Disaster Recovery Journal

In my last column I discussed how what we used to consider active data is changing. We now have to look at the potential working set instead of the actual working set. Thanks to initiatives like real-time analytics, some data that we used to classify as archivable now needs to be at the ready. If this is the case, what is the role of archive? How do disk and tape archives participate in an increasingly active world?

The key to a balanced storage strategy, even with all this active data, is to change how we decide to archive a certain set of data. Under the current archive methodology the most common decision point was last modification date. In other words, data that is X days/years old can be archived, everything else has to stay on primary storage. The problem with this methodology is it is not compatible with real-time analytics and not even really compatible with the way users use data.

...

http://www.informationweek.com/storage/data-protection/active-data-vs-active-archive/240154236

Business owners are becoming increasingly concerned with the proliferation of technology in the workplace. Innovations such as BYOD, cloud, global access and social networking have many CIOs spinning their wheels on how to effectively secure their data and protect valuable intellectual property.

In this (n)ever-changing threat landscape, companies and governments are constantly battling organised cybercrime and hacktivism. With malware such as Flame, Stuxnet and Shamoon in the modern day cybercriminals’ arsenal, CIOs need to stay one-step ahead of the game and prepare for attacks accordingly.

Residual Risk: if you’re not familiar with the term, you should learn how it applies to your Business Continuity Management program.

In pulmonary science (the study of lungs) there’s something called ‘residual volume’.  That’s the amount of air that remains in your lungs after you forcefully exhale.  No matter how hard you try, there will always be residual volume.

In Business Continuity Management there’s something called ‘residual risk’.  It’s not much different: once you’ve mitigated identified risks, what’s left is residual risk.  No matter what you do, there will always be residual risks.  Business Continuity Plans are the primary tactic to deal with those residual risks.

...

http://ebrp.net/residual-risk-a-key-business-continuity-concept/

When financial hardships strike an organization, the Business Continuity program usually takes a hit. In fact, often it will take a hit when times are good so that the corporation can focus on other initiatives; initiatives designed to build upon the good times and keep the company making money. Increase that revenue, YEAH!! When this occurs, resources get reassigned to other projects and the BCM program gets placed on the back burner or it will see resources funnelled away to support other initiatives.
What kind of things do organizations cut from their budgets that can undermine and slowly dismantle a BCM program? Here’s just a short list of some of the actions corporations will take in diverting BCM intended resources.

1. Training – Training is suspended because sending employees on courses to upgrade and keep skills current is deemed as being too costly, especially if travel and accommodation is required. This training also helps to bring new ideas to the organization on how to better their programs but at the same time many executives (or those that approve BCM training) will simply state that the corporation knows what it would do. Thus, additional training isn’t required. Or worse, they send BCM people on courses that have nothing to do with their role.

...

http://stoneroad.wordpress.com/2013/05/11/7-things-that-can-ruin-a-bcm-program/

Are you a believer in serendipity, that magic moment when several disparate things come together to produce something marvelous that is greater than the sum of its parts? I am and I believe we could be on the cusp of such a moment if we can seize the opportunity.

Three things occurred this week that makes me feel this way. The first are the thoughtful comments of readers of last week's blog on emergency management education, particularly those that reminded me of the Emergency Management Institute's Emergency Management Professional Program. EMPP is intended to develop core competencies for emergency managers and does an excellent job of combining concepts and general and specific skills.

...

http://www.emergencymgmt.com/emergency-blogs/managing-crisis/Serendipity-and-Emergency-Management-051013.html

There’s no telling when a major natural or man-made disaster can affect your company’s operations. Just because no calamity has ever affected your community doesn’t mean you’re completely safe. The specter of disastrous data loss can make most business operators think ahead and draft a reliable disaster recovery plan. This website and our publication The Data Center Journal will keep you abreast of the latest practices.

Disaster recovery, often shortened as DR, is the process of getting operations back on track in the critical period following a serious calamity. This is a step-by-step process that requires extensive brainstorming and support from the rank-and-file all the way up to senior management. For instance, a DR plan should first be raised within upper management as they need to be convinced of the viability of any proposed solution.

...

http://www.datacenterjournal.com/disaster-recovery-plan-2/strategies-for-formulating-disaster-recovery-plan/

TERRIBLE new forms of infectious disease make headlines, but not at the start. Every pandemic begins small. Early indicators can be subtle and ambiguous. When the Next Big One arrives, spreading across oceans and continents like the sweep of nightfall, causing illness and fear, killing thousands or maybe millions of people, it will be signaled first by quiet, puzzling reports from faraway places — reports to which disease scientists and public health officials, but few of the rest of us, pay close attention. Such reports have been coming in recent months from two countries, China and Saudi Arabia.

You may have seen the news about H7N9, a new strain of avian flu claiming victims in Shanghai and other Chinese locales. Influenzas always draw notice, and always deserve it, because of their great potential to catch hold, spread fast, circle the world and kill lots of people. But even if you’ve been tracking that bird-flu story, you may not have noticed the little items about a “novel coronavirus” on the Arabian Peninsula.

...

http://www.nytimes.com/2013/05/10/opinion/the-next-pandemic-is-closer-than-you-think.html

Who would have imagined? At a time when the Dow Jones Industrial Average climbs above 15,000 for the first time and investor euphoria persists, trust in companies and their CEOs ranks near or at record lows. In this case, "rank" can serve as an adjective, too. Investors even have turned against the CEO who once could do no wrong, JP Morgan Chase's Jamie Dimon, urging him to surrender one of his roles as chairman and CEO because of some celebrated gaffes.

These corporate governance issues and crises have sparked a steep rise in reputational risk as trust in business continues a decade-long erosion. And good business practices alone won't remedy it. Challenges to a company's reputation arise from a specific business decision or practice. To manage that reputation successfully requires the active leadership of the CEO with the board of directors serving as avid monitors.

...

http://www.huffingtonpost.com/daniel-diermeier/reputation-risk-managemen_b_3253498.html

Patrick Meier is an expert on the application of new technologies to crisis earlywarning, humanitarian response and resilience. He currently serves as Director of Social Innovation at the Qatar Foundations’ Computing Research Institute and blogs at www.iRevolution.net. He co-founded the Harvard Humanitarian Initiative’s Program on Crisis Mapping and Early Warning, CrisisMappers, Digital Humanitarians, and the award-winning Standby Task Force. He served as Director of Crisis Mapping at Ushahidi and has consulted extensively for many international organizations and programs. He received his PhD from the Fletcher School.

While a fast and comprehensive means of reporting breaking news, social media brings with it the risk of misreporting, which in some cases can be quite dangerous, as with Reddit’s misidentification of the Boston bombing culprit. How can authorities determine what’s credible? What is the relationship between law enforcement and social media?

...

http://chicagopolicyreview.org/2013/05/07/the-role-of-technology-in-crisis-management-and-how-it-could-be-done-better/

What’s different about cloud computing?

Cloud systems are often different from the traditional IT infrastructure set up by a company itself because they are normally provided by a third party supplier, and so businesses do not have as much control over the cloud system as they would over their own IT infrastructure.

...

http://www.hrmagazine.co.uk/hr/features/1077164/how-hr-manage-risk-cloud-computing