Fall World 2016

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 29, Issue 3

Full Contents Now Available!

DRJ Blogs

This is some blog description about this site

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form
Recent blog posts

Posted by on in DRJ Blogs

By Sameer Sule

SANDY- if you live in the northeast you will not forget her name for a long time. Every CEO, business owner and home owner was holding his/her breath as Sandy blew over us. I know I was. My house is surrounded by trees and every time a 50 mph gust came, I was praying to the higher power that the branches held up. Unfortunately a tree on the adjoining street couldn’t hold up and came down, knocking the power out from our neighborhood for a day. We were the lucky ones! Others in the NY and NJ area weren’t so lucky. 

The damage to people, property and businesses in NY and NJ  is unimaginable.  According to early estimates over 100,000 homes and businesses were completely destroyed or severely damaged. Many business owners have lost everything and may never recover. All their life’s work gone in a blink of an eye.  My prayers go out to people who have been disastrously affected by Sandy. Could they have done more to protect their businesses? In some cases the answer is no; we are powerless in front of mother nature and despite our best preparations things can go real bad. But in many cases, I am sure business owners are cursing themselves for not being better prepared. Most businesses do not have disaster recovery plans in place. Simple things like backing up data in a secure place, having redundant power supply such as a portable generator are not in place.Taking these simple steps can mean the difference between business recovery or business death. 
Events like Hurricane Sandy remind us how close we get to losing everything. Its just a matter of luck that one business or home gets destroyed and another doesn’t. Yet many of us thank our stars and move on without really considering what we can do to protect our family, home and business in the event of a disaster. We live in an information age and our life is practically a collection of bytes. Apart from a few hard copies most of our information is now stored in electronic format. Now is the time for those of us lucky enough to escape unscathed from Sandy to take a look at what is important in our lives and take steps to safeguard it. Do we have all our important documents in a safe place? How about all our electronic data- our files, family pictures, legal information, financial information? Have they been backed up online and can we recover them easily afterwards?
Knowing that we can recover our critical data after a disaster will make the recovery process relatively easier. So unless your data is a cat with nine lives, Sandy just used up one. How many more lives does your data have?


Spring World 2013 Features Exclusive Senior Advanced Track

Senior practitioners are invited to attend our one-day track on Monday at Spring World 2013. This exclusive track, How To Achieve True Enterprise Resiliency, will feature General Session 3 in the morning (attended by everyone)and then a separate breakout track in the afternoon. The one-day track will conclude with an exclusive “Meet the Expert’ reception in the evening. There is no additional cost for this new track.

Reserve your space in this exclusive track! It is an excellent way to receive top information from some of the industry’s most experienced C-level+ executives. Learn from those who make the decisions and implement the programs! To find out qualification requirements, email patti@drj.com


Posted by on in DRJ Blogs

The issue I would like to think about this week is how, as business continuity people, we should approach big disasters and what should our attitude be to them. If we are affected by the incident, then our job is simple, we implement our business continuity plan and hopefully we recover our organisation successfully. If we are not affected by the disaster how should we approach it?


If we are an in house business continuity manager should we be using this as a good opportunity to re-engage with our senior managers and remind them of our existence? Should we also use it as an excuse to get all within the organisation to review their plans? As it is the end of the year should we also use this time as a good opportunity to put forward a case for increasing our business continuity budget for next year?


It's about time. Someone has admitted that DR/BCP writers have ignored the personal issues of employees following a disaster when creating business continuity plans, reviewing them, or just writing about them. Eric Krell wrote in Business Finance on November 6, 2012, an article entitled "Sandy Exposes the Human Side of Continuity." I was alerted to the article by Phil Rothstein. Perhaps for Mr. Krell, Sandy was HIS first exposure to the human side of continuity. I've been teaching a unit called "Take Care of Your People" with my colleague Deidrich Towne, Jr. at DRJ conferences since 1999. We have presented lessons learned from our real experience of "people" issues associated with disaster response.

People, including employees, have routines that must be followed daily. Examples are taking care of children, pets, elderly parents, and farm animals. If you were to review Maslow's hierarchy, you wouldn't find work or career in the list of critical, life-sustaining functions. Let me give you an example. When putting together a strike plan, management employees were assigned duties requiring they work 6 days, 12-hour shifts. I got a call from a woman who said she couldn't work that many hours in a week. I told her it was a "condition of employment" for management personnel. She responded, "Dr. Phelan, three months ago my husband and I adopted a child on the condition I would not work outside the home more than 35 hours per week. If I accept the strike assignment, I will lose my child." I called her boss and set up a job-sharing arrangement to cover the duty.

There are human considerations that "trump" reporting to work. These are escalated when disaster strikes.


In the months following Hurricane Katrina in 2005, businesses in southern Louisiana tried to get back to business as usual, but some of these businesses were gone for good.  Financial records, customer information, investor reports, and other electronic data was completely lost if it was stored locally on hard drives or external flash drives.  An important and very costly lesson was learned that year regarding the importance of data backup in the cloud

Fortunately, this time around many companies did rely on the cloud as a data backup/disaster recovery solution.  And, because of this, they were able to continue working off of Smartphones and laptops without a break in operations when Hurricane Sandy hit their offices.  With time, companies in the Northeast that were affected by Hurricane Sandy will start to pick up the pieces and get back on their feet.

Atlantic.Net is offering free cloud server hosting services to businesses that rely on data centers still experiencing issues due to the storm in order to allow businesses to get back on their feet until they can establish a more permanent solution for their business hosting needs.  Atlantic.Net’s world-class infrastructure allows for cloud servers to be provisioned in a matter of minutes, making business continuity possible and cold site disaster recovery a thing of the past.


Posted by on in DRJ Blogs

Despair. Anger. Frustration. Hopelessness. Sadness. Disappointment.

This is just a brief list of the emotions that folks impacted by Hurricane Sandy are feeling. It is impossible to understand what the citizens of the hard-hit areas are feeling. Many have lost everything - homes, belongings, businesses, and likely along with this - optimism.

While Hurricane Sandy occurred a little over a week ago, the east coast was blasted again today with a nor'easter. Normally a nor'easter does not garner much attention, but when people are still without power, heat, housing, gas, and jobs - the impact of such a storm only escalates.

Tagged in: hurricane sandy

Posted by on in DRJ Blogs

As you likely know, the team at Disaster Recovery Journal holds two conferences each year: DRJ Fall World and DRJ Spring World. DRJ is not alone in hosting, organizing, and managing these learning and networking opportunities. A quick search of the Internet reveals a range of conferences, workshops, and seminars focused on the issues of business continuity and disaster recovery.


Now of course - we’d like you to attend DRJ Fall World and DRJ Spring World - but we understand that there are only so many “conference dollars” available and you have to make smart decisions. 

Tagged in: DRJ Spring World

We have all heard the news that gasoline is in short supply along the east coast, especially in New York City, New Jersey and the shore of Connecticut. But why is gasoline selling at 19 cents lower per gallon in Upstate New York?

Refineries and distributors of petroleum products have a supply chain that demands they "move" product and accept new deliveries. With fewer sales along the east coast due to power outages, the supply on hand must go somewhere else. No one can purchase normal amounts of gasoline in the nation's most demanding market.

So, suppliers look for half-full tanks in outlets (gas stations) away from the coast. How far away, you ask. A FaceBook Friend yesterday told the story of driving from Poughkeepsie (75 miles north of NYC, up the Hudson River) to Red Hook (90 miles north of NYC) looking for a gas station that had gas. Yet, here in Central New York, gasoline has dropped from $4.04 per gallon to $3.85 per gallon. Why, because tanks in Central New York gas stations are taking the fuel that distributors can't sell along the coast. In order to make room for these deliveries, gas stations have lowered the price per gallon to sell more gasoline. The Federal Government kills two birds with one stone. They supply free fuel using military resources that are not electricity dependent, and they support the oil companies by purchasing the excess fuel the oil companies have no way to distribute.


Posted by on in DRJ Blogs

Well, in theory the worst of Hurricane Sandy is now over. But for hundreds of thousands of people, the destruction left behind is a large barrier to getting over the storm's destruction. With some people trying to get back to normal - battling traffic to get into Manhattan there are many many other people who are facing lost homes, missing belongings, the loss of businesses and many unanswered questions.

The East Coast is in the early days of realizing how much Sandy has really impacted folks. While some will be wringing their hands suggesting that people, government, and business should have been better prepared - there really are no clear cut answers. In coming days we will learn of communities, businesses, people and institutions that were prepared for such a disaster and we'll hear and read stories of those that weren't. Now is not a time for placing blame and pointing fingers - but rather a time to come together and support those that we can.

As we did earlier in the week, we've pulled together some links about Hurricane Sandy:

Tagged in: hurricane sandy

As Hurricane Sandy headed towards Manhattan earlier this week, data centers across New York tested their emergency systems and prepared for the hit.  However, for one ISP, this was simply not enough to prevent this freak storm from affecting their data center in lower Manhattan. 

Hurricane Sandy flooded the entire basement of Datagram’s data center on Monday, requiring it to be shut down to avoid infrastructure damage.  Luckily, many of Datagram’s clients already had backup and disaster recovery services with the company’s secondary location in Connecticut and were able to remain up during the storm because of the failover protection provided to them.  That's the good thing about cloud hosting - your data is never in just one location. One data center could undergo failure and your company data will remain completely safe. 

Hurricane Sandy has definitely taught the community a few lessons, but overall it has reinforced the notion that an effective, efficient disaster recovery plan is essential for every business that relies on stored data.  Cloud hosting is a great option for disaster recovery because it is flexible, reliable, and cost-effective.  Cloud hosting also facilitates very fast recovery times in the event of a disaster like Hurricane Sandy, as cloud servers can be spun up in minutes.

Tagged in: data center

Posted by on in DRJ Blogs

In Schoharie, New York, where over 200 homes were damaged by Hurricane Irene in 2011, the community is demonstrating resiliency today, Halloween, in the throes of Hurricane Sandy. With so many homes, streets, sidewalks, and other potential hazards due to flooding, the community celebrated Halloween with "Trunk or Treat." Several community residents bring their vehicles to a central parking lot, decorate their trunks, tailgates or hatch backs, and invite children to "Trunk or Treat" by stopping at each vehicle. Many homes were uninhabitable in 2011, and many still are. Without safe passage along debris-laden streets in the village, the idea provides a safe and enjoyable way for children to have fun on Halloween.

This is one terrific example of resiliency. Others observed this year are the e-mails sent by insurance companies and banks to customers who may have been impacted by Hurricane Sandy. My insurance agency sent me an e-mail with instructions on how to contact them and how to file a claim if damages occurred due to Hurricane Sandy. Banks have sent messages to customers indicating relaxation of due dates on credit cards if the customer loses access to either electronic or postal payments.

These examples of preparedness and response illustrate what FEMA is referring to in the Whole Community doctrine and what DRJ conference courses and articles have espoused for several years. We all need to participate in disaster preparedness, response and recovery.


Posted by on in DRJ Blogs

The majority of the east coast of the United States is dealing with the effects of Hurricane Sandy. Many folks are without power and worse still, people have died. To help you stay up-to-date with the latest  news and updates regarding Sandy, take a look at the links below.

Tagged in: hurricane sandy

Sometimes after you migrate your business data and applications to the cloud via cloud servers, it is easy to forget that data security is something that should be consistently monitored.  There are a few things to consider after your company’s migration to the cloud to ensure your data stays safe at all times. 


  1. Credentials:  Your username and password should be complex and unique for every service or site you use credentials for.  This way, if the credentials for one account get compromised, the rest of your accounts remain safe.  If you are worried that login information will be lost or forgotten, there are apps and software available to help with password management.  

  2. Be careful where you login:  Often times, users login from devices that are not their own, which could be saving login information through the web browser and therefore, jeopardizing the data’s security.

  3. Security Questions:  Avoid implementing security questions for your accounts that can be answered by simply conducting an online search.  For example, if the answer to your security question can easily be found on your Facebook, Twitter, or LinkedIn profile, choose a different question.

  4. Encryption:  Encryption software scrambles and codes your credentials so that they are harder to procure, which helps your data remain uncompromised.

  5. Anti-Virus and Anti-Spy Software:  All access to the cloud comes from your local system first.  Therefore, if your system is at risk, so is your data in the cloud.  Anti-virus/anti-spy software is important to keep out trespassers and to block unsafe sources that can download software and steal personal information from your computer. 


Tagged in: Cloud Hosting

Posted by on in DRJ Blogs

I just downloaded the updated Rules and Regulations spreadsheet... To say there is a lot of great content and information in this spreadsheet would be an understatement. This Rules and Regulations spreadsheet was compiled by a team of industry experts (all members of the DRJ EAB). 

The most recent update to this resource was in August 2012, and I thought it would be a good idea to write about different rules and regulations that you might not know about, have been recently amended or added or you might not fully understand. (Yes, this is me urging you to post comments about which rules and regulations you would like me to investigate and write about for you!) 

For the first look at the rules and regulations that impact everyone in the BC space, this post focuses on ISO 22301. 


Posted by on in DRJ Blogs

Recently, DR/BCP professionals have sent me inquiries about how to handle crisis management or crisis communication, especially during a DR event.  DR/BCP professionals may be highly involved in managing a data or system recovery and unable to devote attention to managing the entire crisis that may result. They need crisis management professionals on their team.  It wouldn't be practical to have a crisis management professional on each DR/BCP team, but it w0uld be an excellent time to partner with the corporate or organizational crisis management/crisis communication professional.

I've done Incident Management Team training for private sector organizations, sometimes at several of their critical facilities across the nation.  The Incident Command System (ICS) model provides a framework for integrating crisis management, crisis communication and DR/BCP operations when disaster strikes.  Most private sector organizations have found ICS to be extremely helpful and affordable if it has be tailored to their business and presented by consultants who understand both the private and public sector uses of ICS.  Private sector CEOs also see the benefit in being compatible with public emergency response organizations.

Crisis management is NOT DR/BCP.  It is a necessary subset.  In my experience, ICS can be taught from the bottom up, rather than the traditional top-down, command and control orientation.  I teach private sector Incident Management Teams that the key figure in response is the Operations Section Chief (the DR/BCP CIO or designee in the case of an IT emergency). This is the person and section that can "fix the problem," as Ed Devlin would say. All other ICS positions are there to support the Operations Section. I like the Incident Commander (ICS term) to be thought of as an "Incident Manager."


Posted by on in DRJ Blogs

The GAP in DR/BCP/EM Technology

Recently I attended a concert at my grandchildren’s school in a small, rural community in Upstate New York.  A small child in the row behind me was using what appeared to me to be a tablet computer. Amazed by the use of technology, even by very young children, I had thoughts of how widespread the use of sophisticated technology had become, even in remote areas.  There have been times when I felt government agencies and some businesses assumed the presence and use of technologies to be far greater than actual.  I challenged a DHS employee on the use of GIS and various mapping capabilities, stating that rural communities lacked such capabilities. He replied that his information was just the opposite, that the use of GIS and other mapping functions was very popular and widespread.

From my experience in rural counties, computing capacity is not as great as reported by the DHS.  This raises the question of capabilities of small and medium-sized businesses to use sophisticated systems often displayed in the DRJ exhibit hall and in articles about systems including rapid notification, GIS, and applications for emergency and business continuity planning and response.  Is preparedness as well equipped as we often assume?


It is clear to see why businesses put so much emphasis on backing up their data – they need their data to be secure so that their customers can rely on them.  Therefore, an effective disaster recovery plan is essential for every business that relies on stored data.  Furthermore, a successful disaster recovery solution requires additional resources identical to those used during daily operations.  

While there is a wide selection of disaster recovery solutions, cloud hosting provides the most flexibility and ease of use, while remaining cost-effective.  As opposed to purchasing two physical servers (one as your day-to-day server and the other as your backup), cloud servers provide the benefit of being able to easily create multiple servers in the cloud without needing to lease/own physical servers. 

In the same way that server redundancy provides failover protection for business continuity and disaster preparedness, cloud hosting provides increased stability and security, as well as improved scalability.  The redundancy delivers a backup for anything that may occur, such as a natural disaster or a security hack that comprises data.

Tagged in: Cloud Servers

The 1980’s Tylenol poisoning murders spurred panic, wide-spread fear, and perhaps the best-ever corporate response to a major public relations crisis. James E. Burke, then CEO of Tylenol-maker Johnson & Johnson, died on September 28 at the age of 87. He will be best known for his strong, decisive leadership and what has widely been recognized as a model of exceptional corporate crisis management. Fortune magazine named him one of history’s 10 greatest CEOs.

There are 5 truths we can learn from Mr. Burke’s handling of the poisoning disaster—lessons in the right way to handle a public relations nightmare.


A lesson we can take away from the recent severe weather and fires across the country is disasters can happen anytime, anywhere. No one can control where or when emergencies may happen but we can take steps in advance to prepare. Today, I am excited to announce a step towards better preparing local communities before disaster strikes – the 2012 Community Resilience Innovation Challenge.

This new opportunity is designed to assist local areas in building and revitalizing community-based partnerships through innovative initiatives and programs designed to advance the nation’s resilience to disasters. Funding levels range with a maximum of $35,000 and applications are open to all local, state, and tribal agencies and governments, business entities, associations, organizations and groups.

The Challenge program is supported by the Rockefeller Foundation and FEMA and will be administered by the Los Angeles Emergency Preparedness Foundation to encourage local communities to engage in creative activities that enhance disaster resilience. FEMA’s goal through the Community Resilience Innovation Challenge program is to emphasize the importance of planning and engaging the whole community, across all social sectors, to effectively respond to disasters.


Life as a BCM practitioner in any organisation can sometimes feel like you have been sentenced to solitary confinement. Often working in isolation and surrounded by your ‘adversaries’, it can be a lonely role as you struggle to embed BCM into your organisation and to win over some of your strongest critics. Coupled with the need to be a ‘jack of all trades’ that requires you to be knowledgeable, persuasive, inspirational, and highly-organised as well as a skilled facilitator, being a BCM practitioner can be a really tough job.

Just when you feel your energy levels dwindling and see your enthusiasm ebbing into the distance, along comes the BCM World Conference and Exhibition – the one that reaches the parts other conferences cannot reach, filling you with renewed energy and rekindling your passion for the discipline that is the love of your life.

The BCM World Conference reunites you with your allies, puts you alongside the ‘already convinced’ and ‘converted’ and offers you temporary release from your ivory towers, allowing you to dip into the cool pool of BCM and immerse yourself in a world where you feel safe and understood.