The Continuity Logic customized demo provides an opportunity for qualifying organizations to evaluate Frontline Live 5™, with their plans, desired controls, policies, and procedures. This first-of-its-kind system for both business continuity and many other areas of Governance, Operational Risk and Compliance (GRC) is powerful, but often best viewed with some of your familiar plans, data and templates.


Spring World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 28, Issue 4

Full Contents Now Available!

Jon Seals

Thursday, 22 January 2015 00:00

Putting the Cloud inside Your Company Firewall

Some enterprises are attracted by the potential advantages of the cloud for disaster recovery and business continuity. However, they fear the possibility of information being spied on, stolen or hacked after it leaves their own physical premises. A little lateral thinking suggests another possible solution. Instead of moving outside a company firewall to use cloud possibilities, how about implementing cloud functionality inside the firewall? A number of vendors now offer private cloud solutions and they have some customers whose identity may surprise you.



Big Data is quickly moving from concept to reality in many enterprises, and with that comes the realization that organizations need to build and provision the infrastructure to deal with extremely large volumes, and fast.

So it is no wonder that the cloud is emerging as the go-to solution for Big Data, both as a means to support the data itself and the advanced database and analytics platforms that will hopefully make sense of it all.

In a recent survey from Unisphere Research, more than half of all enterprises are already using cloud-based services, while the number of Big Data projects is set to triple over the next year or so. This leads to the basic conundrum that the business world faces with Big Data: the need to ramp up infrastructure and services quickly and at minimal cost in order to maintain a competitive edge in the rapidly expanding data economy. The convergence between Big Data and the cloud, therefore, is a classic example of technology enabling a new way to conduct business, which in turn fuels demand for the technology and the means to optimize it.



Thursday, 22 January 2015 00:00

Ohio Helps Pay for Tornado-Proof Safe Rooms

(TNS) — Mary Kirstein and her partner hunkered down under a dining-room table, with their cat corralled in a laundry basket between them, as the tornado roared toward their home.

And this didn’t happen just once during Kirstein’s nine years in Houston, where tornadoes seem as common as wide-brimmed Stetsons. It happened time and again. Thankfully, she said, the big one never hit, but a person doesn’t easily forget that fear.

“Tornadoes freak me out,” said Kirstein, a purchaser at Battelle who now calls Hilliard home.

In 2012, while researching tornado safety as part of her role on a committee at work, she discovered that the state of Ohio had a new program to help pay for safe rooms that can withstand even the 250 mph winds that accompany the most-destructive EF5 storms. She filled out an application for the Ohio Safe Room Rebate Program, run by the Ohio Emergency Management Agency.



North Carolina CPA Firm Leverages StorTrends iDATA to Analyze Physical and Virtualized VMware IT Environment and Support Smart IT Investment



NORCROSS, Ga. – StorTrends® today announced that Thomas, Judy & Tucker (TJ&T), a leading CPA firm in Raleigh, N.C., has deployed a StorTrends high performance storage area network (SAN) to ensure application performance and the protection of its financial and legal data, while adhering to its strict budgetary requirements.   Not wanting to sacrifice speed for cost, the new StorTrends SAN provides TJ&T with the performance of solid-state disk (SSD) caching and SSD tiering, at the cost of spinning disk.


The Raleigh, N.C.-based Certified Public Accounting firm of Thomas, Judy & Tucker was founded by Cliff Thomas, Chris Judy and David Tucker. As a large local CPA firm, TJ&T has the capacity and the capability to offer a myriad of services to its clients. Since 1990, TJ&T has been creating and sustaining partnerships that deliver professional, reliable results. As a full-service accounting firm, offering attestation, taxation, outsource accounting and business valuation/litigation support, TJ&T is equipped to offer timely business, financial and tax services to a variety of clients.


As part of their business operations, TJ&T creates a large volume of data. From PDF documents of invoices and checks and volumes of financial documents to tax returns, time and billing data to the Microsoft Exchange Server for 130 mailboxes, TJ&T found that its storage requirements continued to grow. Even while its existing direct-attached storage (DAS) primary storage system had enough capacity, its operation was becoming increasingly slow, impacting production performance and office productivity. TJ&T needed to find a storage solution that would deliver the high capacity they needed at speeds that would support the demands of their business.

Not wanting to compromise on speed and capacity, TJ&T ruled out many of the solutions it evaluated. Then they discovered StorTrends. StorTrends was able to offer the performance of SSD caching and SSD tiering with the dense capacity of spinning disk drives, all for an extremely reasonable price.


The results have even out-performed expectations. "I've looked at various metrics on our VMware systems as well as on the StorTrends unit itself, and it's performing better than I thought would be technically possible," said Drew Green, Director of Information Technology for TJ&T. "I thought it would perform to our needs, but the numbers I've seen are better than anticipated."


"For organizations like TJ&T, StorTrends high-performance storage solutions can deliver the impressive performance and functionality that truly makes them more productive, with the high capacity that will meet their business needs well into the future," said Justin Bagby, Director of StorTrends.  "The StorTrends IDATA performance analysis tool was also of high value to TJ&T because it precisely analyzed their environment to assure that the StorTrends solution they implemented exactly matched their needs."


It was the sum of the StorTrends solution and experience with the StorTrends sales and support staff that further underscored the value TJ&T sees in StorTrends. "The couple of instances that I've spoken with support have been phenomenal," added Green. "This has been the best support experience I have ever had. Everything has exceeded expectations."


To read more about TJ&T, and other StorTrends customers, please visit: http://www.stortrends.com/resources/customer-stories/


Tweet this:  Thomas, Judy & Tucker Public Accountants Safeguard Valuable Company Data with @StorTrends http://www.stortrends.com/resources/customer-stories/


About StorTrends
StorTrends® from American Megatrends isPerformance Storage with Proven Value. StorTrends SAN and NAS storage appliances are installed worldwide and trusted by companies and institutions in a wide range of industries including education, energy, finance, state & local government, healthcare, manufacturing, marketing, retail, R&D and many more. StorTrends meets the challenges and demands of today's business environments by offering a wide variety of solutions from All-Flash Storage, Hybrid Storage to Spinning Disk Solutions. StorTrends is backed by 1,100+ Customer Installations, 100+ Storage Patents and nearly 30 Years of IT Leadership from a company that millions or people trust on a daily basis, American Megatrends, Inc.

ZURICH – Swiss Re Corporate Solutions strengthens its Cyber & Technology team with two new senior executives. Francois Brisson and Richard De Piero are appointed Global Head and Head North America, respectively, for this key line of business in the company's Financial & Professional Lines segment.


Mr. Brisson has 17 years of experience in brokerage and underwriting. For the past seven years he worked as Head Technology, Media & Telecom (TMT) at Hiscox France, where he was responsible for the cyber risks book and a member of the team that covered TMT accounts in Europe and the US. He will be based in Paris.


Philippe Aerni, Swiss Re Corporate Solutions' Head of Financial & Professional Lines, comments: "We are reinforcing our commitment to cyber insurance, a complex and fast developing business that fits very well with our value proposition of underwriting expertise, innovation and financial strength. In his global role, Francois will be instrumental in developing our product offerings and supporting our regional underwriting teams."


Mr. De Piero has 15 years of experience in the insurance industry. Most recently he was Senior Vice President at Marsh, New York City, where he specialized in solutions for technology and telecom risks, with an emphasis on privacy liability. Prior to Marsh, Mr. De Piero held positions of increasing responsibility in adjusting and claims management at Electric Insurance Company. He will be based in New York City.


Jeff Summerville, North America Head of Financial & Professional Lines for Swiss Re Corporate Solutions, says: "We are very happy to have Richard on our team to further develop our capabilities in North America. His knowledge of cyber liability and technology errors & omissions, coupled with his strong brokerage relationships, will be particularly advantageous as we execute our regional strategy and growth plans."


About Swiss Re Corporate Solutions

Swiss Re Corporate Solutions offers innovative, high-quality insurance capacity to mid-sized and large multinational corporations across the globe. Our offerings range from standard risk transfer covers and multi-line programmes, to highly customised solutions tailored to the needs of our clients. Swiss Re Corporate Solutions serves customers from over 50 offices worldwide and is backed by the financial strength of the Swiss Re Group. For more information about Swiss Re Corporate Solutions, please visit www.swissre.com/corporatesolutions or follow us on Twitter @SwissRe_CS.

LONDON – Interoute, owner operator of Europe's largest cloud services platform, has expanded the scope of its combined ISAE 3402 and SSAE 16 type II 2014 assurance report to include its Paris Data Centre Operations. The annual third party audited report provided by PricewaterhouseCoopers (PwC) now covers Interoute’s Amsterdam, Berlin, Geneva, London and Paris data centre operations. The type II report was completed by PwC, one of the world’s leading risk assurance consultants, following a six month sampling audit across seven fundamental security and risk control areas. The assurance report of Interoute’s controls provides assurance to global customers that their quality and security ICT service management requirements will be supported for their critical outsourced business technology standards.


Joe Stevens, Chief Security & Risk Officer for Interoute, said: “This is another significant expansion of our overall Enterprise Quality and Security Management System at Interoute. We maintain critical ICT business technology solutions for our customers and they expect us to continuously meet their quality and security challenges. The external assurance report produced by PwC measures the effectiveness of our ISO 20000 and ISO 27001 controls, and provides reporting transparency to our customers to support their governance demands.”


The PwC assurance report highlights the effectiveness of Interoute's operations regarding managed outsourced security and risks, and applies to Interoute’s virtual hosting infrastructure, including Interoute Virtual Data Centre (VDC). Enterprises trusting their data to external service providers demand the highest levels of security and independent compliance assurance. The report provides enterprises with the necessary assurance that their critical business systems and data are protected with Interoute.


The following controls have been tested and certified: security and risk governance, physical environmental and logical security and management of availability, as well as change configuration and continuity. Interoute's combined ISAE 3402 and SSAE assurance report proves that the company has the right processes and controls in place to secure the high demands for governance and certification across the company’s data centres. Interoute’s strategic approach to deliver this level of quality and security is to integrate the proven industry best practice standards (ISO 20000, ISO 27001, and PCI DSS) and ensure the integrity of its customers’ critical outsourced business applications. These quality controls are integrated across the company’s entire product portfolio and operations processes.

CAMBRIDGE, UK – Centrica (www.centrica.com), a leading UK energy company, has chosen CRedit360 (www.credit360.com) to provide the software solution for its global Health, Safety, Environment and Security (HSES) platform. Using CRedit360 will enable Centrica to centralise its incident management and environmental performance reporting as well as manage its audits and inspections programme within one integrated performance management system.


Centrica is home to British Gas, the leading residential and business energy and services provider in the UK, Direct Energy in North America, and Bord Gáis Energy in the Republic of Ireland as well as international exploration and production business, Centrica Energy, and Centrica Storage, which operates over 70% of the UK’s gas storage capacity.


Centrica employs over 37,000 people and in 2013 generated more than £2.7 billion in operating profit.

Philip Sayer, Group Head of HSE Governance & Assurance, Centrica, said: “Given the nature of our business, Health & Safety is the top priority on our agenda. We are excited to work with CRedit360 to establish an unparalleled, integrated platform that will be used at all levels of the organisation. This is a business critical system to help us to manage HSES performance and take a more proactive stance to further enhance our position. “CRedit360 covers the full spectrum of our needs, after a comprehensive selection process we are very much looking forward to working with the CRedit360 system.”


The CRedit360 EHS software solution will be used to log information on the ground through mobile applications, desktop entry and automated connections, and will support a range of complex workflow processes across the project areas. Ultimately, Centrica will be able to analyse the data with a range of flexible tools and communicate information via automated reports and dashboards. The system will also be used to automate the Director level review and sign off process, and provide executive level performance snapshots and analysis.


Mark Shields, Managing Director, CRedit360, said: “We are delighted to announce the start of this new client relationship with Centrica, and to support their ambitious efforts to establish an unparalleled integrated HSES platform.


“One of our key strategic objectives at CRedit360 is to continually develop the robustness of the system and expand the capabilities across the full range of EHS / compliance reporting and performance management. This is reflected in our selection through an extensive competitive process for what is a milestone project for the industry.”


About CRedit360

CRedit360’s modular web-based platform helps companies to accurately capture, manage and analyse environmental, safety, supplier and social data; providing a 360° view on their sustainability performance.

Founded in 2002, CRedit360 has over 175 customers including Philips, HEINEKEN, Scottish Power, Odebrecht, Nestlé, and McDonald’s. The company is headquartered in Cambridge, UK, with offices in the USA and Australia. CRedit360 was recently named as a global leader in both sustainability management software and EHS software by independent analyst firm Verdantix.

For further information, please visit www.credit360.com


About Centrica

Centrica plc is a British company listed in the FTSE 100 and operating predominantly in the UK, Republic of Ireland and North America.

Our vision is to be the leading integrated energy company, with customers at our core. We are active at every stage in the energy chain; our worldwide workforce of over 37,000 people help us to source, generate, process, store, trade, save, service and supply energy to homes and business in our chosen markets. Our aim is to meet our customers’ energy needs and deliver long-term value to our shareholders.

Our International Downstream business saves and supplies energy and related services, through British Gas in the UK, Bord Gais in the Republic of Ireland and Direct Energy in North America.

Our International Upstream business, Centrica Energy, delivers shareholder value and energy security through a balanced mix of gas and oil production, power generation and energy trading.

Centrica Storage, a wholly owned subsidiary of Centrica, operates over 70% of the UK’s gas storage capacity.

For further information, please visit www.centrica.com

A new survey of more than 3,000 IT decision-makers worldwide revealed the majority of businesses are "behind the curve" when it comes to their data protection strategies. The survey showed that most businesses are "not very confident" that they can fully recover their critical data after an IT service disruption, yet they also considered data protection "to be totally critical to their success."



With more enterprise IT organizations relying on software-as-a-service (SaaS) applications than ever, securing the data that flows in and out of those applications has become a major challenge and concern.

To give IT organizations more control over that data, Protegrity today unveiled the Protegrity Cloud Gateway, a virtual appliance that, once deployed on a server, enables organizations to apply policies to the flow of data moving in and out of multiple SaaS applications.

Protegrity CEO Suni Munshani says it applies a mix of encryption and vaultless tokenization to make sure data residing in a SaaS application can only be viewed by users that have been given explicit rights to see that data. Those rights are assigned using a “configuration-over-programming” (CoP) methodology that allows administrators to configure the gateway without having programming skills.

Support for SaaS applications is provided by accessing the public application programming interfaces (APIs) those applications expose, with support for each additional SaaS application that Protegrity supports taking a few days or weeks to add, depending on the complexity of the project.



Wednesday, 21 January 2015 00:00

10 steps to cyber security


The United Kingdom’s GCHQ, in association with the Centre for the Protection of National Infrastructure, Cabinet Office and Department for Business Innovation and Skills, has re-issued their ’10 Steps to Cyber Security’ publication, offering updated guidance on the practical steps that organizations can take to improve the security of their networks and the information carried on them.

Originally launched 2012, the guidance has made a tangible difference in helping organizations large and small understand the key activities they should evaluate for cyber security risk management purposes. The 2014 Cyber Governance Health Check of FTSE 350 Boards showed that 58% of companies have assessed themselves against the 10 Steps guidance since it was first launched. compared to 40% in 2013.

‘10 Steps to Cyber Security’ has been updated to ensure its continuing relevance in the climate of an ever growing cyber threat. It now highlights the new cyber security schemes and services that have been set up more recently under the National Cyber Security Programme.

The Business Continuity Institute’s Horizon Scan report has consistently shown that cyber attacks and data breaches are two of the biggest concerns for business continuity professionals with the latest report highlighting that 73% of respondents to a survey expressed either concern or extreme concern at the prospect of one of these threats materialising.

Robert Hannigan, Director of GCHQ, said: “GCHQ continues to see real threats to the UK on a daily basis, and the scale and rate of these attacks shows little sign of abating. However despite the increase in sophistication, it remains as true today as it did two years ago that there is much you can do yourself to protect your organisation by adopting the basic Cyber Security procedures in this guidance.”