This is some blog description about this site
Today, Oct. 29 marks the one year anniversary of Hurricane Sandy. This was the most devastating storm of 2012 and the second most expensive in the history of the United States.
A quick online search reveals a range of opinions, facts and photography collections that tell the story of Hurricane Sandy. Lives were lost. Homes were destroyed. Livelihoods were crushed. People have started to recover - some areas of the Eastern Seaboard are in "better" condition than they were before the Superstorm Sandy hit.
With an influx of funding and support, many businesses, cities/towns and people have been able to rebuild and get back to life as they knew it. This returning to life as it was before the storm though, could just be the source of the problem....
Events near the end of October have a way of forcing me to choose among equally enticing prospects. Rather than attend this year's Executive Women's Forum in Scottsdale, I flew to Reno to help present the 2013 Hall of Fame Awards & Gala for the International Network of Women in Emergency Management and Homeland Security. The event is only three years old. I was honored and amazed to be inducted in 2011, along with Eleanor Roosevelt and Clara Barton. Last year's inductees were splendid. And this year, we kept the bar high.
Two distinguished Washingtonians were honored: Mary Schoenfeld, a pioneer in the field of emergency management and school crisis management. She's been in the field over 30 years and has written 5 books and countless articles. She is an inspiration to each of us. Here, she is pictured in the president of inWEM, Dr. Jacqueline McBride, who also hosted the evening's festivities.
Also honored in memoriam was Ben Dew from FEMA Region Xand prior to that, Washington State emergency management. He is the author of the strategy we now call "Neighbor Helping Neighbor." More than one person remembered him and his "Never give up" mantra during the evening.
And there were others who received awards that evening as well, including four of the women pictured below. Left to right: Judge Renee Cardwell Hughes (Red Cross), Cheryl (on behalf of Delta Sigma Theta), Fire Chief Toni B. Washington, Dr. Meloyde Batten-Mikens (2012 awardee), and Fire Chief Debra Prior.
Here's Mary Anne McKown, author/synthesizer extraordinaire for some of our finest national documents, including the National Response Plan, the National Response Framework, and the National Emergency Communications Plan. That's just a small taste of the work she began when she left Booz Allen become a government employee after 9/11.
Different stories for each of the awardees, but overall you could say that each of these women understands public service, the notion of giving back on behalf of something larger than yourself, and a keen desire to leave the world a better place.
During the shutdown, slowdown or whatever you call it, did you stop using your phone, sending emails or going to work? No. For the majority of us, the only thing that actually shut down was our goofy government and wonderful representatives (all of them). The fact is, the rest of the world just kept on working. We did not have a choice.
Funny thing. This living being that is “big data” kept growing while we continued feeding it with our day-to-day use of electronics. You used Facebook and the bank and everything else.
Here’s the real question. Did the IT departments of the banks and Facebook shutdown too? Did all the data protection solutions in play stop working because the government decided not to do its job? Again, the answer is no.
While the government stopped, the world added petabytes to the infrastructure we protect. It’s important to understand that protecting all of this data is not easy. As a matter of fact, it is impossible....
A disaster recovery plan protects a business's IT infrastructure and allows this infrastructure to recover quickly during a disaster. A recovery plan specifies the steps that a business needs to perform during a disaster and is typically kept in written form and in a secure environment. A DRP covers natural disasters such as hurricanes or earthquakes that physically damage the infrastructure or impair the ability of personnel to take appropriate action. It can also protect a business from man-made disasters such as acts of terrorism or equipment failures.
DRPs are becoming more common in business due to their increasing reliance on information technology. Government regulations for some business sectors also require businesses to maintain DRPs. For example, the regulatory body for financial institutions in the United States is the Federal Financial Institutions Examination Council. Credit Union Times provides tips for credit unions to comply with FFIEC guidelines, including an impact review, testing and analysis of the DRP. The Sarbanes-Oxley Act of 2002, or SOX 2002, also provides specific guidance for the DRPs of financial institutions....
This is my first post on the DRJ blog, I appreciate the invitation to contribute and hope the readers derive some value from my contributions.
My primary aim will be to promote, or at times provoke, discussion. So I am going to link together an “opinion piece” on the blog with a discussion on the DRJ LinkedIn group. Sometimes it might even start the other way around!
I often write from a different perspective than many commentators in the BC/DR industry. Like many of you I came to the industry via the IT sector and the Disaster Recovery discipline - that was back in 1986. Since then my path has diverged as I moved in and out of Business Continuity. I have been an Executive and manager - one of those people we lament that don't understand/support BC - so I often comment on BC from their perspective, and their needs....
By Andy Osborne, Consultancy Director at Acumen
It's fairly standard practice to hold some form of debrief at the end of an exercise or test, which is a very sensible thing to do. It helps to ensure that any issues and actions arising are captured and it's a good way to obtain feedback from the participants on how they thought things went. But some debriefs are a bit on the, well, brief side. Because it comes at the end of what can sometimes be a lengthy or challenging, sometimes stressful, session, it can be all too easy to make the debrief too brief. There can be a temptation to let people "get away" so that they can return to their day jobs. But the danger is that, once they do so, all the good stuff that the exercise teased out will be forgotten within a couple of weeks or, at best, vaguely remembered but not given the attention it deserves.
That's not to suggest that the debrief should be overly lengthy, just that sufficient time should be allowed to ensure that everything that needs to be captured is, so that a follow-up action plan can be agreed.
And, whilst it may seem like a bit of a luxury, it can be very beneficial to hold two debriefs - a "hot" debrief immediately after the exercise or test and a second, "cold" debrief a couple of weeks later, after the proverbial dust has settled. Go on, be honest, how brief are your debriefs? And how many do you do? If you don't already do so, why not give the double-debrief a try after your next exercise or test and see what the results are like?
Originally posted on Acumen's business continuity "Tip of the Month" page (www.acumen-bcp.co.uk/totm)
When did data protection get to be such a pain? We all know that data is growing quickly and that the types of data are constantly changing, but that doesn’t change the basics of storage management. The old rules still apply, leaving some IT professionals wondering what really has changed and how those changes affect their shop.
The old rules of thumb still hold true in this new age of data management. According to Wikipedia, a rule of thumb is a principle with broad application that is not intended to be strictly accurate or reliable for every situation....
By Stacy Gardner, Avalution Consulting
Originally posted on Avalution Consulting’s Blog
Why “Chicken Little” and “Black Swan” Planning is NOT the Way to Respond to Recent Catastrophic Events
It seems that every week there’s a story in the news about a catastrophic disaster happening somewhere in the world, as the last five to ten years have seen what appears to be unprecedented numbers of global natural disasters. While it sometimes might seem like the world is ending, overacting to these events or trying to plan for every worst case scenario is not productive and could DAMAGE your business continuity program. This article will discuss why focusing on these types of outlier events do not generate value or management interest, as well as discuss ways you CAN tweak your risk assessment and planning to ultimately gain more value without trying to tackle impossible planning standards....
In yesterday's operational risk seminar that I teach at the University of Washington, our guest speaker was UW seismologist and information scientist Bill Steele. In the first hour of class, he used a presentation he had recently made to state government on the development of an alert system that could mitigate certain types of public safety issues during an earthquake. I've seen parts of the presentation before, and was struck again by the message that is driven home: disaster preparedness reduces costs over the long run. And it may also reduce business interruption costs by as much as 20%. Despite these facts, we are a long way from having an effective earthquake alert system in this state that could provide up to 3 minutes of warning before we felt the shock; and that could also be used to stop trains and elevators, and alert schools so that children could drop, cover and hold.
In our seminar the previous week, I had talked about neuroscientist Tali Sharot's book, The Optimism Bias: A Tour of the Irrationally Positive Brain. For those of you who might be curious, I've included a link to her TED talk.
How does this optimism bias play into disaster preparedness at the personal level? You have only to listen to some of your under-prepared friends and neighbors -- "It will never happen in my lifetime" and/or "I know it's going to happen but I have plenty of time to put my emergency kit and plan together." Sharot calls this underestimating negative events....
When disaster – or a crises – strikes, organizations must be able to refer to a plan to help guide them through the tasks they need to consider executing to respond, restore and recover, systems and operations. All to often when a BCM / DR plan is pulled off the shelf or printed from a file, one ends up with a document that is huge in nature and breadth though rather slim and small in usable content.
This is because many organization put everything they can think of into their BCM/DR plans, which more times that naught, overshadows the actual content needed to be followed; the stuff that provides the detail on what to do. A BCM / DR plan should be action oriented not full of irrelevant information; irrelevant at the time of disaster, not irrelevant to the overall program.
I tend to follow a specific rule of thumb that says if there aren’t action items listed by Page 5, then it’s not an action oriented plan. It might address audit concerns, legal arguments and executive expectations but for the user – the one executing activities – it doesn’t address what they need and doesn’t provide it in a clear and concise manner....
To most people a crisis is bad and for the most part, they’d probably be right. However, an organization can do good things when they are hit with a crisis; some may even say there is an opportunity. The situation itself might be bad enough but it it’s not being managed correctly or communications aren’t approached in a positive way, the crisis can be compounded because the media and the public will think there are more things being hidden by the organization.
If it seems that an organization isn’t prepared – through its communications and response actions – the media and public may start to go ‘hunting’ for more information and uncover other details of the organization that the organization may not want released. Not that they are bad examples on their own but compounded with the existing crisis they will seem larger and could create another crisis or even escalate the existing one. The organization will then be fighting more than one crisis on its hands.
Below are some tips for how to communicate during a crisis; some do’s and don’ts and tips for ensuring good communications when speaking to the media and the general public.
1. Lawyers Aren’t the Face of the Organization – This is one of the biggest mistakes organizations make when communicating with the media and public; they let their lawyers do the talking. Lawyers are good at what they do don’t get me wrong, they just aren’t the ‘face’ of the organization. Often they will speak in terms that the public either don’t understand or don’t want to hear. The public wants to hear what the situation is and what the organization is going to do about the crisis, not the legalities it’s taking to find blame (which is what the lawyers will be trying to do to wither minimize or remove the burden off the shoulders of the organization).
2. Apologize and Show You Care – Be sincere and offer apologies. Don’t say you’re sorry and continue with a ‘but’ statement, as it just nullifies the apology and the public and media will know you really aren’t showing care of the parties involved or impacted by the crisis. It shows you’re trying to defend the organization rather than helping those impacted – or possibly injured – as a result of the situation. Apologizing with sincerity can soften the anger towards the organization and actually help bring people towards the organization by offering assistance. Apologizing also shows that the main concern of the organization is people, not money or shareholders, but people impacted by the situation....
It's time to celebrate - in 2014 at DRJ Spring World we're celebrating our 50th conference!! DRJ Spring World 2014 promises to be our best yet and you can be confident that we're looking forward to learning, growing and celebrating with you.
While it might seem early to start thinking about your 2014 conference plans - we couldn't disagree more. Now is the best time to get started with mapping out and deciding on your education, networking and learning opportunities for 2014.
Book your calendars for Orlando from March 30 to April 2. (And most of all, register before January 29 to take advantage of our early-bird pricing packages.)...
Nearly two weeks ago at 8:48 a.m. an OC Transpo bus collided with a Via Rail Train in the city of Ottawa, Ontario. Six people were killed and over thirty people were injured. These are the basic facts of this terrible collision. It will take months for Transportation Safety Board of Canada investigators to understand (as best they can) what might have caused the collision.
I live in Ottawa. This accident occurred a mere 1 mile from my house. I used to take a bus to work that crossed that very same level train crossing. It is so very hard to understand what happened and how this could have occurred. As can be expected, there was lots of speculation on what could have caused the crash - but the reality is we won't know anything for a very long time.
It seemed that myself and so many others learned of this crash before the local media... Yes, this is the age of Social Media after all. I received a Skype chat message just minutes after the crash that included a rather graphic photo of the bus. I quickly scoured Twitter trying to find out more - and then I went to the CBC.ca website (our national broadcaster) - but it took time for this website to be updated with any details about the collision. But the Twitter accounts for local Ottawa CBC reporters were beginning to become active and report news of the crash....
Data protection is important in today’s world, but at times people forget the simple steps that need to be taken to secure access to that data. As an afterthought, securing your data should be taken seriously. Below you will find six ways to secure your data and data protection solution.
Restrict access to clients
It may seem elementary, but securing the clients with a username and password is the first line of defense against hackers or people accessing your data who should not be. Adding a password to each laptop, server and workstation is not only important, but is also paramount when trying to secure your environment. There are different levels of passwords, and now systems even let you use patterns to secure access to clients.
Restrict access to the backup/archive client
In most data protection solutions there are also different levels of access. A client usually only has access to its own data. When installed, the data protection solution needs to be accessible only to the correct users with the correct credentials. In other words, if you sign-in to the system with different credentials, then the data protection application should not be available (or limited)....
Time flies when you're having fun and most of all - extremely busy!! Yes, it is that time - DRJ Fall World time. In less than a week, we'll be at the Hilton San Diego Bayfront getting ready to host and welcome you to DRJ Fall World.
To help you get the latest information on DRJ Fall World and to make sure you don't miss out on all the great sessions and activities planned for you in San Diego, take a look at these links:
- DRJ Fall World Schedule
- Hilton San Diego Bayfront
- Exhibitor Guide
- Baja Blue Hospitality Night
- Download the DRJ Fall World App
- DRJ Fall World Blog
- Pre and Post Conference Courses
As you will read, there is so much happening at DRJ Fall World - make sure you've got your schedule set and of course be sure to leave some room in your day for catching up with colleagues and visiting the exhibitor hall....
The very nature of Disaster recovery is kind of a morbid but necessary subject to talk about due to the nature of what it is. A crash kit is the box you will use in a true DR and will save your business from possible extinction or at the minimum weeks of lost revenue. The keyword here being DISASTER, imagine all your business falls into a sink hole, goes up in flames, torn away in tornado, terrorist attack, unstoppable computer worm, flash flood or any numerous type of natural disasters that leave you vulnerable and worse unrecoverable. Disaster recovery and business continuity planning provides a framework of interim measures to recover IT services following an emergency or system disruption.
With school back in session, now is the perfect time to address the issues facing those responsible for data protection in educational facilities. IT managers in educational institutions can drive up the cost of storage unnecessarily by treating all data the same and storing it all on the same media. Let’s face the fact; a child’s art is not as important as the transcript database or even the email database. So why are you using the same policy for both?
When looking for a data protection solution, find one that allows you to use policies to treat data differently. You need to treat data that is important as tier one data that gets backed up often and fast. Perhaps it stays on disk for fast restore....
In 2005, citizens of Southern Alberta were deeply impacted by what Environment Canada named the "top weather event of the year"... And yes, we're talking about heavy flooding that resulted in 14 municipalities declaring a state of emergency. Residents of Canmore, High River and Calgary were evacuated...
Sounds kind of similar doesn't it to the experiences of Southern Alberta citizens this past summer... In mid-June, the province and in particular the communities of Calgary, High River and Canmore were hit once again with severe flooding. Flooding that resulted in the closure of downtown Calgary, emergency evacuations of people from their homes, closure of businesses, deaths, and the complete loss of homes and businesses.
Now 60 days or so since the flooding hit Alberta, the province, communities and people are still struggling to pick up the pieces and get back to a normal life. Through out this ordeal there have been news reports and stories of tremendous community spirit - of people coming together to help one another in the clean-up efforts and of people who were not impacted by the floods opening their homes to those who were....