Disaster Recovery Journal

It is clear to see why businesses put so much emphasis on backing up their data – they need their data to be secure so that their customers can rely on them.  Therefore, an effective disaster recovery plan is essential for every business that relies on stored data.  Furthermore, a successful disaster recovery solution requires additional resources identical to those used during daily operations.  

While there is a wide selection of disaster recovery solutions, cloud hosting provides the most flexibility and ease of use, while remaining cost-effective.  As opposed to purchasing two physical servers (one as your day-to-day server and the other as your backup), cloud servers provide the benefit of being able to easily create multiple servers in the cloud without needing to lease/own physical servers. 

The 1980’s Tylenol poisoning murders spurred panic, wide-spread fear, and perhaps the best-ever corporate response to a major public relations crisis. James E. Burke, then CEO of Tylenol-maker Johnson & Johnson, died on September 28 at the age of 87. He will be best known for his strong, decisive leadership and what has widely been recognized as a model of exceptional corporate crisis management. Fortune magazine named him one of history’s 10 greatest CEOs.

A lesson we can take away from the recent severe weather and fires across the country is disasters can happen anytime, anywhere. No one can control where or when emergencies may happen but we can take steps in advance to prepare. Today, I am excited to announce a step towards better preparing local communities before disaster strikes – the 2012 Community Resilience Innovation Challenge.

This new opportunity is designed to assist local areas in building and revitalizing community-based partnerships through innovative initiatives and programs designed to advance the nation’s resilience to disasters. Funding levels range with a maximum of $35,000 and applications are open to all local, state, and tribal agencies and governments, business entities, associations, organizations and groups.

Life as a BCM practitioner in any organisation can sometimes feel like you have been sentenced to solitary confinement. Often working in isolation and surrounded by your ‘adversaries’, it can be a lonely role as you struggle to embed BCM into your organisation and to win over some of your strongest critics. Coupled with the need to be a ‘jack of all trades’ that requires you to be knowledgeable, persuasive, inspirational, and highly-organised as well as a skilled facilitator, being a BCM practitioner can be a really tough job.

Just when you feel your energy levels dwindling and see your enthusiasm ebbing into the distance, along comes the BCM World Conference and Exhibition – the one that reaches the parts other conferences cannot reach, filling you with renewed energy and rekindling your passion for the discipline that is the love of your life.

In 1996, the Health Insurance Portability and Accountability Act (HIPAA) was enacted to help address concerns regarding health care data security and privacy.  As part of the administrative safeguards of this act, health care facilities are responsible for backing up their data and having a disaster recovery plan in place for responding to emergencies. 

In general, health care facilities are responsible for maintaining the availability, integrity, and confidentiality of their patients’ Protected Health Information (PHI).  If a patient arrives in the Emergency Room in the middle of the night, the physician needs to be able to access the patient’s electronic health records quickly so that they can address their needs effectively. 

After every conference I undoubtedly get a variation of the same question, "How was the show? How was the attendance?" And every year I give the same response...... "Show was great. Wish the attendance was a bit higher." I think we all know that BCP and DR are some of the first casualties of budget cuts. Well, conference privileges get cut before BCP and DR. As we go into budget season for most organizations I suggest you fight a bit harder to attend local and national conferences. Sure we all benefit from the content and keeping up with the latest technology but one of the most under-valued benefits of attending conferences is the networking that just happens. Networking doesn't just happen in the sessions or at the vendor exhibits. It can certainly also happen at the bar, or at the Gym, or while checking out the local surroundings. This networking is very hard to report back on, but I believe in this virtual world we live in now that one hand shake at a conference can create an everlasting relationship..... For the record this blog is purely the opinion of Fairchild Consulting and the Arnold's had nothing to do with influencing this blog ;o)

It is extremely important for businesses to have a Disaster Recovery (DR) plan in place for situations where downtime or data loss may affect the business’ ability to continue operating smoothly and effectively.  To protect your data, it is essential that you know what you’ve got, understand what’s at risk, and then create a Disaster Recovery plan to keep risk at a minimum.

Disaster Recovery ties directly into business continuity because with so many businesses relying on their websites and/or the Internet in general, the loss of data could greatly affect their revenue.  The reality is that if your information system is taken down due to a flood, malware, hack attack, etc., you have both a business continuity and disaster recovery issue on your hands.

I was first given responsibility for disaster recovery planning in 1985 while working at, what was then known as, Bank of Virginia in Richmond, VA. We were a UNISYS shop and had a mainframe recovery subscription with a company whose name I no longer remember that had a UNISYS recovery facility in Warminster, PA. I have been working in the fields of disaster recovery, business continuity, emergency response and crisis management, in a corporate management or consulting capacity ever since. You do the math to determine how many years’ experience that equates to – I am not sure I want to!

But, even after all those years, I am still learning new things, new techniques, better solutions, better methodologies, etc., each and every day. And, through conferences such as the just completed 2012 DRJ Fall World, I accelerate that learning process and I meet more and more people that help me grow and learn along the way.

By Brian Zawada & Jacque Rupert, Avalution Consulting
Article originally posted on Avalution Consulting’s Blog

The introduction of ISO 22301 (Societal security – Requirements – Business continuity management system) more closely aligns business continuity to the broader risk management discipline. A major contributor to this alignment is the standard’s requirement to understand the organization’s “risk appetite” (a term not used in BS 25999). 

I wish I could tell you that my summer was spent vacationing in some exotic location without internet access; or I was deep in remote third world countries performing humanitarian work for international charities; or that I won the lottery and was out spending my new found fortunes ­ ­­- but, I can’t.  Instead, being a consultant who has to work when the work is available, I spent my summer busy with delivering client projects.

For me, that is a hopeful sign.  This bares hope of a sign that the economy is picking up and companies are now able to support projects, such as business continuity planning, that are often deemed deferrable during down-times.  This bares hope that budgets are starting to allow for monies to invest in consulting assistance for projects, such as disaster recovery planning, where the in-house expertise is lacking.  And, this bares hope that companies are starting to put more emphasis on and giving more attention to business continuity planning and related topics.