Spring World 2018

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 30, Issue 3

Full Contents Now Available!

DRJ Blogs

DRJ | The premiere resource for business continuity and disaster recovery

Active Directory and Single Sign On (SSO) in Business Continuity

Active Directory and Single Sign On (SSO) in Business Continuity

When we head to client sites, we listen for the key words Active Directory. This part of IT infrastructure can be a blessing for every day functionality. It can also fall apart dramatically during an incident. Before we get to the implications of what might happen if it goes down, let’s give a general explanation of what it is.

Active Directory

Active Directory (AD) is the place on the network where all of the user permissions are stored. For those end users out there who are not overly tech savvy, think of it like this. Every day you come to the office, boot up your computer, and enter a user name and password. When it opens to your home screen, you can see your email and your desktop, and the files you need to do your job.

Now think about how many people work at your company. Every person that comes to work has their own user name and password, so that when they log on to their computer they see their emails and desktops and files. In order to make sure that each person sees their emails and no one else’s, all of those user names and passwords need to be kept somewhere. AD is often where they are kept. And it automatically checks to make sure that the user name and password match, and the information the user (that’s you) sees is their own. Put in the wrong info, and it won’t let you in.

...
Continue reading
33 Hits
0 Comments

Never, say never… 

Never, say never… 

Previously we wrote about the fall-out from the Lac Megantic rail disaster – the deadliest Canadian rail disaster since 1867.  Many lessons were learned from the two-year investigation that followed.  While less catastrophic, the recent post-Hurricane Harvey Arkema plant explosion near Houston, Texas, will also reveal its own take-aways.

However, even without results from investigations into the Arkema explosions, these incidents deliver a critical lesson: ‘Never say never’.

The 'perfect storm' in Lac Megantic

At Lac Megantic, there were 18 factors that led to the rail disaster, taking 47 lives and devastating an entire town.  Each factor, considered in isolation, never would have predicted the disaster that resulted: a short-cut on an engine repair; a small engine fire; an improper brake test; insufficient brakes set; a train left unattended at the top of a hill.  While any one of these factors would have not created the disaster that resulted, unfortunately, for the community and the rail company, many of them collided on one fateful night.

...
Continue reading
72 Hits
0 Comments

3 Steps Prevention against Ransomware

3 Steps Prevention against Ransomware

Regrettably ransomware are becoming a regular occurrence. The stories of data loss, locked away data and critical operation disruption are real. With the General Data Protection Regulation (GDPR), applicable after 2018, companies are already addressing their backup and disaster recovery plans to ensure that they remain compliant with the data protection regulations. Regardless of compliance reasons, enterprises still need a reliable way of protecting themselves from ransomware.

The following three steps can prepare an enterprise to prevent the damage done by ransomware:

Step 1: Prepare

Preparation is of the utmost importance; something as grand a scale as moving to the cloud takes a great deal of it. It can be classified into these major segments: Training staff, employing security layers, removing outdated operating systems.

...
Continue reading
639 Hits
0 Comments

BCP Headaches you can Avoid by Using Shield: Part 3

BCP Headaches you can Avoid by Using Shield: Part 3

Solve BCP Headaches

Welcome to the third and final installment of our series on how SHIELD can solve BCP headaches.  Last week we talked about how SHIELD helps the newcomer to business continuity get started on the plan development process.  This week we’re going to look at what challenges that come up after you finally have that plan written.

Updating contact information is so time consuming!  Isn’t there a better way?

Keeping contact information up to date is one of the most challenging and yet important parts of a business continuity plan.  Just keeping personnel information current is challenging enough but what about all those vendors you need to be able to reach out to if disaster strikes?  You don’t want to be editing information in two different places.

If you’re a SHIELD user there is a simple way of importing information from other data sources into SHIELD.  With an extract from your HR database or your vendor management system, Shield has import and merge functions that allow you to pull new information into SHIELD with just a few clicks.  No more editing row after row.  Simply choose your method of importing and SHIELD will do the work for you.

...
Continue reading
120 Hits
0 Comments

The Impact of Cyber Activity on Traditional Resiliency Programs

Traditional resiliency designs are most often predicated upon the ability to restore an IT environment to a point whereby the business can resume operations. Reducing the amount of down time, along with being able to minimize data loss (measured using Recovery Time and Recovery Point Objectives) are the keys to a successful resilience program.

These objectives have held up over time in defining the actual techniques required to resume the IT function in support of overarching business objectives. When applied to a full recovery at an enterprise level, this approach has proven sound and is acknowledged across the industry as the optimal way to design and implement a resiliency strategy and overall program.

Recent changes in the dynamics of a potential outage, primarily being driven by a growing set of threats in the form of cyber activity, have demanded a rethinking of how a response should be handled. More specifically, evolving threats are now focused on potentially smaller targets with greater levels of impact that can prevent a company from conducting business that look to damage or worse yet hold for ransom critical information within the firm. This increased level of compromise requires not only that an expedited response be in place but likewise necessitates that more complete, accurate, and protected systems and information be always available to immediately resume business processing.

...
Continue reading
1819 Hits
0 Comments