docker environments and related IT infrastructure."

Robin Porter, Business Development Manager, Quru, comments: "We are delighted to be partnering with Groundwork, a market leading easy-to-deploy monitoring technology. When used with BoxSpy it monitors Docker environments, it's also compatible with other monitoring tools and this means it can provide complete end-to-end visibility of the IT environment. We are getting strong interest from our clients about Docker in particular because companies such as Groundwork are demonstrating their confidence in this technology."

New mobile CAPI solution lowers costs for regional research and feedback programmes

 

LONDON, UK – Confirmit has developed a new personal interviewing solution that opens up new market opportunities for organisations running regional and global field-based Market Research and Voice of the Customer programmes. CAPI (Computer Assisted Personal Interviewing) for Android enables businesses to take advantage of the accessible price point of Android devices when conducting sophisticated, interviewer-led research and feedback programmes without compromising survey quality.

 

Terry Lawlor, EVP Product Management at Confirmit, explained: "CAPI for Android provides a huge opportunity for MR organisations and enterprises alike to conduct field research using a highly cost-effective and efficient channel. Surveys that are authored using Confirmit Horizons can now be deployed on Android devices without any changes and using the full power of Horizons surveys. The CAPI console is available in 42 languages, including Chinese and Japanese, enabling easy deployment for multi-region or remote programmes that need to be deployed in multiple languages.”

 

Confirmit CAPI for Android supports the full range of question types available in Confirmit Horizons, including multimedia support, such as image capture, providing a rich and powerful interviewing experience. It also adds a deeper level of validation to survey responses, thanks to the ability to capture location and gather instant feedback at the point of experience.

 

Sean Regan, Head of Global Operations Technology at GfK, a long standing user of Confirmit Horizons and Confirmit CAPI solutions, commented: "Confirmit has always demonstrated a clear and strategic understanding of market needs. The introduction of CAPI for Android is no exception as it answers a real demand for accessible electronic interviewing solutions. We are existing users of Confirmit CAPI for Windows, and the ability to run highly sophisticated surveys on Android devices will be a great benefit to us in many regions around the world, particularly in remote and developing markets, as our business expands and consolidates globally.

 

"The comprehensive local language support will allow our regional field teams to blend vital global insights with local market intelligence. In addition, the ability to capture location and images through the surveys will add the richness of data that our clients increasingly demand."

 

Confirmit CAPI for Android is an interviewer-based App that can be downloaded to any Android device and then used by interviewers to conduct surveys without needing an Internet connection. It is built on the Confirmit Horizons solution which allows organisations to author a survey once and then deploy it across multiple channels. As with all Confirmit solutions, it offers a totally secure console log-in and secure and encrypted storage of response data.

 

Confirmit CAPI for Android is immediately available to Confirmit Horizons clients.

 

About Confirmit
Confirmit is the world's leading SaaS vendor for multi-channel Voice of the Customer, Employee Feedback, and Market Research solutions. The company has offices in Oslo (headquarters), Chengdu, Cologne, Grimstad, London, Moscow, New York, San Francisco, Vancouver, and Yaroslavl. Confirmit's software is also distributed through partner resellers in Madrid, Milan, Salvador, Sydney, and Tokyo.

Confirmit powers Global 5000 companies and Market Research agencies worldwide with a wide range of software products for feedback / data collection, panel management, data processing, analysis, and reporting. Customers include Aurora, British Airways, Cross-Tab, Dow Chemical, GlaxoSmithKline, GMO Research, JTN Research, Keep Factor, Morehead Associates, Nielsen, Research Now, RONIN, Sony Mobile Communications, Swisscom, and The Wellcome Trust. Visit www.confirmit.com for more information.

The International Organization of Securities Commissions (IOSCO) has published two consultation reports aimed at further enhancing the ability of financial markets and intermediaries to manage risks, withstand catastrophic events, and swiftly resume their services in the event of disruption.

The consultation report ‘Mechanisms for Trading Venues to Effectively Manage Electronic Trading Risks and Plans for Business Continuity’ provides a comprehensive overview of the steps trading venues need to take to manage the risks associated with electronic trading and the ways they plan for and manage disruptions through business continuity plans. As technology continues to evolve, trading venues will need to continuously adapt to these changes.

The report provides recommendations to help regulators ensure that trading venues are able to manage effectively a broad range of evolving risks. It also proposes sound practices that should be considered by trading venues when developing and implementing risk mitigation mechanisms and business continuity plans aimed at safeguarding the integrity, resiliency and reliability of their critical systems.

IOSCO´s second consultation report, ‘Market Intermediary Business Continuity and Recovery Planning’, proposes standards and sound practices that regulators could consider as part of their oversight of the business continuity and recovery planning by market intermediaries. These sound practices may also prove useful to intermediaries who are developing and implementing business continuity plans.

The two consultation reports draw on the results of surveys of IOSCO members and stakeholders, and feedback from roundtables organized with industry participants.

A key objective of the reports is to address possible weaknesses or gaps in the business continuity plans and recovery strategies of trading venues and market intermediaries.

Comments should be submitted on or before Saturday 6th June 2015.

Read the documents:

www.iosco.org

Venafi has published new research reevaluating the risk of attacks that exploit incomplete Heartbleed remediation in Global 2000 organizations.

Using Venafi TrustNet, a cloud-based certificate reputation service designed to protect enterprises from the growing threat of attacks that misuse cryptographic keys and digital certificates, Venafi Labs found that 84 percent of Forbes Global 2000 organizations’ external servers remain vulnerable to cyber attacks due to Heartbleed. This leaves these organizations open to reputational damage and widespread intellectual property loss.

When the Heartbleed vulnerability was discovered in April 2014, many organizations scrambled to patch the bug, but failed to take all of the necessary steps to fully remediate their servers and networks. But despite significant guidance from Gartner and other industry experts, the majority have failed to take the necessary steps to fully remediate their servers and networks.

“A year after Heartbleed revealed massive vulnerabilities in the foundation for global trust online, a major alarm needs to be sounded for this huge percentage of the world’s largest and most valuable businesses who are still exposed to attacks,” said Jeff Hudson, CEO, Venafi. “Given the danger that these vulnerabilities pose to their business, remediating risks and securing and protecting keys and certificates needs to be a top priority not only for the IT team alone, but for the CEO, BOD, and CISO.”

Download the Venafi Heartbleed +1 Year Analysis (PDF) at:
https://www.venafi.com/HeartsBleed/