Fall World 2014

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 27, Issue 3

Full Contents Now Available!

Jon Seals

Economic damages from the recent flooding in Colorado are expected to surpass $2 billion, according to a recent report from catastrophe risk modeler Eqecat. Most of that financial burden will fall on residents because very little flood risk is insured in the state.

Between 1,500 and 1,800 homes have been destroyed and thousands of homes have been damaged, leaving more than 10,000 people displaced. The estimated total cost to repair destroyed homes averages $300 million and early reviews of residential flood damage indicate an average of $20,000 to restore each of the 17,500 flooded homes that were not destroyed. But because of exclusions to the basic homeowners insurance policy, most of the losses will not be covered by insurance.

Historically, a very small portion of homeowners purchase flood insurance on homes outside of the 100-year flood zones outlined by the U.S. National Flood Insurance Program, which provides insurance as part of a mortgage. Of the 17 counties impacted, most of the areas are not within defined flood zones.

...

http://www.riskmanagementmonitor.com/colorado-flood-damage-estimated-at-over-2-billion

The desire to be agile has long impacted human behavior. Consider the elite athlete, the army general, the opera singer, the belly dancer, the professional golfer, the heavyweight boxer, the high seas sailor, the commercial pilot, the top-end banker, and even the federal politician — they all love agility, and so do we. Why? Put simply, agility provides the basis for adaptability and change which, in turn, are integral to our survival and growth. The same agility that enables a springbok to outrun a lion or an ant to carry a load more than 20 times its size allows a small start-up in Southern California to prevail against the might of a large, well-established brick-and-mortar organization (based on my arguments in the preface to my book, The Art of Agile Practice: A Composite Approach for Projects and Organizations). No wonder mainstream business is increasingly fascinated by “Agile.”

In a special issue of Communications of the ACM commemorating the first 50 years of computing, virtual reality pioneer Jaron Lanier wrote: “The biggest surprise from the first 50 years of computers is that computation turns out to be a cultural object in its own right, with all its warts and semicolons.” This phenomenal importance of “human issues” in IT project management has also found its way in discussions by Cutter Fellows Tom DeMarco and Timothy Lister in their book Peopleware: Productive Projects and Teams; Gerald M. Weinberg’s The Psychology of Computer Programming, and Larry Constantine’s Constantine on Peopleware and Soft Issues and Other Hard Problems in Software Development. Indeed, Constantine claimed: “Good software does not come from CASE tools, visual programming, rapid prototyping, or object technology. Good software comes from people. So does bad software.” I have also discussed the importance of people in software projects and the destructive nature of “game playing” — together with suggested antidotes. These discussions led to an inescapable conclusion: the dire need to address the social and cultural factors in project management. Contemporary Agile emerged out of the exploration of such issues in software development projects. Agile helped the software development community climb out of its cellars of up-front planning, analysis paralysis, and siloed (primarily driven by the waterfall lifecycle) approaches to the users and business.

...

http://blog.cutter.com/2013/09/24/sociocultural-aspects-of-software-projects

Ok, so NASA failed an audit. Don’t we all? I think it is important to understand the government’s cloud computing adoption timeline before passing judgment on NASA for failing to meet its cloud computing requirements. And, as someone who has read NASA’s risk management program (and the 600 pages of supporting documentation), I can say that this wasn’t a failure of risk management policy or procedure effectiveness.  Clearly, this was a failure of third-party risk management’s monitoring and review of cloud services.  

The Cloud Is Nebulous

Back in 2009, NASA pioneered cloud technology with a shipping container-based public cloud technology project named Nebula -- after the stellar cloud formation. (I love nerd humor, don’t you?)

...

http://blogs.forrester.com/renee_murphy/13-09-23-nasa_flunked_its_cloud_computing_audit_are_you_next

Before joining Forrester, I ran my own consulting firm. No matter how ridiculous the problem or how complicated the solution, when a client would ask if I could help, I would say yes. Some people might say I was helpful, but I was in an overconfidence trap. There was always this voice in the back of my mind that would say, “How hard could it be?” Think of the havoc that kind of trap can have on a risk management program. If any part of the risk program is qualitative, and you are an overconfident person, your risk assessments will be skewed. If you are in an overconfidence trap, force yourself to estimate the extremes and imagine the scenarios where those extremes can happen. This will help you understand when you are being overconfident and allow you to find the happy medium.

Have you ever padded the budget of a project “just to be safe”? I hate to tell you this, but you are in the prudence trap.  By padding the project budget, you are anticipating an unknown. Many other managers in your company may be using the same “strategy.” But the next time you do a project like this, you will pad the budget again, because the inherent uncertainty is still there. The easiest way to keep your risk management program out of the prudence trap is to never adjust your risk assessments to be “on the safe side,”  There is nothing safe about using a psychological trap to predict risk.

...

http://blogs.forrester.com/renee_murphy/13-09-19-are_you_in_a_decision_trap_you_decide

CIO - Data recovery used to be a straightforward matter of running competent data recovery software on a single disk drive. Advances in storage technology now make a number of deployment scenarios possible. Even with the best data backup practices, though, it's unlikely for a small business to have the infrastructure to keep its data perfectly synchronized.

To help small businesses be prepared should a data disaster event strike, here's a look at how the most common storage options on the market deal with data recovery.

RAID: You'll Need Software to Complement Hardware

Network Attached Storage (NAS) appliances rank among the most common storage devices that today's businesses use. They range from simple two-bay devices to 10-bay appliances that offer Storage Area Network (SAN) capabilities. Redundancy is typically implemented using Redundant Array of Independent Disks (RAID), which offers simple mirroring (RAID 1) as well as more advanced methods that strip blocks of data across multiple disks to mitigate against a single drive failure (RAID 5) or even two failed drives (RAID 6).

...

http://www.computerworld.com/s/article/9242513/How_to_Overcome_Small_Business_Data_Recovery_Challenges

Brigham and Women's Hospital

In the last eight years, Brigham and Women’s Hospital in Boston has conducted 78 large scale emergency drills.  On the afternoon of April 15, immediately following the two bombs set off during the Boston marathon, it was time to put their well-practiced plans into action.

Brigham and Women’s Hospital had prepared for a variety of events, both natural and man-made.  Casting a wide net and taking an all-hazards approach, they ran drills for oil spills, chemical attacks, active shooters, blizzards, train crashes, hurricanes and building evacuations. The hospital ran exercises and responded to real-life events at a division, departmental, hospital, city-wide and state-wide level.  No doubt, the drills helped to establish routines and relationships across departments and across systems.

Members of BWH's Hazardous Material Response Team stand at the ready during a simulation in 2012.

On Monday, April 15, there was a short turnaround between finding out about the event and implementing a plan.  At 2:54 p.m., when  the call came in about two explosions at the race, the already busy 55-bed emergency department had 66 patients. 

Brigham and Women’s Hospital implemented what they call a Code Amber, activating the hospital disaster response system.  The hospital-wide response plan that they practiced regularly started with building capacity and capability in the emergency department, in the operating rooms, and throughout the hospital.  Where possible, patients were discharged or transitioned to other departments to disperse the crowded area.  Multiple operating rooms were rapidly opened and staffed for potential emergency surgeries.

The hospital cared for 39 patients from the bombing, 23 in the first 45 minutes. Staff set up a primary triage team to assess immediate need before a secondary triage team identified patients that needed emergent surgery.   Patients requiring surgery went directly to the operating room from the Emergency Department, just as they had drilled in prior exercises.   Patients were rapidly cared for throughout the hospital.

In the end, the drills and training clearly contributed to the success of the hospital’s response.  The Incident Command System followed protocols and organized logistics and communications to ensure an effective, rapid hospital wide response. Even with all the advanced training, there was still room for improvement.

Members of the Command and General Staff in the Emergency Operations Center at BWH during a recent drill.

The first lesson learned was the importance of establishing crowd control in the emergency department.  With plenty of hands jumping in to help it was almost overwhelming.  Brigham knew they needed to establish a labor pool and work on how they assigned roles to doctors, nurses, and volunteers in order to maximize contributions and response. 

The second lesson was to improve and streamline communication between the various teams in the emergency department and the emergency operations center.  With the available resources in an emergency, Brigham and Women’s Hospital discovered that they could enhance communications more readily assigning available staff in leadership and support roles.

The third lesson was overall situational awareness regarding communications, patient and staff location.  With multiple events occurring, clear, frequent information flow was critical.

In the months following the bombing event, Brigham and Women’s Hospital instituted a mandate to focus on July 4 as a milestone date to show improvement.  With a half a million spectators coming to the Boston waterfront to celebrate the holiday, the hospital wanted to be ready in advance.

BWH trauma surgeon Dr. Robert Riviello looks on as Boston Marathon bombing survivor Jarrod Clowery talks about his experience at an April 30, 2013 press conference.

They conducted more spontaneous drills to focus on role clarity, reviewed job action sheets with providers and refined their information systems based on the marathon bombings experience.

“We have to be fluid, flexible, and able to adapt to the scenario,” said Dr. Eric Goralnick, Medical Director of Emergency Preparedness.  “We are a 793 bed academic medical center that is running at capacity a majority of the time. With competing priorities, getting everyone on the same page and operating cohesively in an emergency requires constant vigilance. A commitment to preparation and training is an institutional imperative. ”


http://blogs.cdc.gov/publichealthmatters/2013/09/hospital-preparedness-and-the-boston-marathon-bombing/

Catalyst, Avalution Consulting’s award winning business continuity software, now offers live incident management and emergency notification capabilities. A 30-day free trial is available via bccatalyst.com to further explore these features.

Cleveland, OH – Avalution Consulting – a leading provider of business continuity consulting and software solutions – announced today the release of two new features for the Catalyst business continuity software suite – live incident management and Bullhorn emergency notification.

We’re thrilled about the release of this new functionality! From analysis and plan development to managing live events and notifying stakeholders, Catalyst does it all,” explains Rob Giffin, Director of Technology for Avalution. “Bottom line, Catalyst is an all-in-one business continuity software suite that is powerful, affordable, and, most importantly, will produce results!”

Bullhorn Emergency Notification
Bullhorn allows users to send emergency notifications to contacts via email, text message, or voice phone call. Bullhorn is built-in to Catalyst, so no third party contracts are required, and always includes unlimited messages, making costs predictable. Bullhorn enables users to:

  • Send unlimited emails, text messages, and phone calls to contacts

  • Distribute messages to individual contacts, groups of contacts, or teams from recovery plans

  • Record custom audio messages for phone calls – rather than using text to speech

  • Track messages and their current status

  • Link notifications to a related incident


Live Incident Management
Catalyst’s live incident management functionality provides an online location for business continuity teams and stakeholders to collaborate and share information about a disruptive event in real-time, including announcements, situation reports, details regarding planned meetings, and more. Further, this functionality is tightly integrated into Catalyst, so users have complete access to recovery plans, communications tools, contact lists, and other resources stored in Catalyst.

In addition, the live incident management capability automatically creates a log of actions, similar to a Facebook timeline, so users can instantly see the latest updates from all teams!

Catalyst makes business continuity and IT disaster recovery planning easy and repeatable for every organization, regardless of size, industry, or geography. In addition to the new features above, Catalyst offers policy and procedure development, business impact analysis, risk assessment, recovery strategy definition, plan development (business continuity plan templates – business and IT), exercising, and general program management.


30-Day Free Trial
Explore the full version of Catalyst for 30-days. Registration takes less than 60 seconds, and no payment information is required.

>> Sign-up for a 30-day free trial today

About Avalution Consulting
Avalution is a leading provider of business continuity and IT disaster recovery consulting and software solutions for organizations in both the public and private sectors. Headquartered in Cleveland, Ohio (USA), Avalution is an ISO 22301 firm and maintains a contract on GSA Schedule 70.

In addition to Catalyst, Avalution offers an enterprise level business continuity software solution based on the simplicity of Microsoft SharePoint 2010. The Planning Portal provides highly customizable tools and processes to assist in managing and executing the full life-cycle of business continuity and IT disaster recovery programs. Solutions address analysis, planning, awareness generation, exercise planning, notification, live crisis management, and continuous improvement.

866.533.0575 | avalution.com | theplanningportal.com | bccatalyst.com | @Avalution | LinkedIn

Worried about outages & vendor shutdowns? Here's what you can do


This week’s news about cloud storage provider (CSP) Nirvanix has lots of organizations thinking about and, in some cases scrambling to deal with, the repercussions of a cloud provider shutting down. While pundits may speculate about what happened to this particular CSP and ponder the various “what-if” scenarios of how the outcome might have been different, such analyses offer little consolation to the customers who are affected by this sudden change and loss of their trusted cloud vendor.
Adding to the hysterics, cloud opponents on the sideline may find time to revel in the momentary superiority of traditional IT infrastructure which is unaffected by such disruptions. However, those who understand the intrinsic value of cloud storage solutions and have been perceptive of prior happenings in the cloud industry may recall this week’s incident is not unique, as a major vendor shut down their CSP services over three years ago. Instead, they may ask whether the events of three years ago have improved the ability of customers to react to an event of this nature.

At TwinStrata, we’ve built a business on enabling organizations to utilize one or many cloud providers and/or their local storage infrastructure to store and protect their data. What’s relevant to this post is that our team is spending this week helping migrate a number of customers to new cloud providers on a very urgent basis.
The reality of the past few years - particularly the past day or so - has included occasional cloud outages and cloud providers exiting the business. While many cloud providers tout a near-bulletproof infrastructure consisting of multiple copies of data spread across multiple data centers, exceptionally high data durability and always-on data availability, these capabilities cannot always prevent the unexpected: the accidental user account shutdown, a significant network outage from your premises or the natural evolution that inevitably occurs in the provider landscape. While the latter are rare, they remain the types of events for which business and IT leaders ought to plan when preparing a data storage strategy with provisions for recovery and business continuity.

When it comes to storing data in the cloud, facilitating the migration of cloud storage should factor into the overall contingency plan. So what are some of the provisions businesses should take to ensure they can protect data stored in the cloud from the unknown? 

•	Ingress and egress of data. One of the first questions organizations may ask is how they can pull their data out of the cloud, followed by how long it will take. Some internet providers allow bandwidth bursts during short intervals lasting days or weeks for unusually large transfers. If additional bandwidth is not available, all is not lost. Objects stored in the cloud can be transferred from one cloud to another cloud using a cloud provider’s bandwidth, without having to upgrade on-premise networking. Finally, a third option is utilizing an import/export processes for cloud providers having the capability to physically ship data on disks.
•	Multiple copies of data. While this may seem like an obvious consideration, having multiple copies of data either across clouds and/or a cached copy locally can take the edge off of a cloud outage or a cloud provider ceasing operations. A local copy on low-cost storage can be relatively cheap insurance and can ease the bandwidth needs if it is necessary to pull the data back on premise.
•	Protocol compatibility across clouds. Cloud storage gateway and cloud-integrated storage technologies are often a key part of enabling a migration path to a new cloud if and when needed, offering the same application interface to storage across a number of different cloud vendors having different APIs. If you are not using a gateway today, it is not difficult to add as part of the migration process, and you also gain advantages around performance and data security.
•	Working with a trusted vendor. Always work with a vendor that understands the needs of your business including recovery time and recovery point objectives. Complying with these objectives will give you a plan that keeps your business on it’s feet, no matter where your data lives.
While the prospect of a cloud provider outage or shutdown can seem daunting, it is not an insurmountable problem. Careful planning that accounts for the different dimensions and scenarios of data stored in the cloud can replace the worry with peace of mind.

Scalable Solutions Offer Larger Storage Data Sets and Faster Performance

 

SAN FRANCISCO – Riverbed Technology (NASDAQ: RVBD), the application performance company, today announced it has expanded its Whitewater® cloud storage appliance family with the addition of new hardware models and upgrades to its operating system(OS). The new Riverbed® Whitewater appliances and OS provide more capacity, faster ingest speeds and more replication options. These features and capabilities make the new Whitewater appliances a critical component for enterprises wishing to leverage the economical price and reliability of cloud storage options such as Amazon Glacier.

Enhancements include new Whitewater model appliances with up to triple the cache of previous models and support of up to 14.4 petabytes of logical data. The Whitewater Operating System (WWOS) 3.0 also offers new features, including pairwise replication that enable enterprises to replicate to an additional Whitewater appliance at a secondary location. In addition, enterprises can now leverage the 10 gigabit networking interface that dramatically improves ingest performance.

“We needed to replace our tape-based backup with a more efficient and scalable solution that could handle seismic data from our global operations and the new Whitewater cloud storage 3030 model appliance shocked us with really great results,” said Bradley Lauritsen, director of exploration applications, at Apache Corporation, a Houston-based oil and gas exploration and production company with operations globally. “The Whitewater appliance transforms our ability to backup and recover by improving our IT efficiency for protecting seismic data while delivering significant cost savings. We now feel confident that even in locations where connection speeds are slow, we can maintain continuous operations with the new WWOS 3.0.”

Cloud storage has become a more attractive option for backup and archiving as it has become more economical and reliable, with options such as Amazon Glacier, which offers pricing as low as a penny per gigabyte each month and is designed to have average annual durability of 99.999999999% for an archive.  In fact, customers that deploy the Whitewater 3030 model appliance can save more than $750,000 over a three year period when backing up to Amazon Glacier. With varying requirements for recovery time objectives (RTO) of certain data sets, the ability to recover certain data sets locally and immediately has also become increasingly important.    

“Disk-to-disk backup architectures have become extremely popular in the last few years. Adding the ability to integrate public cloud storage into this architecture offers an immediate return to operations at a disaster recovery site while capturing the cost advantages of very aggressive cloud storage services such as Amazon Glacier,” said Laura DuBois, program vice president, storage at IDC. “Riverbed is focused on helping enterprise customers achieve the immediate recovery they require and helping them reduce operations costs by riding the curve of rapidly decreasing cloud storage price points.”

Pairwise Replication and Pinning for Faster Recovery Options

The new WWOS 3.0 offers support for pairwise replication for Whitewater appliances that allows enterprises greater flexibility to choose the appropriate recovery option to meet their RTO based on their business continuity plans. For the fastest RTO, a Whitewater appliance can recover at disk speed to a secondary site. In addition, the new OS offers a pinning feature that allows enterprises to tier and choose which backup data sets are available on the Whitewater appliance cache for immediate access, while less critical backup data sets can be recovered from the cloud.

Scalable to Meet Growing Data Sets as Enterprises Grow

The three new Whitewater model (730, 2030, 3030) appliances offer between 8 to 96 TB usable cache capacity. The largest model, WWA-3030, can cache up to three times the amount of data as the previous largest model (3010) and can support backup & archive datasets of up to 14.4 petabytes[1] before it is compressed and deduplicated onto the local cache.

Faster Ingest Speeds and 10 Gigabit Networking Interface Support

For faster performance, enterprises can also choose to use 10 gigabit networking interfaces to get up to 2.5 terabytes per hour ingest performance, a 40 percent increase over previous models. The 10 gigabit networking interface also enables enterprises to transfer to Amazon Glacier cloud storage leveraging Amazon Direct Connect.

“As public cloud storage costs continue to fall, customers are looking to move new and larger data sets into the cloud. Our new generation of Whitewater cloud storage appliances expands scalability and performance to meet customer requirements,” said John Martin, senior vice president and general manager, Storage Delivery Business Unit at Riverbed. “In addition to helping customers ingest, protect and store more data, the new WWOS 3.0 features, such as replication, improve customers’ disaster recovery initiatives by offering immediate recovery at a disaster recovery location should their primary system suffer a significant outage. These capabilities greatly expand the number of organizations that can implement cloud storage while tailoring RTO to their unique requirements.”

Whitewater is a purpose built storage appliance, optimized for data protection and archiving, that helps seamlessly integrate organizations’ cloud storage infrastructures to deliver instant recovery, end to end security, and the industry’s most cost-effective storage for backup and archive data. Leveraging the cloud as a safe, secure site for data storage, Whitewater appliances streamline IT management and allow organizations to pay only for what they use, eliminating constant hardware refreshes and large capital outlays.

Availability

WW0S 3.0 is available now and a free upgrade for all existing Whitewater customers under a support agreement allowing them to take advantage of the new features and enhancing their investment in Whitewater appliances. Whitewater model 730, 2030, 3030 appliances are generally available.

Additional Resources

 

Forward Looking Statements

This press release contains forward-looking statements, including statements relating to the expected demand for Riverbed's products and services and the ability to reduce capital spending. These forward-looking statements involve risks and uncertainties, as well as assumptions that, if they do not fully materialize or prove incorrect, could cause our results to differ materially from those expressed or implied by such forward-looking statements. The risks and uncertainties that could cause our results to differ materially from those expressed or implied by such forward-looking statements include our ability to react to trends and challenges in our business and the markets in which we operate; our ability to anticipate market needs or develop new or enhanced products to meet those needs; the adoption rate of our products; our ability to establish and maintain successful relationships with our distribution partners; our ability to compete in our industry; fluctuations in demand, sales cycles and prices for our products and services; shortages or price fluctuations in our supply chain; our ability to protect our intellectual property rights; general political, economic and market conditions and events; and other risks and uncertainties described more fully in our documents filed with or furnished to the Securities and Exchange Commission. More information about these and other risks that may impact Riverbed's business are set forth in our Form 10-K filed with the SEC for the period ended December 31, 2012, and our subsequent quarterly reports filed with the SEC. All forward-looking statements in this press release are based on information available to us as of the date hereof, and we assume no obligation to update these forward-looking statements. Any future product, feature or related specification that may be referenced in this release are for information purposes only and are not commitments to deliver any technology or enhancement. Riverbed reserves the right to modify future product plans at any time.

About Riverbed

Riverbed delivers application performance for the globally connected enterprise. With Riverbed, enterprises can successfully and intelligently implement strategic initiatives such as virtualization, consolidation, cloud computing, and disaster recovery without fear of compromising performance. By giving enterprises the platform they need to understand, optimize and consolidate their IT, Riverbed helps enterprises to build a fast, fluid and dynamic IT architecture that aligns with the business needs of the organization. Additional information about Riverbed (NASDAQ: RVBD) is available at www.riverbed.com.

Feature For many SMEs, tape disappeared from their landscape as a data storage choice ten or more years ago. Domestically, it exists, if at all, as a legacy item with perhaps a car stereo chewing its way through a selection of fondly regarded C-90s. Still, this lack of public visibility by no means indicates that tape has come to the end of its spool.

Hard drive prices have steadily fallen while their capacities escalate unabated, and yet tape storage continues to play a pivotal role in business information management. For the big data boom, it proves cost-effective, energy efficient and easier to handle for remote back-ups and archiving. To find out more about the reliance IT places on this media and how it’s is deployed, I met with two IT professionals who share the same job title, but have very different roles.

...

http://www.theregister.co.uk/2013/09/18/tape_and_the_business_of_disaster_recovery/