Spring World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 27, Issue 4

Full Contents Now Available!

Jon Seals

You work in compliance. Now you are on the horns of a dilemma.  Are you going to become a whistleblower or not?

Serious Misconduct

You have learned of serious misconduct within your organization that has been overtly or tacitly approved by high-level management.   You have alerted those above you –or outside counsel– about the misconduct or have tried your best to put a stop to it.  But neither has worked.  You are appalled by what you have witnessed and may even be concerned with being held accountable if and when the misconduct gets exposed and turns into a civil or criminal action.  You understandably are worried about your reputation, both professionally and personally.  You’re near the end of your rope.  Perhaps, you’ve even spoken out so vehemently that you’ve already lost your job.



On July 22, 2013, a 6.6 magnitude earthquake, followed by hundreds of aftershocks, jolted China’s northwest Gansu Province, one of the country’s most under-developed regions. Ninety four people were initially reported dead, although that number is likely to rise in coming days. Hundreds were injured and some 227,000 people were displaced by the earthquake, which damaged 127,000 homes. Heavy rain is forecast to hit the affected area—potentially affecting rescue and relief efforts and increases chances of landslides or houses collapsing.

The Red Cross Society of China immediately responded to assess needs on the ground and dispatch relief supplies, including tents, family kits, jackets and quilts, and more items are being mobilized from warehouses around the country. A 24-member health Emergency Response Team, including volunteer doctors and psychosocial specialists, have also deployed to the affected area.

China is one of the world’s most disaster-prone countries—with approximately 70% of its cities and half of its population located in disaster-prone areas. Earlier this year, the Red Cross Society of China responded to a 7.0 magnitude earthquake in the hit Sichuan province, which killed 196 people and injured over 13,400.

The International Federation of Red Cross and Red Crescent Societies is closely monitoring the situation together with the Red Cross Society of China.


Wednesday, 24 July 2013 15:51

… addicted to thinking

Every so often I find something that sparks me out of the intellectual wasteland that so much of the debate around risk, BC and resilience seems to have become. One example is the book I recently finished reading - Addicted to Performance by John Bircham and Heather Connolly.

I would recommend this to those interested in risk and resilience thinking.
If your primary approach to risk, BC and resilience is standardised, templated and adhering to conventional wisdom – rather than application of critical thinking – this book is for you. But you may not fully appreciate that.



Wednesday, 24 July 2013 15:49

Caringo Launches CloudScaler 2.0

Delivers robust features that make it the best choice for enterprises and service providers 
AUSTIN, Texas – Caringo®, the leading provider of object storage software, today announced the latest version of its CloudScaler™ enterprise gateway that, combined with CAStor®, provides enterprises and service providers robust and efficient object storage as the foundation for dependable and scalable cloud storage service.
CloudScaler 2.0 adds Amazon S3 API support and increased control, authentication and metering of CAStor. The combined solution has a robust feature set that meets the most demanding enterprise use case requirements, going beyond the simple scalable storage offered through open source solutions and services such as S3.
Benefits include: 
•	Robust enterprise features for cloud storage service providers: Leverages CAStor’s adaptive power conservation technology, WORM functionality, integrity seals (to ensure content integrity), and Elastic Content Protection, offering replication and erasure coding simultaneously to provide any storage SLA.
•	Fully customizable and transparent disaster recovery options: Increased control over content location for disaster recovery and access, with automated local and geographic distribution of objects to multiple locations.
•	Broad ISV and ecosystem support enabled by rapid S3 application integration: Most existing applications that support Amazon S3 will work seamlessly once reconfigured to send requests to CloudScaler.
•	Designed to be the foundation of any complete cloud offering through cloud platform interoperability: CloudScaler is seamlessly integrated with Citrix CloudPortal Business Manager 2.0 and can work in conjunction with Apache CloudStack and Citrix Cloud Platform. 
•	Eliminates the need to map content to a rigid naming scheme: Lightweight tenant and domain creation and allocation for easy storage management and flexible bucket naming. 
•	Snap in to existing authentication processes and systems: Supports LDAP and Linux PAM authentication for integration into existing corporate identity management systems. Supports token-based authentication for pre-validated access logins.
•	Granular control of content access: A rich access control mechanism allows for coarse to fine-grained control over access (public or private) to content within a domain.
•	Simplifies cloud infrastructure management: Cloud storage infrastructure is easily expanded with no service downtime and automated storage balancing. 
•	Pricing that suits your business model: Offered through a perpetual license or on-demand pricing model.
“For many enterprise use cases S3 is not a candidate. Cloud storage service providers want on-demand storage like S3, but still need the performance, security and control of having storage behind their firewall,” said Mark Goros, CEO of Caringo. “CloudScaler 2.0 and CAStor empower our customers to build solid and dependable storage services while maintaining control and ensuring content integrity to meet the most demanding cloud storage use case requirements.”
Caringo will be hosting a webinar to demonstrate CloudScaler 2.0 and interoperability with Citrix Cloud Portal Business Manager 2.0 on August 21 at 10:00 a.m. Pacific /1:00 p.m. Eastern – register here.
Follow Caringo
About Caringo
Caringo provides software-defined storage that combines ease of management, intelligent automation and elastic data protection transforming commodity servers into massively scalable, fault tolerant object storage that preserves your data in addition to your resources and time. Caringo gives you control over the volume, velocity and variability of unstructured information associated with cloud storage, big data and active archives.
Onvelop for iOS provides secure mobile access to enterprise Microsoft SharePoint and Office 365 for Apple devices
MOUNTAIN VIEW, Calif.  AgreeYa Mobility, a mobile-focused product and service company headquartered in Mountain View, California, has launched its iOS version of Onvelop, an enterprise mobility product that utilizes licensed Microsoft protocols to provide secure mobile access to enterprise Microsoft SharePoint and Office 365—now for iOS devices. Onvelop for iOS can be downloaded from Apple Appstore.
Onvelop brings enterprise mobility and BYOD to business consumers with a platform capable of integrating real-time enterprise updates via feeds for activities, announcements and events from SharePoint and Team Sites on iOS devices. Enterprises can provide employees with mobile document access while still protecting their data. Employees can keep their personal data segregated from company oversight while using Onvelop on their personal mobile devices.
                Adding iOS support for Onvelop provides enterprise mobility for companies adopting popular Apple tablets and devices. Users get one-stop access to the business tools that allow them to review documents, create events and announcements, have a SharePoint document review meeting online via chat or call conferencing, check out and update documents from SharePoint and check them back in to SharePoint so updates become available to other enterprise users in the same network—all from the mobile device with a single sign-on.
 “Businesses that are already using iOS technologies can now access Onvelop’s comprehensive collaboration tools for mobile devices without significant additional costs,” says Krish Kupathil, CEO of AgreeYa Mobility. “Employees can easily access the tools they need to work and collaborate while keeping enterprise data completely secure.”
For more information about Onvelop, visit www.onvelop.com.
ABOUT AGREEYA MOBILITY: Headquartered in Mountain View, California, AgreeYa Mobility is a leading mobile SI and technology organization, with development centers in the U.S., Canada, Poland, India, China and South Korea. The company caters to the requirements of telecom operators, handset manufacturers, chipset manufacturers and enterprise businesses. The company's innovative Onvelop product utilizes licensed Microsoft protocols to provide secure access to enterprises' back-end systems from smartphones and tablets across multiple operating systems including iOS, Android and Windows 8. This has been achieved by its interoperability relationship with Microsoft and other technology partnerships. Visit www.onvelop.com for more information.

BCM 4050: Business Continuity Maturity Model® Assessor's Training is perfect for BCM professionals who would like to measure the effectiveness of their BCM program against standards and also benchmark their program against others in the same industry.  An assessment meets the requirements for internal audit as well as provides documentation demonstrating program improvement.

The BCMM® is an assessment tool which provides a standard approach to measure an organization's Business Continuity Program maturity and to provide direction for creating and maintaining a BC program as a sustainable process. The BCMM® also collects meaningful benchmark data that can be used to compare how your organization matches up with similar organizations.  Download the Brochure!


Attendees earn an ANSI accredited certificate as a BCMM Assessor by successfully passing a 50 question multiple choice exam. 

Already a "Licensed" BCMM Assessor?
Since 2004 when the BCMM® was first published, new standards for business continuity have emerged. The BCMM® was updated in 2011 to align to globally accepted standards: ISO 22301, ASIS SPC.1; BS 25999; and NFPA 1600. The BCMM® version 2.0 provides you with the steps to take on the path toward resilience and compliance with international standards, including those recognized by PS-Prep™.

The BCMM® is now also an effective tool to help ensure compliance and to measure readiness for a third-party audit against one or more of these standards. To access the 2.0 BCMM® you must first complete a 2 hour online course and pass the online exam. In addition, as a result of successfully completing this course, your "license" will be changed to the ANSI Accredited BCMM-Assessor designation. Find out more!

2013 Course Schedule

August 14-15, 2013:  Chicago, IL                                       The Summit
September 9-10, 2013:  Philippines                                    ECCI
September 21-22, 2013:  San Diego, CA (Before DRJ Conference)  www.drj.com
November 6-7, 2013: Dulles, VA                                         Holiday Inn Dulles
November 12-13, 2013: Philippines                                     ECCI
November 25-26, 2013: Colombia                                       Intellity

Class meets 8:30 AM - 4:30 PM Daily

Register Now!

Course Fee: $1,495.00 USD includes all course materials, breakfast, lunch, and refreshments and a one year access to the Maturity Model. ICOR members save 10% 

Questions?  Contact Lynnda Nelson at 866-765-8321 or Education@theicor.org

DIRAK has expanded its product offering to include a new compression latch designed specifically for applications that require quick and secure locking in high vibration environments.



Provides a compression range of 7mm (.276”) for environmental gasket sealing

and helps reduce noise and rattle caused by vibration.

Low profile design features 4.5mm (.177”) of protrusion off the panel surface

enhancing the overall application aesthetics.

The locking position of the cam is clearly illustrated by an indicator built into the


Locking mechanism is a two-step process actuated by one continuous 180°


Step 1: The first 90° turn rotates the cam behind the frame

Step 2: A second 90° turn pulls the cam 7mm towards the frame.



Open position First 90° turn Second 90° turn pulls the of the insert moves cam 7mm against the

the cam behind frame compressing the the frame. seal. The door is latched and free of play.


Ten insert styles are available for access control securing the latch from accidental opening caused by shock and vibration.


Variable H-dimension ensures optimal fit for most applications. The H-dimension is adjustable from 12.5mm (.492”) to 83.5mm (3.287”). Single hole mounting provides for quick and easy installation. Available pre-assembled with a 33mm (1.3”) straight cam. Two offset cams (27.5mm and 13.5mm) are also available.


The 1-067 Compression Latch is an ideal solution for any indoor or outdoor application that requires gasket sealing and reduction of noise and rattle caused by vibration. It can accommodate any application with a door/panel thickness of up to 18mm. In addition, it offers a powder coat finish for corrosion resistance and has been IP65 rated, making it a cost-effective solution for outdoor applications.


Potential market applications are broad and include, but are not limited to:

Electronic Enclosures • Industrial Machinery • Transportation • Off Highway Equipment • Construction Equipment • Industrial Enclosures • Power Industry.


DIRAK is a global designer, manufacturer, and distributor of innovative, high quality system solutions for latching, hinging and profile technology. DIRAK products are sold and distributed globally through a network of authorized sales representatives.


For additional information, contact DIRAK, Inc., 22560 Glenn Drive, Sterling, Virginia, USA. Tel: 703-378-7637, Fax: 703-378-7638, E-mail: options@dirak.com, Website: www.dirak.us. The company’s global headquarters is in Ennepetal, Germany.

Boston-based architectural and engineering firm joins leading data center solution provider in unveiling 130,000 SF world-class data center


BOSTON — Integrated Design Group, (ID), an architectural, engineering and planning firm focused on data center design, announced today that Digital Realty’s data center in Needham, Mass. (DLR Needham) is complete. ID designed the master plan and provided combined architecture and engineering services for the three-story, 130,000 SF data center.

DLR Needham is designed to meet the technical requirements of companies seeking best-in-class data center space, featuring data center solutions, redundant power feeds and fiber connectivity. Each of the five suites will have approximately 8,000 SF of raised floor space and 1.125 MWs of IT capacity. The space will include state-of-the-art HVAC systems and security optimized to support advanced data center operations.

Lack of adequate yard space on the Needham site forced ID to find creative accommodations for the data center’s eight generators. Relegating these units to the roof was not an option due to the town’s strict zoning regulations. Therefore, ID’s alternative design solution accommodated the generators within the interior of the data center.

“The grand opening of DLR Needham is a significant milestone for our team,” said Lindsay Shanley, project manager at ID. “This particular project challenged us to find creative solutions for this location, which lacks outdoor space usually available on a data center site. ID thrives on these types of challenges, which result in innovative solutions that satisfy our client’s unique design requirements.”

Other unique features of ID’s design for DLR Needham include an air-side economizer that has been incorporated into the cooling systems for the computer rooms and electrical rooms. The air economizer systems take advantage of the New England climate to allow for full or partial economizer operations for almost 10 months of the calendar year.  For the Electrical Rooms, the system uses outside air to first ventilate the indoor substation rooms, then transfers the air to cool the electrical equipment housed in the adjacent electrical/UPS rooms prior to being exhausted. For the Computer Rooms, the CRAHs modulate dampers and pull in filtered outside air to cool the space, and then separate relief air fans exhaust the hot air out of the building. However, this can lead to humidity issues in New England, so ID addressed this issue by including a CRAH gallery with high-capacity, low energy humidifiers to raise the humidity to acceptable ranges for the computers. This design adds the humidity into the system very effectively, without having to add equipment and run water piping in the computer room.

Project team members include:

  • Owner:                                               Digital Realty
  • Project Oversight and Design:           Integrated Design Group
  • Project Architect:                               Integrated Design Group
  • Shell Architect:                                   Newbury Design Associates
  • Structural Engineer:                            RRC Engineering
  • MEP/FIRE:                                           Integrated Design Group
  • General Contractor:                          Gilbane Building Co.
  • Civil Engineer:                                    Merrill Associates
  • Security:                                             Guidepost Solutions


About Integrated Design Group

Celebrating its tenth year in 2013, Integrated Design Group (ID) stands out as an architectural and engineering firm dedicated to the innovative design of data centers. A truly collaborative environment, the firm unites award-winning architects and mechanical and electrical engineers to create critical spaces that are custom, state-of-the-art, and sustainable. ID specializes in energy efficiency, modularity and load-on-demand concepts. The team is continuously seeking to expand its portfolio in addition to serving existing premier clients nationally and around the world that demand unique solutions and value excellent design. For more information, visit the company’s web site at www.idgroupae.com, access their blog at www.idgroupaeblog.com; or follow on Twitter @ DataCntrDesign.

Company Growth Rate Remains Above 40% as Company Exceeds $43 Million in Annualized Revenue


HOUSTON, TX – Alert Logic (www.alertlogic.com), the recognized leader in Security-as-a-Service solutions for the cloud, today announced GAAP revenues for the quarter ending June 30, 2013 of $10.1 million, up 43 percent from the second quarter of 2012, and up 7 percent from the first quarter of 2013. Alert Logic’s annualized revenue under contract in the month of June 2013 exceeded $43 million, and is tracking ahead of the company’s plan to reach a $50 million run-rate by the end of 2013.

Alert Logic realized strong Q2 momentum within the public cloud sector as the company’s release of Threat Manager for Cloud and Log Manager solutions helped secure more than 100 Amazon Web Services customers.

“Our strong growth this quarter keeps us on track to reach our goal of being a $50 million business by the end of 2013,” said Gray Hall, Alert Logic’s president and CEO. “Our new product releases from the second half of 2012 and the first half of 2013 helped fuel our growth this quarter, and we expect a similar boost in the future from the exciting new products and capabilities we plan to launch in the second half of 2013.”

To date, Alert Logic has more than 2,200 customers using its Security-as-a-Service solutions, both via service providers and directly from Alert Logic.

Alert Logic’s notable highlights for Q2 2013 include:

·         Releasing the next generation of Threat Manager, the first fully managed threat management solution deployable in any elastic cloud infrastructure, irrespective of hypervisor and networking architecture.

·         Being named a “Cool Vendor“ by Gartner in its 2013 Security Services report, which recognizes Alert Logic for its innovative business model, intrusion detection, vulnerability assessment, log management and web application firewall Security-as-a-Service solutions and cloud-based architecture.

A privately held company, Alert Logic publicly reports its Generally Accepted Accounting Principles (GAAP) revenue results and growth rates quarterly, in addition to its annualized recurring revenue under contract. Alert Logic’s financial statements have been audited in accordance with GAAP since 2005. All Alert Logic revenue is derived through long-term subscription contracts, consistent with the company’s Security-as-a-Service business model. Alert Logic’s solutions are sold directly to enterprise customers and through a diversified channel of resellers and cloud service provider partners.

Alert Logic specializes in providing a portfolio of Security-as-a-Service solutions for customers of hosting and cloud service providers. More than half of the largest managed hosting and cloud service providers use Alert Logic to secure their customer environments, making Alert Logic the de facto standard for securing infrastructure in hosted and cloud environments.

Alert Logic’s Security-as-a-Service solutions provide customers four distinct advantages: market-leading security tools, a fully outsourced and managed SaaS delivery model, integrated 24×7 Security Operations Center (SOC) services to monitor and provide expert guidance, and the ability to deploy wherever a customer has IT infrastructure, including the cloud.



About Alert Logic
Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, provides solutions to secure the application and infrastructure stack. By integrating advanced security tools with 24×7 Security Operations Center expertise, customers can defend against security threats and address compliance mandates. By leveraging an “as-a-Service” delivery model, Alert Logic solutions include day-to-day management of security infrastructure, security experts translating complex data into actionable insight, and flexible deployment options to address customer security needs in any computing environment. Built from the ground up to address the unique challenges of public and private cloud environments, Alert Logic partners with over half of the largest cloud and hosting service providers to provide Security-as-a-Service solutions for business application deployments for over 2,200 enterprises. Alert Logic is based in Houston, Texas, and was founded in 2002. For more information, please visit www.alertlogic.com.

A policy debate is raging in Europe over cloud computing and those who want to bind the cloud in over-prescriptive regulation threaten to prevent the benefits of the new technology being felt, argues Thomas Boué.

Thomas Boué is director of government relations for Europe, the Middle East and Africa at the Business Software Alliance, a trade association.

A quiet battle of wills has broken out among European policymakers who are pushing competing visions for how to capitalise on the most significant wave of innovation now underway in information technology: cloud computing.

All agree that by creating a new, more efficient architecture for computing, the cloud offers vast economic benefits. It lets enterprises avoid the cost of buying and maintaining some of the IT hardware and software they need to run their operations. Instead, they can have their computing resources delivered over the internet, as infinitely scalable services. For established companies, this creates cost savings that can be reinvested in the core business. For smaller start-ups, it represents one less obstacle on the path to growth.

But while some rightly see the cloud as an opportunity to accelerate commerce and expand global trade in digital services, others harbour more protectionist urges, focused on creating a European fiefdom in the cloud at the expense of global scale.