DRJ's Fall 2018

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 31, Issue 2

Full Contents Now Available!

DRJ Blogs

DRJ | The premiere resource for business continuity and disaster recovery

How to Plan for Ransomware in 2018

Originally posted on Rentsys Recovery Services' blog.

 

Heart monitors go off simultaneously. Doctors get error messages when trying to access patient records. Then all the computers in the facility go black. The following message appears in scrolling green text:

...
Continue reading
589 Hits
0 Comments

Your Cloud Backup Deployment To-Do List

Cloud is becoming more mainstream and many enterprises and small to mid-size businesses are profiting from its benefits. However, rushing in to cloud backup can lead to a troublesome situation.  There are several questions that need answers and numerous variables need to be considered before migrating.

Before choosing an efficient backup and disaster recovery plan, you need to evaluate on the following three basic variables:

  • Access Management

One of the biggest concerns pertaining to cloud based backup is who is capable of accessing the stored data? Access management is a big question and in light of a recent survey which stated that more than 60,000 sensitive files of the U.S government were publicly accessible; the concern is well founded. This is why it the first thing enterprises need to consider and evaluate on. There are numerous solutions being provided that can handle access management efficiently such as Amazon Macie.

...
Continue reading
536 Hits
0 Comments

Three 2018 Business Continuity Predictions

Originally posted on Rentsys Recovery Services' blog.

From hurricanes Harvey, Irma and Maria to the WannaCry ransomware attack, business continuity planners around the nation had several opportunities to put their plans to the test in 2017. In 2018, three words will influence business continuity planning: community, reputation and collaboration. Here are three of our predictions for the upcoming year.

The Increase in Billion-Dollar Weather Events Will Require Businesses to Focus on Community

The 2017 hurricane season proved to be the costliest one to date. Total property losses and economic impact from Harvey and Irma alone are expected to climb as high as $200 billion. The impact of California’s wildfire season isn’t much less — $180 billion — and even before December’s wildfires, 2017 has already made a record as the costliest and deadliest wildfire season in California’s history. According to predictions by Allianz, these billion-dollar disasters will be the new normal.

...
Continue reading
599 Hits
0 Comments

Leverage the holidays to refine your BCP

Leverage the holidays to refine your BCP

Demonstrating return on investment is one of the main barriers to launching a new Business Continuity Plan (BCP) project. Many organizations have difficulty justifying the expense of building a BCP and funding it’s maintenance over time. A healthy organization that has never experienced an interruption may focus on the real possibility of a zero ROI. If an organization is able to dodge the proverbial bullet, it’s true, the project may never yield much return. However, even in the case of extreme luck, there are three distinct ways that a BCP helps you with non-emergency operations in your organization.

1 – Holiday BCP

With the holiday season upon us, business closures can be a difficult puzzle to solve. Whether in the manufacturing or service sector, it can be tough to determine how to shutdown and restart the business. Add in the need to share these impacts both inside and outside of the organization and this task can seem enormous. Thankfully, a solid BCP will give you the information you need to make this happen. The BCP tells you which critical processes need the most attention; it includes instructions for internal and external communications; and it lists all critical vendors, suppliers and customers that may need special attention. The BCP acts as a manual of steps for a short term holiday closure. The New Year will ring in the return to operations-as-usual.

One important item to note is that using the BCP in such closures serves as a plan exercise. This will help identify any pitfalls in the plan and inform the next iteration. Exercises ensure your plan becomes an even more robust and useful resource.

...
Continue reading
275 Hits
0 Comments

7 Lessons Learned from Hurricanes Harvey & Irma

Written by: Kevin Hall, General Manager of Business Resilience, Resolver

Organizations without an adequate emergency management plan learned a hard lesson in late August and September of 2017. Hurricane season of 2017 showed its might, and while most businesses will never experience a single hurricane in their lifetime, some dealt with four hurricanes in almost as many weeks. Hurricanes Harvey, Irma, Maria and Nate were some of the strongest storms in recent history, causing significant damage and widespread devastation across the United States and Central America.

As Resolver provided counsel and solutions to our customers during these record setting storms, I wanted to share some insight that may help you prepare for future disasters.

...
Continue reading
950 Hits
0 Comments

Efficient Disaster Recovery as a Service

The future has been integrated to give utmost importance to business continuity. The various models of data protection and disaster recovery are starting to be prioritized as data generation is growing daily. In order to meet the data protection disaster recovery requirements now and in the future, storage is needed that is automated. Such storage will facilitate disaster recovery and data protection processes and testing, offload IT staff and enable the firms to better support DevOps needs and private cloud. An example of such storage is the efficient cloud storage provided by Microsoft Azure storage.

Technology and DRaaS: Efficiency and Reliability

Cloud service providers have to provide cost-efficient backup which is lined with maximum resource utilization for greatest performance. To offer disaster recovery as a service (DRaaS), however, the service provider may have to over provision storage to satisfy customer needs in case of a failure. Moreover, different demands of customers require a cloud storage service provider to provision different storage systems for each customer.

...
Continue reading
539 Hits
0 Comments

The Wizard comes to life!  Interactive tutorials help you get to know SHIELD

The Wizard comes to life!  Interactive tutorials help you get to know SHIELD

At KingsBridge we recognize that, while we use SHIELD every day and are very familiar with its layout, you have other competing priorities.  When you do have a chance to log in, you might need a couple of minutes to refresh your memory as to where to find everything.  Wouldn’t it be nice if there was something (or someone) who could lead you through the process?  In our ongoing effort to make BCP Simple and Straightforward, we’ve introduced the SHIELD Wizard!

If you’re also responsible for maintaining the business continuity program in your organization, you have added responsibilities!  In addition to maintaining the plan so it is ready in the event of an incident, you’re also responsible for making sure everyone else can access the plan.  Let the SHIELD Wizard take some of the load and step your teams through mundane things (like resetting their password).

The SHIELD Wizard is your Business Continuity Planning (BCP) assistant.  The Wizard is available 24/7 to make sure you (and your teams) get the simplest functions completed with the least amount of uncertainty possible.  If you are building/updating your plan and want to know how to upload your personnel data, just follow the Wizard.  Simply click on the blue question mark in the corner, select “Uploading Personnel to the Personnel Table” and follow the prompts.  Before you know it, your personnel table is up-to-date with no videos to watch or manuals to read.  The Wizard stepped you through the process and your task is done in seconds!

...
Continue reading
362 Hits
0 Comments

Social Media in Business Continuity

Social Media in Business Continuity

Social media is everywhere. It’s in coffee shops, at tourist attractions, even walking down the street. People are constantly cataloguing what is happening in their lives on social media with photos, news articles and trendy hashtags. And this is especially true when emergencies arise. Loved ones reach out, asking if they are ok. Photos still get taken, and sometimes the event is live-streamed as it occurs. With 2.06 billion Facebook users and 328 million Twitter users worldwide,* that’s a LOT of news going out! So what is the place of social media from a business continuity perspective? What should companies and employees be doing, and not doing, on social media during and after events?

Like most things, social media has pros and cons. This is especially true within the context of business continuity. As a reminder, business continuity and emergency response are not the same thing, but they also must work together to be successful. Allowing certain things to happen during an emergency may set an unwanted precedent for the business continuity response. So, let’s start with the cons.

 

...
Continue reading
749 Hits
0 Comments

Need Business Continuity Buy-in? Present It As a Tool for Business Growth

Originally published on Rentsys Recovery Services' blog.

Would you agree that in your organization, management views business continuity planning as a necessary hassle, much like filing taxes? It’s not going to build the business, but you need to do it. That’s one of the reasons business continuity owners constantly struggle to get management buy-in.

The key to getting management’s enthusiastic support for business continuity is to challenge a certain entrenched belief they have about business continuity. It’s mentioned in the previous paragraph, but you might have skimmed over it because it’s usually accepted as fact: Business continuity isn’t going to build the business.

...
Continue reading
339 Hits
0 Comments

Disaster Recovery in Microsoft Dynamics 365

Disaster Recovery in Microsoft Dynamics 365

When Amazon Web Services (AWS) stopped working earlier this year, the internet panicked. A while later, the company reported that the outage was caused by a typo. According to an estimate published by the Wall Street Journal, the outage which lasted for over three hours saw business corporations in the S&P index lose a whopping $150 million. What’s more, Apica Inc., a company that monitors websites reported that the $150 million typo also caused 100 websites of the top retailers online a performance slowdown of over 20%.

Events like this while rare, they remind everyone of the undisputed significance of disaster recovery. Without well laid out disaster recovery protocols, a failure on one side of the web can have devastating effects across the internet. For any enterprise, the greatest fear in the event of a disaster is the deleterious effect the outage has on its customers. This perhaps explains in part why customer relationship management (CRM) market has been on a steady growth path in recent years. According to Gartner, the CRM market is estimated to be worth $36 billion today.

A section of CRM industry watchers strongly believes that Microsoft Dynamics 365 is the future of customer service. Microsoft is investing heavily in the cloud, the clearest indicator that the multinational predicts considerable growth of its cloud business. Available statistics estimate that Microsoft Dynamics CRM market will be worth €1.1 billion (approximately $1.3 billion) by 2019. As this market grows, the demand for dynamics CRM consultants will rise and Microsoft Dynamics 365 features like disaster recovery could become the industry standard in customer service management, financial management, operations management, marketing, etc.

...
Continue reading
828 Hits
0 Comments

Increase your Business Continuity Profile

Increase your Business Continuity Profile

Business Continuity Profile

It’s one thing to have a business continuity plan, but it’s another to make sure your staff know about it.  Those involved in writing the plan and the core members of recovery teams are likely aware of the plan.  This is great, but what about everyone else in the organization?  When bad things happen, will the staff know the company has a plan in place?  Will they know they have a role? Will they know how to quickly (and easily) access the plan so they can assist in the recovery?  In short, once you have written the plan, you have to raise the business continuity profile to a level where everyone knows about it.

While it's great the say "raise the business continuity profile", but how do we do that without a time-consuming training initiative?  Here are 6 resource-light ways to elevate the business continuity profile in your organization:

Add BCP to new staff orientation

Most companies have some sort of orientation process for all new employees.  This is a perfect opportunity to share information about the business continuity plan and who to contact should they have follow-up questions.  This is the time to capture after-hours contact information, and emphasize the need to keep the information current.  Be sure that new employees know that this is how you will reach them after hours, if needed.  If they are reluctant to provide the information, ask them if they would prefer the company notify them that the office is closed, before they leave home, or after they arrive at the office in the morning.  This is often enough to convince them!

...
Continue reading
1067 Hits
0 Comments

Banks: What If You Made These Common Cybersecurity Mistakes With Cash?

Originally published on Rentsys Recovery Services' blog.

“Data is the new currency” is one of the new slogans of the digital transformation. Modern consumers recognize the value of their data, and 67 percent are willing to share more data with banks in exchange for new benefits. Surprisingly, banks don’t always afford sensitive data the same protections they do for physical currency. While PwC’s 2017 Risk in Review report reveals that the financial services industry has strong cyber risk maturity overall, there are a few common mistakes that could be leaving your institution vulnerable. To give you an idea of the gravity of these errors, think of your cybersecurity practices in terms of cash management and physical security.

Transmitting Unencrypted Data Is Like Sending Unsecured Bulk Cash Shipments

Would you ever transfer a bulk cash shipment to a major customer without using their armored carrier service? Not a chance. You know that that decision would not only be a liability for your institution, but it would also put your customer’s assets at risk and breach their trust.

...
Continue reading
386 Hits
0 Comments

Understanding the Concept of Cloud Backup and Replication

IT industry has evolved a lot in a couple of years.  Cloud is really starting to gain attraction and a lot of companies have already moved their solutions to cloud. When we talk about  Cloud Backup Amazon AWS and Microsoft Azure are the two great guns in the market and cloud connects to Amazon AWS and Microsoft Azure.

Cloud services for Backup and Replications

Cloud is quite a generic term, it can have a lot of more other services but among all of them backup is the most desired Service from the Clients. Stone Fly Clients can Backup their Virtual machines, they can recover Files but they also have the option available for replications and failover for the Customer’s Business Continuity.

Replication of Data can be very useful for their clients in case of disaster recovery, Although Customers can replicate their data in the private cloud only if they have 2 sites Available at a time, But alternate scenario could be that they can avail the opportunity of the Public Cloud from the Service Providers like Amazon AWS and Microsoft assure and cloud connect to Amazon AWS and cloud connect to Microsoft Azure. Service Providers have taken the time to Build Data centers put infrastructure inside of that and then manage those data centers and make it available to their Clients thus minimizing the overheads for the Customers.

...
Continue reading
493 Hits
0 Comments

Custom Business Impact Analysis Tool..? YES!

The Business Impact Analysis (BIA) phase of writing your business continuity plan can seem like a daunting task. With the varying needs of each business comes different requirements for the BIA. That’s why KingsBridgeBCP has done our research and asked you, our customers, what your needs are for completing a BIA. And now, recently released in Shield, is a complely custom Business Impact Analysis tool. Read on to learn more about this great new feature!

 

Shield Silver – Now Includes Threat Risk Assessment (TRA) and Business Impact Analysis (BIA)

Shield Silver users now have access to a standard Threat Risk Assessment (TRA) and Business Impact Analysis (BIA) tool in Shield. The TRA covers standard threats most businesses might face. It also includes a simple survey to complete each assessment. Best of all, it prioritizes your threats for you as you complete the surveys.

Shield Silver users also gain access to a standard BIA. You define your business processes for each team. Then for each process you define:

...
Continue reading
625 Hits
0 Comments

Active Directory and Single Sign On (SSO) in Business Continuity

Active Directory and Single Sign On (SSO) in Business Continuity

When we head to client sites, we listen for the key words Active Directory. This part of IT infrastructure can be a blessing for every day functionality. It can also fall apart dramatically during an incident. Before we get to the implications of what might happen if it goes down, let’s give a general explanation of what it is.

Active Directory

Active Directory (AD) is the place on the network where all of the user permissions are stored. For those end users out there who are not overly tech savvy, think of it like this. Every day you come to the office, boot up your computer, and enter a user name and password. When it opens to your home screen, you can see your email and your desktop, and the files you need to do your job.

Now think about how many people work at your company. Every person that comes to work has their own user name and password, so that when they log on to their computer they see their emails and desktops and files. In order to make sure that each person sees their emails and no one else’s, all of those user names and passwords need to be kept somewhere. AD is often where they are kept. And it automatically checks to make sure that the user name and password match, and the information the user (that’s you) sees is their own. Put in the wrong info, and it won’t let you in.

...
Continue reading
610 Hits
0 Comments

Never, say never… 

Never, say never… 

Previously we wrote about the fall-out from the Lac Megantic rail disaster – the deadliest Canadian rail disaster since 1867.  Many lessons were learned from the two-year investigation that followed.  While less catastrophic, the recent post-Hurricane Harvey Arkema plant explosion near Houston, Texas, will also reveal its own take-aways.

However, even without results from investigations into the Arkema explosions, these incidents deliver a critical lesson: ‘Never say never’.

The 'perfect storm' in Lac Megantic

At Lac Megantic, there were 18 factors that led to the rail disaster, taking 47 lives and devastating an entire town.  Each factor, considered in isolation, never would have predicted the disaster that resulted: a short-cut on an engine repair; a small engine fire; an improper brake test; insufficient brakes set; a train left unattended at the top of a hill.  While any one of these factors would have not created the disaster that resulted, unfortunately, for the community and the rail company, many of them collided on one fateful night.

...
Continue reading
384 Hits
0 Comments

3 Steps Prevention against Ransomware

3 Steps Prevention against Ransomware

Regrettably ransomware are becoming a regular occurrence. The stories of data loss, locked away data and critical operation disruption are real. With the General Data Protection Regulation (GDPR), applicable after 2018, companies are already addressing their backup and disaster recovery plans to ensure that they remain compliant with the data protection regulations. Regardless of compliance reasons, enterprises still need a reliable way of protecting themselves from ransomware.

The following three steps can prepare an enterprise to prevent the damage done by ransomware:

Step 1: Prepare

Preparation is of the utmost importance; something as grand a scale as moving to the cloud takes a great deal of it. It can be classified into these major segments: Training staff, employing security layers, removing outdated operating systems.

...
Continue reading
1529 Hits
0 Comments

BCP Headaches you can Avoid by Using Shield: Part 3

BCP Headaches you can Avoid by Using Shield: Part 3

Solve BCP Headaches

Welcome to the third and final installment of our series on how SHIELD can solve BCP headaches.  Last week we talked about how SHIELD helps the newcomer to business continuity get started on the plan development process.  This week we’re going to look at what challenges that come up after you finally have that plan written.

Updating contact information is so time consuming!  Isn’t there a better way?

Keeping contact information up to date is one of the most challenging and yet important parts of a business continuity plan.  Just keeping personnel information current is challenging enough but what about all those vendors you need to be able to reach out to if disaster strikes?  You don’t want to be editing information in two different places.

If you’re a SHIELD user there is a simple way of importing information from other data sources into SHIELD.  With an extract from your HR database or your vendor management system, Shield has import and merge functions that allow you to pull new information into SHIELD with just a few clicks.  No more editing row after row.  Simply choose your method of importing and SHIELD will do the work for you.

...
Continue reading
418 Hits
0 Comments

The Impact of Cyber Activity on Traditional Resiliency Programs

Traditional resiliency designs are most often predicated upon the ability to restore an IT environment to a point whereby the business can resume operations. Reducing the amount of down time, along with being able to minimize data loss (measured using Recovery Time and Recovery Point Objectives) are the keys to a successful resilience program.

These objectives have held up over time in defining the actual techniques required to resume the IT function in support of overarching business objectives. When applied to a full recovery at an enterprise level, this approach has proven sound and is acknowledged across the industry as the optimal way to design and implement a resiliency strategy and overall program.

Recent changes in the dynamics of a potential outage, primarily being driven by a growing set of threats in the form of cyber activity, have demanded a rethinking of how a response should be handled. More specifically, evolving threats are now focused on potentially smaller targets with greater levels of impact that can prevent a company from conducting business that look to damage or worse yet hold for ransom critical information within the firm. This increased level of compromise requires not only that an expedited response be in place but likewise necessitates that more complete, accurate, and protected systems and information be always available to immediately resume business processing.

...
Continue reading
2616 Hits
0 Comments

BCP Headaches You Can Avoid by Using Shield: Part 2

BCP Headaches You Can Avoid by Using Shield: Part 2

We hope you enjoyed last week’s blog post on how KingsBridge Shield can solve some of your Business Continuity Planning (BCP) information security headaches.  This week, part two of our series focuses on how Shield can cure the headaches of the BCP newbie.  Has management assigned you the responsibility of heading up the company’s BCP program but you don’t know where to begin?   At KingsBridge, our motto is Keep It Simple and Straightforward.  Our Shield software has everything the newcomer needs to resolve their BCP headaches.  Here are a few examples:

I’m brand new to this.  Starting BCP on the right foot.

Starting BCP can seem like a daunting task, knowing where to begin can be the hardest part.  Often senior management assigns business continuity plan development to an employee with no experience or resources to complete the job.

At KingsBridge, our Shield software takes that first step for you.  Out of the box, Shield comes with hundreds of pages of template content for every type of recovery team you can imagine.  We also have specialized templates for credit unions or for those who want to follow the FEMA format.  But that’s not all, the Shield content also includes recommendations for exercising and getting you started on your Business Continuity Management Program.  Shield doesn’t just house your plan, it writes a lot of it for you.

...
Continue reading
478 Hits
0 Comments