ICT Continuity

IBM and ActiveHealth utilise robustCloud Computing solution to deliver cost effect care

IBM (NYSE: IBM) and ActiveHealth Management, an Aetna (NYSE: AET) subsidiary, today unveiled a new cloud computing and clinical decision support solution that will enable medical practices, hospitals and states to change the way they deliver healthcare, providing better quality care at a lower cost.

IBM and ActiveHealth Management worked together to create the Collaborative Care Solution that gives physicians and patients access to the information they need to improve the overall quality of care, without the need to invest in new infrastructure.

US Futures Trading Commission looks to introduce new BCM/DR rules

Business Continuity Forum Support guidance 25999 standards 

The US Commodity Future Trading Commission is proposing to introduce new regulations affecting Business Continuity and Disaster Recovery, based on an expected standard for Designated Contract Markets and the associated Derivative Clearing Organisations. The CFTC has recommended that rule changes be put in place requiring both DCM’s and DCO’s to harden measures that aim to prevent wide scale disruption to Commodity trading arising from an event. 

Data Recovery ... value, options and action

When you think about your disaster recovery plan, does your tape backup system come to mind? Does the mere mention of disaster recovery make you a bit nervous? If so, you're not alone.

Many businesses risk grave losses due to failures and disasters yet continue to depend on their limited options provided tape backups to help them recover successfully should a major outage occur.

BC Management in an IT security landscape

 

A plethora of articles have explored the challenges of managing systems in a market downturn. The one common message is that information security professionals have to do more with less - to balance the rise in vulnerabilities and threat vectors with a fall in budget. Hence the increasing requirement to work smarter and develop holistic, sustainable approaches to information security management.

7/7 Phone network performance examined and explained

 

Following the explosions on the morning of 7th July hundreds of thousands of people used their mobile phones to contact their families and work colleagues. Mobile networks are designed to cope with significant peaks in volumes of calls, and a safety margin is also built in so that even major events do not overload the system. Call volumes on 7th July far exceeded normal levels, and the O2 network alone carried 67% more voice traffic in central London than normal, while text message volumes increased by 20% on the day across the whole country.

The O2 network was not damaged by the attacks and we took steps to manage the demand. The large number of calls did mean that there was network congestion in parts of London, but most customers were able to make calls after several attempts.

BSI BS25777 for ICT Continuity

BSI British Standard  BS 25777 for Information and Communications Technology continuity management.


Following on from the development of BS25999 BSI has announced a complimentary standard aimed at detailing good practice at the ICT level, BS25777 for ICT Continuity.

ICT continuity management, a key part of the overall business continuity management (BCM) process of an organization, ensures that ICT services are resilient and in the event of disaster, can be recovered within timescales agreed with senior management.

Power disruption to business rises by over 300 Percent

Survey shows Business disruptions due to power failure have increased more than 350 percent in just a year


Business continuity specialist SunGard Availability Services said an analysis of customer call-outs revealed that power failures had risen dramatically, accounting for 26 percent of disruptions last year. In 2005 the figure was just 7 percent.

The relatively high proportion of power failures in 2006 compared with the year before may be due to the fact that in 2005, more than a third of business disruption incidents (36 percent) were attributed to terrorism, with bombings in London happening in July that year.

IT managers need to think about the effects of Avian Flu too!

Gartner has warned IT managers to update their business continuity plans in light of a possible outbreak of bird flu.

The analyst firm's report, Key Steps to Prepare for a Possible Avian Influenza Pandemic, stated that IT managers should make plans to keep the business running in the event of an outbreak.

FIRE, COCKUP AND VIRUS CALAMITY VEX STORAGE MANAGERS

Fire, computer viruses and human error are viewed as the main threats to corporate data by European businesses, according to a survey by storage specialists Hitachi Data Systems. The latest edition of HDS’s bi-annual Storage Index reckons that low-tech 'old fashioned' threats pose the greatest risk of upsetting the operations of European corporates.

Computer passwords 'up for grabs'

Half of IT managers employed by large-sized companies believe it would be relatively easy to gain the core passwords for their computer systems.
That is the warning of a survey by IT security firm Cyber-Ark. It said that 10% of firms never changed their central administrative passwords.

A further 5% did not even bother altering the manufacturer's default password that came with the system.

Security by the numbers

The issue of security continues to be a major industry topic and understandably, especially as this is is one area of BCM that tends to have the highest profile . Many of the issues are closely linked to the increasing complexity and interoperability requirements of applications across a wide variety of Platforms. These problems are also compounded by the generally poor practices of many IT departments and internal users who continue to be a very weak link in the security chain.

Blackout Reports Highlights better Business Continuity measures needed

An investigative report issued by the U.S. and Canadian governments surrounding the worst power failure in U.S. history is shedding light on the importance of business continuity planning through findings that the electric-system catastrophe could have been prevented.

End User IT Disaster Recovery Lessons Learned in Katrina's Wake

Practical lessons from a user perspective


On August 29, 2005, Hurricane Katrina blew through New Orleans. With the hindsight of 18 months, here are some changes we implemented, and ideas we expanded based on our experience. We hope they help you develop your firm's disaster recovery/business continuity plans.

REVIEW AND UPDATE

It's critical to keep your DR/BC plan current and realistic. An outdated plan, or one that assumes the impossible, won't help you in real life. We now review our plan every six months, which helps us revise it to incorporate new technology or ideas. For example, if a new application is added to your network, someone should ensure that the data it produces is replicated, and that the application itself will be available remotely, and at your "hot site". Should this be overlooked at the time the new application is installed, the periodic review, if done properly, will catch the oversight and make the DR/BC plan accurate again.

DESIGNATE A REMOTE OFFICE

I can't say enough of the value in having a remote office ready to set up shop in after a disaster. Even if that office isn't large enough to accommodate the entire staff, it's a start and is better than nothing at all. After Katrina, our Baton Rouge branch office instantly became our main office.

Other firms that only had an office in New Orleans were still scrambling to find floor space while we were wrapping up our network restore. You can bet during a regional disaster like Katrina, available space will go very quickly. If you have multiple offices, designate one as the expected backup main office, and consider making it a hot site where you can continuously replicate your data. Be sure that the remote office is not so geographically close to your main office that it might be equally hit by calamity.

Alternatively, if your firm doesn't have a secondary office, consider a co-location arrangement with a vendor who has a data center within a few hundred miles of your main office, or close enough to drive to within a few hours. (Again, factor in possible regional events).

You might also consider a "mutual aid" partnership with another firm in a different region, obviously not a direct competitor, in the event of a major regional catastrophe. Don't forget to incorporate remote access tools into your hot site, especially if you think people will be dispersed and not all working at the hot site.

TEST, REVISE AND RE-TEST

Post-Katrina, we now schedule tests of our hot-site systems at least twice a year, tied to the beginning and end of hurricane season. Our goal is to ensure that we can duplicate network operations as closely as possible and according to our established plan.

It is important to realize that a hot site likely won't be an exact twin of your production network. It's important to have critical applications and data current and available; however, from our users' perspective there will be subtle, noncritical differences such as invalid printer names, and invalid shortcuts to programs that are not available. Document these differences well enough and incorporate back into your plan. This will ensure that when a real failover occurs, everyone involved will know what to expect.

Throughout the year, we also continuously perform data integrity tests of our replication software. While we have faith in the reliability of our replication system, and monitor its status, it's very easy to fire up the hot-site databases and perform a quick query to just be sure everything is in sync.

In fact, the software allows us to automate that process completely, all without ever stopping the real-time replication. You don't want to come to discover that your hot-site data is actually six months out of date.

PEOPLE AND COMMUNICATIONS

Do not forget about the most important component of your firm: the people.

The best technology won't be worth a dime without the human resources. After Katrina, many of our staff lost everything and were scattered throughout the region. Those who could make it to our Baton Rouge office did so as quickly as their situation allowed, while others were in other nearby cities.

In preparing your own disaster plan, most specific details regarding human resources can't be ironed out in advance. However, you can develop a protocol about what the firm will expect of employees and what employees can expect of the firm following a disaster, for example, how will the firm contact employees, and vice versa? Keep employee data updated and keep a printed hard copy offsite. Be sure your management team always has a copy. Also remember to include the contact list in any type of disaster "hotbox" you create.

Given the annual threat of hurricane evacuations, we went one step further and asked that employees also provide contact information about where they might evacuate (e.g., friends and family.) We now hold biannual meetings to remind empoyees about emergency procedures.

One specific thing we have done to help maintain communications during and immediately following a disaster is to establish service with a Web-based SMS (text-messaging) service.

Post-Katrina, Gulf Coast residents quickly discovered that though cellular service was nearly nonexistent, text messaging generally worked flawlessly. We will use this to broadcast vital information to employee cell phones via a simple Web interface.

RISKS AND PLAN

Understand your firm's specific threats and plan for those scenarios first. Although our firm is vulnerable to other disasters, being located in New Orleans (and having gone through Katrina) our disaster planning revolves around hurricane scenarios.

I would imagine folks on the West Coast would likely plan for earthquakes and wild fires. But also consider disasters that may only briefly interrupt your operations, such as a defective sprinker system, as well those that can potentially keep you out of your office for extended time, or completely destroy your main site. Each day when you leave your office, stop and think about what you would do if the next morning you discover the main office was completely destroyed.

In addition, it is your job to get a new office running by the end of the day, or sooner. Do you have servers? Do you have tapes? Do you have a disaster plan?

James Zeller is network manager at Chaffe McCall, in New Orleans, and won an honorable mention in the 2006 Law Technology News Awards' IT Director of the Year competition.

END

If you would like to know more about how your organisation can get involved and benefit from working with the Continuity Forum, please email us HERE! or call on + 44 (0) 208 993 1599. 

SMB Companies ignoring web site disaster recovery

Research suggests organisations could lose revenue & customers


Many mid-sized firms risk losing revenue and alienating customers because they do not have a disaster recovery plan in place for their web sites, according to new research from hosting specialist NetBenefit.

The survey of 100 UK IT directors found that a third did not have a disaster recovery plan in place. Of the firms that did, only 38 percent said they tested their plans more than once a year.

Utilities network under threat

Major power failure would leave gas & electricity companies in jeopardy


Most gas and electricity companies rely on commercial mobile phone networks that would stop working in the event of a major power failure. Public mobile networks have limited battery back-up which, once exhausted, would leave engineers working to restore vital utilities unable to communicate.

The situation is not a result of mismanagement on the part of either energy companies or mobile phone network operators, but exposes the need for a high-level overview of interdependencies in the UK utility sector.

Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...