Mike McClain, Senior Web Designer & Site Manager
As part of its disaster recovery planning, O’Neil& Associates had implemented continuous data protection (CDP) to a secondary data center. Unfortunately, while eliminating the need for tape, that decision also increased demand for costly remote disk storage and its associated rack space, cooling and power requirements. The company needed a solution that could quickly expand capacity without the need for additional disk.
Since the company’s disaster recovery plan requires employees to access the secondary data center by VPN, the organization typically has significant idle Internet bandwidth. O’Neil& Associates recognized that its environment was ideal for cloud storage adoption.
The company decided to adopt Amazon S3 cloud storage to alleviate the demands of disk's capital and infrastructure costs. However, it still needed a way for that cloud storage to be available virtually as a local disk so that it was accessible to the CDP solution. After trialing a CloudArray virtual appliance from TwinStrata, O'Neil& Associates was convinced it had found exactly what it needed and purchased a CloudArray physical appliance.
“The time required to provision new storage hindered our ability to meet our data retention commitments,” said Dave Stackhouse, director of information systems at O'Neil& Associates. “With TwinStrata CloudArray, storage provisioning is a trivial matter, not the significant undertaking it used to be. We’ve reduced the provisioning time for retention log storage by at least 90 percent and eliminated the complex and demanding planning and commitment required of our IT group. TwinStrata CloudArray proved to be exactly what we needed.”
“Plug and play integration, enterprise-class security and local performance enable organizations to deploy CloudArray as a direct replacement for traditional storage infrastructure,” said Nicos Vekiarides, chief executive officer at TwinStrata. “O'Neil& Associates saw the opportunity to offload their rapidly growing off-site storage capacity. By integrating the CloudArray gateway solution into their disaster recovery plan, they are able to scale their storage at a moment's notice without the costs, complexity and maintenance life cycle they would have faced if they continued to grow existing capacity. We’re excited that O'Neil& Associates have been able to use CloudArray to meet their objectives of simpler and more scalable enterprise storage that meets their data retention needs.”
Arkeia Network Backup v10 enables “hybrid cloud” backups by overcoming the limitations of last-mile bandwidth—allowing overnight delivery of physical media to substitute for WAN bandwidth as needed. Arkeia introduces hybrid cloud “seeding and feeding” in which administrators can employ any combination of physical media and internet transport to replicate backup sets on a LAN to or from remote cloud storage. Arkeia makes it practical to replace tapes for off-site storage by allowing large backup sets like full backups to be moved on physical media and small backup sets like incremental backups to be sent over the wire.
“Any effective backup must include getting data off site to protect against natural or man-made disasters,” said Ashar Baig, Senior Analyst at Taneja Group. “Hybrid cloud backups, which back up data to the LAN and then replicate it over WAN links to the cloud, are an increasingly attractive way to move business-critical backups offsite. Arkeia’s ‘seeding and feeding’ features overcome the mid-market’s key challenge of expensive WAN bandwidth. Arkeia’s hybrid cloud approach is a great way for organizations to get their data off site without the complexity of using tapes on a daily basis by overcoming bandwidth limitations.”
Seeding and Feeding
Arkeia’s hybrid cloud solution moves beyond rudimentary “cloud seeding” in which the first backup is moved off-site on physical media, followed by incremental backups sent over the WAN. First, Arkeia allows incremental backups to be replicated by wire before the first full backup is received at the destination replication server, eliminating the exposure that occurs when incremental backups must be delayed waiting for the initial full backup to be delivered to the cloud. Second, physical media can also be used for “feeding”: transporting any backup set too large to be replicated conveniently over the WAN. Internet and physical media transfers can be combined in any combination, in any sequence.
Third, similar transfers of deduplicated backups can be used to restore one or multiple backup sets to the LAN from the cloud. Moving backup sets in deduplicated format accelerates recovery, especially when large numbers of machines must be recovered quickly. Fourth, Arkeia’s hybrid-approach saves organizations money because not all backup sets have to be replicated to the cloud, giving administrators the flexibility to pick and choose based on the cost of cloud bandwidth and cloud storage.
“The high cost of last-mile bandwidth is the major obstacle slowing the adoption of hybrid cloud backup by the mid-market. Organizations planning to replace tape and gain the benefits of moving their backups to the cloud will hesitate when they factor in the costs of bandwidth required,” said Bill Evans, Arkeia CEO. “Arkeia Network Backup v10 makes hybrid cloud backup practical by solving the problem of last-mile bandwidth. Our unique ‘seed and feed’ capabilities permit MSPs and other resellers to deliver hybrid cloud backup services to the mid-market. Any customer with enough WAN bandwidth to transport most incremental backups can enjoy the flexibility and reliability of cloud backup.”
Immediate Provisioning of Temporary 1Gbps WAN Links
Arkeia Network Backup v10.0 supports replication with USB-connected disk drives and disk arrays. Disk arrays in redundant RAID configurations allow large volumes of data to be reliably transferred in a single package. A disk array with 10TB of useable capacity delivered overnight is comparable to a 1Gbps WAN link—but available as-needed without provisioning delays or expensive monthly fees.
Arkeia VARs and MSP customers will inventory USB-connected arrays, providing them to end users as needed, upon first backup and infrequently thereafter. External storage is ideal because the disk drives are needed only infrequently and do not occupy valuable real estate in backup appliances, because they are available in redundant arrays, and because arrays can scale far beyond the capacity of a single drive.
“Arkeia’s v10 promises the perfect balance of data protection and cost containment for offsite storage of backups,” said Jean-Michel Castronovo, managing director of storage specialist S2mi near Paris, France. “This release gives us exactly the features we want, allowing us to leverage the convenience of WANs for nightly transmission of incremental backups and the high bandwidth of USB-connected disk arrays for full backups. Arkeia’s Progressive Deduplication makes this all possible by delivering compression ratios up to 90 percent. Deduplication helps our customers save money by reducing storage volume and network performance requirements while shortening backup windows. We evaluated Arkeia, Acronis, and Veeam to protect our customers’ virtual environments and selected Arkeia.”
Source Volume Pricing
Arkeia Network Backup v10 introduces source-volume pricing to simplify licensing. License prices are based only on the amount of data under protection and include unlimited target storage volume, unlimited agents for physical machines (e.g. Windows, Linux), and unlimited agents for hypervisors (e.g. VMware and Hyper-V).
“Source volume pricing improves customer satisfaction by making it easy to predict data protection costs,” explains Kevin Reynolds, CEO at Signal Computer Products in Westford, Massachusetts. Signal is an Arkeia partner and regional reseller of data storage solutions. “We appreciate that Arkeia is delivering capabilities to make it easier for resellers to deliver solutions quickly.”
Availability and Pricing
Arkeia Network Backup version 10.0 is scheduled for availability this summer. To participate in the beta program, visit www.arkeia.com/beta-test. The release is free to all Arkeia customers on current maintenance contracts.
For perpetual licenses, protection of the first terabyte of source volume costs $5,000 with unlimited agents. Prices of subsequent terabytes start at $2,500/TB, descending to $1,250/TB. Subscription licensing is also available. Arkeia’s agent-based pricing will co-exist with source-volume pricing during a transition period.
About Arkeia Software
Arkeia delivers data backup and recovery solutions to protect more than 100,000 networks in 70 countries. The Arkeia Network Backup Suite is designed for mid-sized organizations that require fast, easy-to-use, and affordable data protection. The company’s appliances, virtual appliances, and software back up critical data to disk, tape, and cloud storage. Arkeia protects all major virtual platforms including VMware, Hyper-V, XenServer, and more than 200 physical platforms including Windows, Mac, Linux, Netware, Solaris, AIX, BSD, and HP-UX. The company’s patented source-side Progressive Deduplication™ technology helps users realize better performance at a lower cost by reducing data volumes. Arkeia’s deduplication is crucial to accelerating replication of on-premise backups to private or public clouds.Products are sold through resellers and managed service providers worldwide. The company was founded in1996 and is headquartered in San Diego, California.
Arkeia and Arkeia Network Backup are trademarks or registered trademarks of Arkeia Software, Inc. All other trademarks or registered trademarks are the properties of their respective owners.
leader in Governance, Risk, and Compliance (GRC) solutions,
has acquired TBD Networks, a San Jose, California-based
cloud transformation company and its vPanorama cloud GRC
technology. By incorporating vPanorama into its IT-GRC
solution, MetricStream will enable customers to seamlessly
manage regulatory compliance, privacy requirements, security
threats, vulnerability risks, and performance metrics across
the entire spectrum of virtual assets in the cloud, as well
as on-premise virtual infrastructure. The latter constitutes
private clouds based on platforms such as VMware vSphere.
An increasing number of IT resources - including
business-critical applications and highly sensitive data -
are being moved into the cloud. While the cloud offers
significant benefits in terms of efficiency, scalability,
and economy, it also presents an entirely new set of
security risks that IT organizations are only beginning to
understand. In addition, the cloud increases the complexity
of the IT environment - today companies are using a
combination of both on-premise physical systems and
virtualized IT infrastructure in the cloud which, in turn,
may be private, public, or hybrid.
MetricStream offers IT security, risk, and compliance
managers a simple, action-oriented way to monitor the
virtualized environment alongside on-premise infrastructure.
vPanorama's groundbreaking technology provides granular
visibility into and control over security configuration
assessments, continuous controls monitoring, risk
management, and threat and vulnerability tracking. It also
helps meet compliance requirements around industry
standards, cross-border data transfer, service level
agreements (SLAs), segregation of duties (SoDs), and general
computer controls (GCC). The technology minimizes
inefficiencies, and enhances the reliability and performance
of the cloud infrastructure.
vPanorama, developed by TBD Networks under the VMware
Technical Alliance Partner Program, has been the building
block of some of the world's largest virtual environments,
including the US Air Force's global network environment.
"Traditional IT operations are based on physical asset
models and stable relationships between servers, networks,
and storage elements. But with virtualization, system
services and servers can be provisioned, replicated,
updated, and de-provisioned with a single click; network and
storage mappings are made fluid; VMs can be easily moved
across and between enterprises, by-passing all traditional
security controls," says Thomas Ludwig, CEO of TBD Networks.
"Virtualization and the cloud have fundamentally changed the
overall model of IT governance, and significantly impacted
security and risk. vPanorama is designed for this new
paradigm, and augments the MetricStream IT-GRC solution,
delivering a panoramic view and a fine-grained management
framework for heterogeneous virtual environments."
"With the acquisition of vPanorama, MetricStream breaks new
ground in IT security, risk, and compliance management. It
brings to market the only IT-GRC solution that enables the
highest and most consistent level of assurance and control
for both cloud infrastructure and on-premise systems," says
Shellye Archambeau, CEO of MetricStream. "Companies need to
relook at their IT-GRC strategies and incorporate cloud GRC
so that they can confidently embrace virtual infrastructure,
and fully harness the power of cloud computing. With the
help of MetricStream, customers, for the first time, can get
clear visibility into and exercise control over their
compliance status and risk posture in the cloud."
The U.S. National Institute of Standards and Technology
(NIST) and the Cloud Security Alliance (CSA) view cloud GRC
as a critical issue. NIST recently released a draft of
Special Publication 800-144, "Guidelines on Security and
Privacy in Public Cloud Computing," which recommends steps
to be taken in nine topical areas: Governance, Compliance,
Trust, Architecture, Identity and Access Management,
Software Isolation, Data Protection, Availability, and
The CSA makes similar recommendations in v2.1 of the CSA
Guide - "Effective governance and enterprise risk management
in Cloud Computing environments follows from well-developed
information security governance processes, as part of the
organization's overall corporate governance obligations of
due care." The report goes on to say, "The fundamental
issues of governance and enterprise risk management in Cloud
Computing concern the identification and implementation of
the appropriate organizational structures, processes, and
controls to maintain effective information security
governance, risk management, and compliance."
As part of the acquisition, the TBD Networks team will join
MetricStream to drive product innovation and R&D around how
enterprises should respond to emerging risks from
virtualized infrastructure, mobiles devices, reliance on
managed service providers, cloud applications, digital and
social media, and the resulting Big Data.
MetricStream is a market leader in Enterprise-wide
Governance, Risk, Compliance (GRC) and Quality Management
Solutions for global corporations. MetricStream solutions
are used by leading corporations such as UBS, Constellation
Energy, Pfizer, Philips, BAE Systems, SanDisk, Cummins and
Sonic Automotive in diverse industries such as Financial
Services, Healthcare, Life Sciences, Energy and Utilities,
Food, Retail, Government and Manufacturing to manage their
risk management, quality processes, regulatory and
industry-mandated compliance and corporate governance
initiatives, as well as several million compliance
professionals worldwide via the www.ComplianceOnline.com
portal. MetricStream is headquartered in Palo Alto,
California and can be reached at www.metricstream.com.
Mount Prospect, IL - Cyber Development Group International (“CDGI”) announces the launch of its third cloud based enterprise-computing center and dedicated workplace/operations recovery facility at its Mt. Prospect, IL campus. The new facility, Enterprise Cloud Computing Center 3 (“ECCC 3”), will deploy with SSAE 16 SOC1 and SCO2 in conjunction with PCI level-2 certifications. It contains Six (6) Tier 3 Enhanced HIPAA / PCI / ISO Certified Enterprise Data Centers (sized from 1,000 to 10,000 SF) with pre-built “just in time” 200%+ growth capability and a corresponding $3 Million uptime SLA.
The facility will house an NEC Corporation of America (NEC) disaster recovery facility and regional parts / service depot to launch the “Cloud in a Vault” Enterprise Computing Infrastructure as a Service solution.
“CDGI has an unprecedented track record of deploying state-of-the-art, enterprise-class computing facilities,” says Mike Mitsch, Vice President of the Enterprise Technology Group, NEC. “We are pleased to not only be working with CDGI to expand our mission critical computing infrastructure in North America, but to deliver the first fully integrated and virtualized server, storage, and networking architecture to the market under the ‘Cloud in a Vault’ infrastructure solution. Built upon NEC’s award winning ProgrammableFlow network infrastructure, CDGI and NEC are at the forefront of delivering the advantages of Software Defined Networking (SDN) to the hosting market - as a cloud service.”
CDGI’s CEO Jack Pressman adds, “NEC is a global giant in the premier infrastructure marketplace. Their commitment to our enterprise cloud-computing solutions allows CDGI to deploy absolute individual client platforms as dedicated PCI, HIPAA and ISO compliant Data Center-as-a-Cloud Service (“DCaaCS”) solutions.” Pressman continues, “CDGI’s partnership with NEC allows CDGI to deliver a true paradigm shift with respect to delivering enterprise data center solutions with direct pathways to support customer’s goals, transforming the enterprise processing platform to an absolutely true 100% dedicated ‘just in time’ ultra secure and compliant platform with ZERO capital expenditure.”
Fort Myers, Florida – Global freight bill advisor and processor Data2Logistics announces the successful completion of the American Institute of certified Public Accountants’ Statement on Standards for Attestation Engagements Number 16 (SOC 1 - SSAE No. 16) Type 2 examination. The examination scope was for Data2Logistics freight bill audit and payment services, conducted by BrightLine CPAs & Associates, Inc. Superseding the SAS 70 audit standard in mid-2011, SSAE 16 is an attestation standard that establishes the requirements and guidance for reporting on controls at a service organization relevant to user entities’ internal control over financial reporting. The controls addressed in SSAE 16 are those that a service organization implements to prevent, or detect and correct, errors or omissions in the information it provides to user entities. By engaging an independent CPA to examine and report on a service organization’s controls, service organizations can respond to meet the needs of their user entities and obtain an objective evaluation of the effectiveness of controls that address operations and compliance, as well as financial reporting at those user entities.
“We’re committed to operating our data centers and facilities at a level that meets or exceeds the highest industry and regulatory standards,” stated Gerry Burns, President and Chief Executive Officer, Data2Logistics.
Data2Logistics assists Global 1000, Fortune 1000 and SMB companies to reduce their shipping costs by providing an outsourced opportunity to efficiently process, audit account code and pay their freight at a significantly lower cost than internal processes, while also identifying more carrier overcharges than internal systems. The company provides actionable information to better manage and control transportation cost, and supports clients with their carrier bid preparation, benchmarking, proposal analysis and negotiation for all modes on a global basis. As a single source of information, Data2Logistics seeks to identify opportunities for savings, report the reasons for variances, and determine and report variances in trends and opportunities to make in modal shifts, consolidate shipments, improve carrier utilization and adjust shipment size, as well as monitor accessorial cost, and costs per kilometre/mile. Reviewing over $15 billion worth of freight bills from thousands of carriers annually, the company offers a single-source solution for all modes of freight.
For Data2Logistics services information, contact Harold Friedman, +1 609 577 3756 or firstname.lastname@example.org.
BOXBOROUGH, MA – Egenera, a pioneer in infrastructure management and automation, today announced the addition of PAN Cloud Director™ and PAN Domain Manager™ to its family of software products. PAN Cloud Director provides unique self-service cloud management, while PAN Domain Manager delivers scalability and support of mixed hardware environments. In addition to these new products, Egenera has also added new disaster recovery functionality and integrations with VMware Orchestrator to its flagship PAN Manager™ software.
PAN Cloud Director is a new self-service management portal that is the industry’s only cloud lifecycle automation product to support the consumption of applications running either in a native OS or virtual environment. The software provides increased flexibility and makes it simpler for service providers and businesses to manage and provision cloud services. The product gives users the ability to match IT services and configurations with resources that best fit the application requirements and end user budgets.
The product provides IT administrators with a powerful, easy to use interface for designing, tracking and billing for services. Using a role based structure, administrators and users can leverage PAN Cloud Director to quickly configure all aspects of a service, including pricing, margin, service levels and capacity. In line with Egenera’s commitment to openness, PAN Cloud Director supports all major hypervisors in addition to native servers.
PAN Cloud Director is fully integrated with PAN Manager so that organizations can bring reliability to cloud-based applications through PAN Manager’s high availability and disaster recovery automation functionality. In this way, PAN Cloud Director is aimed at data center administrators who need to provide end users with enterprise class cloud services that can be easily requested and consumed.
“Many IT organizations are seeking to implement Infrastructure as a Service to speed the provisioning process and to reduce the cost of service delivery,” said Donna Scott, VP and Distinguished Analyst, Gartner Research. “Key evaluation criteria include provisioning of both physical and virtual infrastructures, and avoiding lock-in to any one infrastructure vendor by enabling management across multi-vendor hardware. Moreover, increasingly customers seek to deploy mission critical applications as cloud services which require a focus on resiliency and disaster recovery.”
In conjunction with PAN Cloud Director, Egenera also introduced PAN Domain Manager software. PAN Domain Manger enables organizations to bring increased flexibility, scale and ease of use to their IT environments.
With PAN Domain Manager, Egenera continues to innovate in converged infrastructure management. In an industry first, PAN Domain Manager provides greater management flexibility and hardware choice by enabling converged infrastructures to consist of mixed hardware environments. This includes the ability to failover and perform full disaster recovery between blades from different server OEM’s.
In addition, PAN Domain Manager extends PAN Manager support up to 256 servers with 20Gb fabric throughput to each blade and an architecture allowing scaling beyond this in the future. The advanced storage management feature simplifies storage resource allocation through integration with industry and storage vendor technologies.
Finally, Egenera has provided some significant enhancements to PAN Manager, making it more efficient and cost effective to automate, manage and protect IT infrastructures. These include new granular many-to-one disaster recovery targeting as well as expanding its integration in the virtualization ecosystem with the availability of a VMware vCenter Orchestrator plug-in enabling access to PAN environments from VMware vDirector and vCloud.
“We are excited for the launch of PAN Cloud Director and PAN Domain Manager which bring greater simplicity, added flexibility and support for a diverse range of technologies to enterprises that are exploring the possibilities of cloud services,” said Scott Geng, senior vice president of engineering at Egenera. “PAN Cloud Director will provide our customers with increased flexibility and customization as they confidently move to the cloud, while the updates to PAN Manager come from consultation with IT administrators, who made it clear what they needed for the environments they manage.”
About EgeneraConverge. Unify. Simplify. That’s how Egenera brings confidence to computing. The company’s production-proven converged infrastructure data center solutions, powerful Egenera® PAN Manager® Software and professional services are trusted globally to deliver proven value through agility, reliability and availability. Egenera solutions and services guarantee wire-once, always-on, physical and virtual management across the data center with measurable savings. Headquartered in Boxborough, Mass., Egenera has thousands of production installations globally, including premier enterprise data centers, service providers and government agencies. For more information on the company, please visit www.egenera.com. Follow Egenera on Twitter, LinkedIn and Facebook.
SUMMIT, NJ - Hibernia Atlantic, a global and metro provider of diverse high bandwidth connectivity, announces today the expansion of its high performance, diverse network into Teledata, a leading, privately owned data center and hosting provider located in Manchester, UK. This network expansion offers Teledata’s clients immediate access to Hibernia’s high-speed connectivity and provides Hibernia connectivity to local and global networks colocated in Teledata’s facility.
Hibernia Atlantic’s 24,000-kilometer network provides simplified global reach to key cities throughout North America, UK, mainland Europe and Asia. Hibernia’s network features redundant self-healing rings within Europe that include Dublin, Manchester, London, Amsterdam, Paris and Frankfurt. With its new PoP at Teledata, Hibernia continues to increase its diverse routing options throughout the UK, as well as provide access to a growing marketplace in the Manchester area.
“This expansion introduces a new point of presence for Hibernia Atlantic in the Northwest region of the United Kingdom,” states Derek Bullock, Vice President of Global Infrastructure, of Hibernia Atlantic. “As a fast-growing region, our partnership with Teledata strengthens our coverage in supporting enterprises and service providers with robust options and quality support. Teledata is also on-net with local and regional data centres, which is ideal for sustainable, high demand, high availability network operations.”
Operating a 70,000 square foot carrier neutral facility housing two state-of-the-art data centers, Teledata is continually growing the range of services offered to improve scope, reach and enhanced commercial opportunities for Teledata clients. With the addition of Hibernia Atlantic to its roster of clients, Teledata clients now have international access via Southport and as such, can now further service a global client base.
“Teledata is constantly expanding our range of services to further enhance opportunities and advantages for our clients,” states Patrick France, Data Centre Manager of Teledata. “Partnering with Hibernia Atlantic at our Manchester facility ensures that we further deliver robust, resilient connectivity solutions, both locally and globally.”
To view Hibernia Atlantic’s network map or for more information, please visit www.hiberniaatlantic.com.
GREENSBORO, N.C., June 5, 2012 /PRNewswire/ -- Stanley, Hunt, DuPree & Rhine (SHDR), a BB&T Corporation (NYSE: BBT) benefits consulting firm, received an unqualified SSAE 16 Type II examination opinion for 2011 for its Flex Benefits Practice.
"The SSAE 16 Type II attestation is a meticulous approach to examining our processes and validates that SHDR has the safeguards and controls to process client transactions completely and accurately," said Phillip Floyd, president, SHDR. "The exam results reflect our continued commitment to high standards of client service quality."
PricewaterhouseCoopers LLP examines SHDR internal controls for its flexible spending accounts (FSA) and health reimbursement arrangements (HRA) services. The auditor's process involved an examination of SHDR's transaction processing and technology controls to process client transactions.
SSAE 16 is a standard developed by the American Institute of Certified Public Accountants (AICPA) to report on controls at organizations that provide services relevant to internal control for financial reporting.
About Stanley, Hunt, DuPree & Rhine
Stanley, Hunt, DuPree & Rhine is an employee benefits consulting firm and a division of BB&T. SHDR provides a wide range of consulting and administrative services, including actuarial, investment advisory, ESOP administration, nonqualified, HRAs, FSAs (healthcare/dependent care), Health Savings Accounts (HSA), COBRA administration services, and premium billing arrangements.
BB&T Corporation (NYSE: BBT) is one of the largest financial services holding companies in the U.S. with $174.8 billion in assets and market capitalization of $21.9 billion, as of March 31, 2012. Based in Winston-Salem, N.C., the company operates approximately 1,800 financial centers in 12 states and Washington, D.C., and offers a full range of consumer and commercial banking, securities brokerage, asset management, mortgage and insurance products and services. A Fortune 500 company, BB&T is consistently recognized for outstanding client satisfaction by J.D. Power and Associates, the U.S. Small Business Administration, Greenwich Associates and others. More information about BB&T and its full line of products and services is available at www.BBT.com.
ISO 22301:2012, Societal security – Business continuity management systems – Requirements, will help organizations, regardless of their size, location or activity, to be better prepared and more confident to handle disruption of any type.
Incidents can disrupt an organization at any time and applying ISO 22301 will ensure that organizations can respond and continue its operations. Incidents take many forms ranging from large scale natural disasters and acts of terror to technology-related accidents and environmental incidents. However, most incidents are small but can have a significant impact and that makes business continuity management relevant at all times.
This has led to a global awareness that organizations in the public and private sectors must know how to prepare for and respond to unexpected and disruptive incidents.
ISO 22301 provides a framework to plan, establish, implement, operate, monitor, review, maintain and continually improve a business continuity management system (BCMS). It is expected to help organizations protect against, prepare for, respond to, and recover when disruptive incidents arise.
Dr. Stefan Tangen, Secretary of the ISO technical committee that developed the new standard, states:
“Organizations implementing ISO 22301 will be able to demonstrate to legislators, regulators, customers, prospective customers and other interested parties that they are adhering to good practice in BCM.
“It may also be used within an organization to measure itself against good practice, and by auditors wishing to report to management.”
ISO 22301 will assist organizations in the design of a BCMS that is appropriate to its needs and meets its stakeholders’ requirements. These needs are shaped by legal, regulatory, organizational and industry factors, the organization's products and services, its size and structure, its processes, and its stakeholders.
Dave Austin, the project leader responsible for writing ISO 22301, explains: “To work well, ISO 22301 will need organizations to have thoroughly understood its requirements. Rather than being simply about a project or developing ‘a plan’, BCM is an ongoing management process requiring competent people working with appropriate support and structures that will perform when needed.”
ISO 22301 is the first standard published which is aligned with the new ISO format for writing management systems standards. This will ease understanding and ensure consistency with other management systems, such as ISO 9001 (quality management), ISO 14001 (environmental management) and ISO/IEC 27001 (information security management).
ISO 22301 may be used for third-party certification as well as for self assessment. To help users get the best out of the standard, it includes short and concise requirements describing the central elements of BCM.
Given the role of business continuity in every sector, ISO 22301 has a huge worldwide potential. So far, numerous countries have started to adopt ISO 22301, including Singapore and United Kingdom to replace their existing national standards. There is already interest from business worldwide who wish apply good practice and obtain certification against this standard. This attests to its vast potential user base and expected benefits.
ISO 22301 is part of a series of standards developed by ISO technical committee ISO/TC 223, Societal security. For example, an additional document is under development called ISO 22313 which is expected to be published early next year. This companion standard contains guidance for implementing the ISO 22301.
ISO 22301:2012, Societal security – Business continuity management systems – Requirements, is available from ISO national member institutes (see the complete list with contact details). It may also be obtained directly from the ISO Central Secretariat, price 116 Swiss francs respectively through the ISO Store or by contacting the Marketing, Communication & Information department.
Leveraging the User-Friendly Keylight GRC Platform, New Product Makes Effortless and Customized Business Continuity Planning Possible
OVERLAND PARK, Kan., June 5, 2012 – LockPath, a provider of innovative governance, risk and compliance (GRC) applications, today announced the launch of Business Continuity Manager. The tool, part of Keylight 2.4, the latest version of the company’s ground-breaking GRC platform, enables organizations to manage business continuity in a simple and effective way, empowering them to create unified business continuity strategies that will greatly minimize a disaster’s operational impact.
From hurricanes to security breaches, companies of all sizes need to ensure their essential business functions remain available should disaster strike. Leveraging the flexibility of the Keylight platform, LockPath’s Business Continuity Manager lets businesses painlessly create custom business continuity plans to prepare for the worst, manage the associated risks and minimize potential losses. Unlike traditional GRC tools, Business Continuity Manager provides common forms for business continuity right out of the box and lets customers use any standard web browser to quickly match Keylight to the company’s distinct business continuity processes and needs.
“Our clients face a growing number of risks to their businesses and with profits and reputations at stake, they simply cannot afford to have a knee-jerk reaction,” said Chris Goodwin, CTO, LockPath. “With LockPath’s Business Continuity Manager, organizations can put a comprehensive and customized plan in place and should disaster occur, can effortlessly pull together disparate resources and get to work on a swift recovery.”
Key Business Continuity Manager features:
- Business Impact Analysis: Through detailed analysis, users can easily organize complex information, determine the impacts of a loss, and prioritize the recovery function of multiple business components.
- Business Continuity Plans: Users can leverage pre-built forms, workflows and notifications to quickly build a business continuity plan or create a fully customized plan down to individual fields, field types, field visibility and forms.
- Teams and Contacts: The tool enables the appointment of a team leader, identification of a team of essential personnel, and definition of critical vendors so if a disaster occurs, users can immediately locate them and make contact.
- Tabletop Exercises: To ensure a plan will be effective, Business Continuity Manager supports exercises to test a plan against a simulated situation and collect valuable information about its application.
- Assessments: Users can launch business continuity plan assessments or tabletop exercises and create reports to gather valuable insight about the plan and its execution.
- Workflow: Custom workflows allow a simplified review of plans and exercises by appropriate experts across the organization. Users can create a custom set of stages that the document will be routed through based on certain criteria.
- Document Management: Users can easily export business continuity plan content with all supporting documents (Adobe PDF, Microsoft Word, Excel, PowerPoint or Visio files) into one comprehensive Adobe PDF document.
- Extensibility: Users can add lookup references to policies, controls and resources in other Keylight application records to enhance their organization’s ability to proactively prepare for and react to events.
Other enhancements in Keylight 2.4 include significant expansions to the Dynamic Content Framework (DCF) Tables such as:
- Detail View PDF Output: Users can now consolidate and export the content within a DCF table record to a PDF document from the Detail View, containing a customizable cover sheet and a table of contents.
- New Master/Detail Field: A new “master/detail” field type is now available that allows users to create a sub-record, referred to exclusively by the “parent” record within which the master/detail field is defined.
- New Matrix Field: A new “matrix” field type is also available that allows users to create multiple columns and rows to configure the field with the desired number of cells in the field’s matrix grid.
For more information on the Keylight platform or Business Continuity Manager, please download the datasheets or call 913-601-4800.
LockPath helps companies of all sizes address the increasingly complex issues of regulatory compliance and risk management. Its innovative software provides keen insight by correlating security information from multiple data sources with current regulations and policies to gauge risk. Easy to install and manage, the Keylight platform empowers people at every level in an organization to take control and make better business decisions. LockPath is headquartered in Kansas City. Please visit www.lockpath.com to learn more.