Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

DRJ Blogs

This is some blog description about this site

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form
Recent blog posts

When Was the Last Time You Practiced Your Plan?

Plenty of companies have some sort of emergency plan in place and even a few of those practice the plan on a regular basis with their employees. Yet, nearly 60 percent of American adults say they have never practiced what to do in a disaster at work, school, or home in the past year.

Even those companies who do have a plan in place often find their plan was completely insufficient in the event of an actual emergency. What is the problem? We all know it’s important but we mostly believe it won’t happen to us and if it did, we’d know what to do. That simply is not the case. As we’ve all been warned, “it’s not a matter of if; it’s a matter of when.”

Critical events come in all forms: fire, natural disasters, power outages, IT outages, hazardous chemical spills, terrorism, work and school shootings, hostage situations, bomb threats, and structural failures. Did I leave anything out? Likely so. I list these not to scare, but to illustrate how many things could go wrong and why it’s so critical to have an emergency notification system in place, practiced, and understood.

...

The digital manhunt for the suspect in the mid-September 2016 Chelsea district bombings in New York illustrates both the promise and challenges of advanced crisis communication and emergency alerting.

New York City, State, and Federal agencies investigating the attacks moved rapidly to reach out to the public, using a variety of means. The result was that almost anyone at risk had the possibility of receiving notification on how to protect themselves, and the public was successfully recruited to help find the perpetrator.

One of the methods used to alert the public immediately became controversial. An alert went out over the federal government's Wireless Emergency Alert (WEA) system, delivering a brief message listing the name of the suspect, his gender, and his age. Recipients were instructed to turn to other "media" for his picture, and call 911 if the suspect was seen.

...

Posted by on in DRJ Blogs

 

The development of modern cloud-based mobile applications has changed much of the IT landscape. New methods of application development (Agile & DevOps) have driven organizational change and brought IT to the forefront of new digital business models. Hyper-connected, massively distributed Cloud applications are also driving changes in traditional IT methods for business continuity and security - two primary functions missioned to manage IT risk.

Protecting information systems and ensuring their availability has been the province of the business continuity management (BCM) function. On the other hand, access control, privacy, and identity management have been handled by IT security. Historically separate, both functions play an important role in managing operational risk.  As cloud and mobile applications evolve several factors suggest the need for a new approach to manage IT risk:

...

Posted by on in DRJ Blogs

 

Do you have a first-hand experience with resilience management or business continuity that others can benefit from? Do you have insights into the future of business continuity? Have you tested and developed new methodologies for disaster recovery? Have you been directly involved in ensuring that your company has a tested and proven business continuity plan? Do you have key insights and experiences that you wish you didn’t have to learn the hard way?

 

...

Posted by on in DRJ Blogs

It hardly seems possible that fifteen years have passed since 9/11.  So much has changed, in particular our communications technology, nowhere better seen than in the Politco Magazine article that taps the recollections of those with President Bush on that day, titled “We’re the Only Plane in the Sky.” Though the fine line between security and surveillance in the name of counter-terrorism is tested regularly, information sharing among government agencies and the private sector has never been higher. Sometimes in fact I feel like we suffer from an over-abundance of information that is not properly sorted and weighted. 

Today is the fifteenth anniversary of 9/11 and the fifth time I have used a September column to reflect upon how well we have done with the recommendations of the 9/11 Commission Report. First, however, it should be noted that the government finally released the missing 20+ pages of the report, and both sides of Congress have passed a bill that would allow families of 9/11 victims to sue Saudi Arabian entities.  Though it would upend some aspects of international law, it is to be hoped that the president will sign the bill.  It’s clear now that there are thousands more pages of reports from government agencies that are still classified and that would shed further light on the situation, despite diplomatic complications that might ensue, especially since Saudi–financed Madrassa schools continue to train terrorists.

Though Congress passed legislation in 2002 that identified and consolidated 22 different agencies into the Department of Homeland Security (DHS), that department still has to appear and provide briefings to nearly 100 different Congressional committees.  Recent increased interest in cyber-terrorism has increased the amount of time the FBI spends in front of Congress, but not reduced the load of requests made of senior DHS officials, in part because DHS’s scope, which includes all forms of terrorism as well as natural disasters.  Isn’t it about time to streamline such reporting down to a reasonable number of  DHS committees in the House and Senate? 

...

KingsBridge Disaster Recovery announces its signature Shield software, a Business Continuity and Disaster Recovery Planning tool, has undergone a complete redevelopment and will be available to new users starting this month. Shield has always strived to make planning simple, but now The Plan Builder is taking it to the next level following more than a year of planning, development and testing while always keeping “faster", “easier", “intuitive" at the core of their design decisions.  The KingsBridge team is excited to release this new and improved product to build better recovery plans faster.  With the mantra of “The Plan Builder”, Shield 2.0 gives users the ability to build a first draft of the plan right out of the box saving precious time and resources. KingsBridge understands that many Business Continuity project managers have conflicting priorities and tight deadlines. To answer the call for an easy to use, easy to manage plan, Shield 2.0 has enhanced capabilities for managing data and documents with easier navigation. And users couldn’t be happier. Here is what customers have to say about Shield 2.0;

 

  • Ease of use; the application isn’t too complex allowing users to access it only once or twice a year without the need for retraining.

    ...

It doesn’t matter if you call it business continuity, organizational resilience, risk management, disaster recovery or continuity of operations, there are some important terms, every beginner needs to know to have a sustainable program.  Here is my take on some of these common BC terms.  Consider it a BC beginner’s cheat sheet!


THE BUSINESS CONTINUITY NEWBIE CHEAT SHEET

1. Business Impact Analysis

Define, measure & assess the financial, customer, regulatory and/or reputational impacts & determine an optimal Recovery Time Objective (RTO). You will most likely determine that the cost of not having organizational resilience is very high.

 

...

 

Firms have embraced the growing demand in dealing with a cyberattack, be it ransom or malware, a virus, or a Trojan horse.  Each of these with the intention of disrupting or destroying the very data, infrastructure, or networks that comprise the ability to transact business.  Much attention and focus has been placed on addressing this challenge as more complete, enterprise wide protection strategies are designed to fight against a potential disruption. 

 

...


Having a household swimming pool in the yard can set the scene for many fantastic summer memories. However, it is essential to keep in mind that pools are not all enjoyable and online games. There are numerous threats to having a swimming pool, but understanding them can assist avoid them.

To clean your swing set, you need to first spray it with a garden tube to obtain rid of collected dirt, leaves and even unclean water. You might need pressure cleaning concrete to obtain rid of persistent bird droppings; nevertheless, do so while making certain you do not damage the wood.

If you are like the majority of house owners, you just use your deck in the spring and summertime. Simply like the rest of your house, decks normally have to have a Spring-cleaning too. A cautious assessment of your deck's shape must be done prior to you use it every year. Try to find busted steps and loose boards or railings; make sure that all boards are protected. When the security issues are dealt with, seriously examine the overall look of your deck and figure out if it's time for a cleaning. If it's looking "cleaned out", and it hasn't been cleaned in a few years, then it's most likely time for some cash conserving maintenance.

...


Having a household swimming pool in the yard can set the scene for many fantastic summer memories. However, it is essential to keep in mind that pools are not all enjoyable and online games. There are numerous threats to having a swimming pool, but understanding them can assist avoid them.

To clean your swing set, you need to first spray it with a garden tube to obtain rid of collected dirt, leaves and even unclean water. You might need pressure cleaning concrete to obtain rid of persistent bird droppings; nevertheless, do so while making certain you do not damage the wood.

If you are like the majority of house owners, you just use your deck in the spring and summertime. Simply like the rest of your house, decks normally have to have a Spring-cleaning too. A cautious assessment of your deck's shape must be done prior to you use it every year. Try to find busted steps and loose boards or railings; make sure that all boards are protected. When the security issues are dealt with, seriously examine the overall look of your deck and figure out if it's time for a cleaning. If it's looking "cleaned out", and it hasn't been cleaned in a few years, then it's most likely time for some cash conserving maintenance.

...


Having a household swimming pool in the yard can set the scene for many fantastic summer memories. However, it is essential to keep in mind that pools are not all enjoyable and online games. There are numerous threats to having a swimming pool, but understanding them can assist avoid them.

To clean your swing set, you need to first spray it with a garden tube to obtain rid of collected dirt, leaves and even unclean water. You might need pressure cleaning concrete to obtain rid of persistent bird droppings; nevertheless, do so while making certain you do not damage the wood.

If you are like the majority of house owners, you just use your deck in the spring and summertime. Simply like the rest of your house, decks normally have to have a Spring-cleaning too. A cautious assessment of your deck's shape must be done prior to you use it every year. Try to find busted steps and loose boards or railings; make sure that all boards are protected. When the security issues are dealt with, seriously examine the overall look of your deck and figure out if it's time for a cleaning. If it's looking "cleaned out", and it hasn't been cleaned in a few years, then it's most likely time for some cash conserving maintenance.

...

Posted by on in DRJ Blogs

One of the best ways to get the most out of your DRJ Fall World 2016 experience is to attend our special post-conference courses. These courses are specifically chosen to allow you to build on the knowledge you gained during the first three days of the conference. 

 

Our post-conference courses include:

...

Posted by on in DRJ Blogs

We have some important news to tell you - our general sessions, breakout tracks and pre- and post-conference courses are filling up…. So this means you need to act fast and register so you can still get your first choices. 

 

DRJ Fall World 2016 features three days of general sessions and breakout tracks along with pre- and post-conference courses. In this blog post, we’ll take a closer look at our pre-conference course offerings.

...

Posted by on in DRJ Blogs

BCP on a Budget - Part I

You know you need a Business Continuity Plan but, like so many organizations, there’s no extra cash lying around to invest in the process. Sound familiar? In this two-part series, we provide you with a dozen tips and tricks to get started on your plan without breaking the bank.

  1. Talk to your insurance provider. Business continuity plans demonstrate that an organization is aware of risk and willing to mitigate it. Depending on your insurance provider, you may be able to negotiate a discount on your premiums if you present them with a copy of your plan.
  2. Check other budgets for extra cash. Business continuity impacts every aspect of a business so it can be argued that a little bit of budget from every department should go toward the development and maintenance of the plan. If you can negotiate a small slice from a number of budgets, you may find yourself with just enough to get your planning process off the ground.
  3. Talk to your sales department. Are customers asking for you to have a business continuity plan? This is becoming a common requirement and you may be losing business as a result. Check with your sales department to see if they’ve lost deals as a result of not having a plan to offer. Winning those deals may be enough to fund the planning process.
  4. Consider a software tool.Time is money and you can save time by creating and managing your plan in a software tool. KingsBridge Shield offers hundreds of pages of customizable templates and centralized databases to make your plan quick to write and easy to maintain.
  5. Negotiate payment plans with your vendor. Don’t have the cash upfront to pay for software? Negotiate monthly payment plans to reduce the impact on your cash flow. This can work for consulting work too. Sometimes investing a small amount in a few experts can save you a large amount time, and thus money, down the road.
  6. Leverage the near misses. If you already have a plan, use that weekend flood or small storage room fire as opportunities to review how your plan might have stood up if the small incident had been something bigger. If you don’t already have a plan, these near misses are great conversation starters. Capturing the ideas that are generated can be just what you need to start pulling a plan together.

Keep an eye out BCP on a Budget Part II for six more great tips to overcome a tight budget and get your plan started.

Need software to help manage your business continuity plan or maybe you need some help getting your plan written or exercised? We can help. Find out more at www.disasterrecovery.com.

...

Posted by on in DRJ Blogs

You understand what Cloud Computing is, right? You’re up-to-date on all the latest business trends. You could explain the basic categories to your boss, right? Well, here’s a pop quiz:

What’s the difference between a Public and Private Cloud?

...

Not to be overly dramatic, but while your spinning disk drives may not be dead, they’re not exactly alive either.  They are slow, always-hungry (for space, power, and cooling), and their tendency to moan, groan, and bite you at inconvenient times is downright bothersome. I just lost my third hard-disk drive (HDD) this year and it’s making me a bit salty.

Solid-state drives (SSDs) may not quite be plentiful enough to rid the world entirely of this necrotic menace, but they offer more than enough benefit for you to enlist them in the eternal quest to stay ahead of the pack:  

Speed:  No one will argue that the speed is better (at least I hope not).  Benching at an average of 900% faster, this is a no-brainer – pun intended.  No one actually says, “I will take HDD because I want my application to be slower.”  Oracle, for example, runs just over 9 times faster on SSD. 

...

Posted by on in DRJ Blogs

We’re gearing up for a fantastic 55th conference in Phoenix, Arizona. The entire DRJ team is busy behind-the-scenes making sure everything on our “to do” lists is done and that we’re ready for you from September 18 - 21.

 

To help you get prepared for DRJ Fall World 2016, we thought it would be useful to highlight sessions, breakout tracks, workshops and pre-/post-conference courses. We appreciate that the conference agenda is packed with information and it can be easy to miss reading about all of the offerings available. 

...

How mature is your organization when it comes to business continuity & organizational resilience? Does your Business Continuity Management (BCM) program crawl, walk or run? From self-governed to synergistic, we have identified 6 levels of BCM maturity that most companies fall into. What is your organization’s level? Here is our breakdown:


Levels 1-3 represent organizations that have not yet completed the necessary program basics needed to launch a sustainable enterprise Business Continuity Management (BCM) program.

Level 1 - Self-Governed: It’s every man (or woman) for him/herself!

Individual business units and departments are "on their own" to organize, implement, and self-govern their own business continuity or disaster recovery efforts. The state-of-preparedness for disruptive events is low across the organizational enterprise. The organization or individual departments reacts to disruptive events when they occur. There is no real planning involved: business continuity recovery if reactive vs. proactive.

...

Posted by on in DRJ Blogs

News travel fast. 

“Going to Africa. Hope I don’t get AIDS. Just kidding. I’m white!”

All it took was this one tweet from Justine Sacco, senior director of corporate communications at IAC to her then 170 Twitter followers. Within a matter of minutes, while she was asleep in the plane, Justine became the No.1 worldwide trend on Twitter – not for a good reason as you can imagine.

...

I walked into the hotel lobby at a client site a few weeks ago to get some tea and review my notes for the day’s meetings.  There was a businessman sitting at a table near the coffee stand, and he was clearly in the middle of an important phone conversation.  From what I could overhear (and he was not being quiet) he was talking with someone in his department (IT) at his head office.  It went something like this:

 

“Ok, so did you check all the hardware connections?”  pause  “No, that wouldn’t help.  You might have to shutdown and reboot.”  exasperated sigh  “Ok, well I’m in a hotel on the West coast so I can’t come in, but I’ll do what I can to walk you through the steps over the phone.”

...