10 point checklist for disaster recovery

10 point checklist for disaster recovery

HR, Legal and Media Communications Disaster Recovery 10 Point Checklist

A list of 10 questions to rank how comprehensive your organization’s processes are around disaster recovery and business continuity plans.

  • Is there a consistent security, safety, and HR approach across all service areas and lines of business?
  • Is there a business continuity champion within
  • HR
  • Legal Department and
  • Media Communications
  • Do you regularly involve, brief, and train staff on the organization’s business continuity plans?
  • Is a Social Media channel established?
  • Has this been communicated to everyone with the enterprise?
  • Have pre-approved messages been written for each stage of the recovery process?
  • Do you have an enterprise information line or HR incident line?
  • Have your response plans considered duty of care and reputational implications?
  • Does your plan include cross-training of both in-house and out-house staff?
  • Do you have a detail organization chart with job descriptions, role definitions, and responsibilities for all major and minor participants during the recovery process?
  • Are responsibilities and succession planning defined in the plan?
  • Is it clear how communication with staff will be handled?
  • Does your plan cover common people-related impacts, such as unavailability of key players?
  • Do you review all enterprise policies to consider whether they will hold up during a crisis?
  • Have you considered how you will deal with staff with special needs requirements at any disaster recovery center or alternative site?
  • Is all staff contact data, including next of kin, current? Is it updated at least quarterly or when there are staff changes?
  • Do you have a process for locating staff to ensure that they are safe?
  • Have you reviewed your travel and purchasing policies to accommodate the need for flexibility during and after an incident?
  • Does your testing go beyond a regular disaster recovery – business continuity tests?
  • Do you have sufficient flexibility in contracts to deal with the need for change of location, extended working hours or other changes to working terms and conditions?
  • Do you have established methods for monitoring threats and receiving government advice, for example, for pandemics?

Scoring

Score one point for each area and sub-point covered in your plan. Deduct one point if it is absent and score zero if you don’t know! Ranking Matrix scoring table:

  • 0–15 points – Revisit your disaster recovery business continuity plan retest your plan on a quarterly basis.
  • 16–20 points – Work on improving your plans implementation and retest your plan on a semi-annual basis
  • 20+ points – Review and retest you plan at least on an annual basis

Read OnOrder Disaster PlanDisaster Plan Template

Top 10 States with the Highest Unemployment Rates

10 States Have Unemployment Rates over 9%

In the latest release of state unemployment rates there are 10 states which stand out because of their high levels. Included are states with large populations. This does not bode well since the number of jobs that need to be created in this states is very high. Included in this mix of states is California, New York, Illinois, New Jersey, and Michigan.

States With High Unemployment

These states are offset somewhat by 11 other states that have levels lower than 6%. That is not to say that 6% is an acceptable unemployment level, however if it were there for the rest of the nation we would be out of the recession

States With Low Unemployment

In this environment hiring can be a challenge. Background checking and work history references are difficult at best. The job interview remains key to assessing the candidate’s fit. The job interview remains the tool you can use to get to know your candidate on a more personal basis. The job interview process helps other employees “own” the new employee who joins your organization.

Order IT Job DescriptionsIT Job Descriptions

Restoration Point Objectives Defined

Maximum Tolerable Period of Disruption

CIOs, CSO’s, BC Managers constantly will work to improve their restoration point objective (RPO) and also recovery time objectives (RTO) by means of performing fast, non-disruptive backups, in addition to by performing data rescue. All comprehensive data safety solutions involve many criteria and contingencies.

Disaster Recovery Time Line

Here are examples of the things that can fail with your data as well as backup requirements that must be addressed:

  • Accidental or malicious removal of critical data – Requirement that provides enable you to quickly and easily get back individual files and folders.
  • Data that is displaced or corrupted over a period of time – Requirement to spin back individual records to renovate database corruptions. The ability to get back data from any previous moment in time, and have it as granular as is feasible.
  • A crashed disk – Requirement to recoup a disk volume takes a different approach than recovering a single file, but it really should be done just as promptly, and with automation to help keep operational disruptions to the minimum.
  • A server failure – Requirement to bring back operations when replacing a broken server may just be complicated by the desire to install different drivers within the new system if the hardware is not an exact match. It helps to get the capability to move the coating workload to a standby server (with completely different hardware) or virtual server while system is being exchanged or repaired.
  • A local or local disaster – Requirement as you lose an entire company to fire, flood, and other disaster, have a newly released copy of your important info in another location that is certainly outside the disaster area.
  • Remote offices and side branch offices – Requirement to undertake a process in place to with minimal technical assistance as remote and branch offices often would not have the luxury of experiencing an on-site technical resource to help you in backups and restores.
  • Resource-intensive backup processes – Requirement frequent and even continuous backup which is not resource-intensive.
  • Security breaches – Necessity to secure data. If moving data between internet websites, it needs to be protected from potential stability breaches. A breach involving data security, whether actual damage is complete or not, can be devastating towards your company’s reputation, as dozens of great enterprises and government agencies have found in recent years.

Read On…

Top 10 Selection Criteria for a Disaster Recovery Cloud Provider

Cloud disaster recovery business continuity

Cloud OutsourcingWhen looking for cloud providers of Disaster Recovery and Business Continuity Services you need to establish that they will be there when you need them. Each of these factors should be included in your selection process.

  1. Has the provider done this before and does he have a team in place the deals just with disaster recovery and business continuity
  2. How do other customers  conduct test of their disaster recovery business continuity plans
  3. How have other customers of your size activated their plans
  4. Is there sufficient capacity to handle multiple customers at the same time during an event
  5. How does the provider manage their capacity for computing, communication, and storage
  6. How is or will your remote access be achieved for your recovery processes
  7. What is their disaster recovery fail-over plan
  8. Data center(s) should be reviewed for security, location, redundancy and fire suppression
  9. Service level agreements need to be reviewed
  10. Staffing capabilities and availability needs to be reviewed.
Order Cloud Outsourcing Template    Sample Cloud Outsourcing Contract

10 steps to cloud disaster recovery planning

Many companies now are including cloud disaster recovery process in their business continuity plans.   Janco has found that disaster plans that include the cloud if done well will simplify and  improve the success of the recovery process.  Here are 10 things to have on your cloud DR checklist.

  • Have multiple providers and validate that the physical location of the providers is significantly different than you primary facilities – That being done, have ways to connect to the provider when your facility is unavailable to your companyPrimary applications that need to work immediately are:
  • E-Mail
  • Web sites
  • Telephones
  • Rank business application on importance — which ones and how soon they need to be available —  DR plan should initially include contingencies only for those applications absolutely needed to keep the company running based on length of the outage
  • Do not depend exclusively on electronic copies of software and data, maintain physical copies of critical applications and software – Do not forget about serial numbers and passwords without them you will not be able to operate.
  • Have clear definition and contracts in place before the event which state vendor’s DR capabilities and promises. Know what provisions it has for disaster recovery and fail-over – and what the promise times for service restoration are.
  • Test all mission-critical applications with vendors – Contracts and  DR guarantees are not enough, plan for at least an annual test of the entire DR and fail-over procedure — use the vendor’s data center as if it were your own.  Validate that your company will not be crowded out by a “more important” customer
  • Utilize the cloud’s strengths including on-demand availability for compute, storage, networking, and technical support resources. Pay only for what you use.
  • Leverage private cloud and tools with which you can quickly replicate operating systems and applications for purposes of DR and fail-over.
  • Include redundant communications channels –  in communications include multiple lines with a mix of data communication topologies to lessen your DR risk.
  • Plan cloud DR for separate geographies – most enterprises are in multiple geographies should have cloud and data center DR and fail-over strategies that enable easy transitions to alternate sites in different geographical locations if a major catastrophe strikes a particular area.
  • Have trained personnel and documentation at remote DR/fail-over sites – you want to have access to people who are knowledgeable in your systems at these sites so you can avoid flying people in.

 Order Disaster Plan TemplateDisaster Plan Sample

FBI Begins Big Brother Security Implementation — Lost of Privacy

FBI begins Big Brother Security implementation

In January of 2000 I wrote an article for PSR Reviews that forecast what was going to happen.  The part of that article is quoted below.

2OOO is Closer to 1984 Than You Think

Technology Eliminates Much Personal Privacy – A Police State Is Possible in the Name of Security!!

We have all heralded the dawn of the information age but at a significant cost of our personal privacy and security. Everywhere you look people are being wired up to the Internet and soon there will be no place that you can go that will be free of the technology. That is wonderful, right? We should all take a moment to think of the ramifications of this. With the invasion of Al Gore’s Internet invention, what is happening to our personal freedom?

We are in a position where technology can pinpoint our location, see what we are doing and  record it in such a way that we have no option but to provide an electronic trail that anyone can use in any way they desire as long as they have the will and the means.

Remember when members of the Reagan administration were surprised to find that the e-mail they had sent to the waste basket was not really deleted and was later used against them.

More recently, a few months ago there was a virus that spread around the world in what
seemed like an instant. Once it was stopped it took no longer than 48 hours for the government to find its origin and confiscate computers from the alleged culprit’s bedroom. That was great police work right? Yes it was, but what does it mean when a government or some misguided bureaucrat decides to use this technology for some other purpose. I do not want an “IRS agent” or competitor to have the ability to see
where I have been on the Internet.

Computers are wonderful tools when used for the right purposes. However, we are embarking on the next generation of evolution where computers can not only
calculate the right number but monitor everything using “fuzzy logic” programming to make some interesting conclusions.

Summary

What does all this mean? Well, first we have to ask ourselves do we really trust all of the people and agencies to do the right thing with that information? Next we need to know if all of the technology that we have in place is worth the potential intrusion into our privacy.

 

Business Continuity and Disaster Recovery Tips

Business Continuity and Disaster Recovery Tips

Business continuity requires that you are prepared to deal to with a disaster and is one of the only sure ways to survive when a event occurs. Critical factors that are:

  1. Have a backup of all critical data and system files is necessary for business continuity – Without this in place nothing you do will matter.  You have to include in the plane to have versions of application software available so that changes can be made.
  2. Have the ability to access the information remotely – You may not be able to get into your physical facility but if the servers are up in the facility or the data is in the cloud you can continue to do business.
  3. Have the ability to transfer existing phone numbers to a news location – VoIP makes this much easier if your phone service is hosted off-site.
  4. Host your company web site off-site with a professional ISP that has redundant sites. One less thing for you that you worry about.
  5. Host your e-mail service off-site so that you can continue to operate when you lose your facility.  It will not be enough for you to change DNS locations as that can take hours and e-mail will be lost.

 

Employee Tenure – Telecommunications workforce is aging

Employee Tenure – Telecommunications workforce is aging

The latest analysis of BLS data by Janco Associates and eJobDescription.com shows that employees in telecommunications are an aging population.

Employee Average Tenure
Telecommunications Workforce is aging and there are too few younger employees with sufficient experience to fill the required leadership positions.

As companies cut back the first thing they typically do is eliminate newer less experienced employees, then they cut back the middle layers of experience, and retain only the employees with the longest seniority and experience set.  This is exactly what has happened in the telecommunications market for IT Pros.

During the recession companies have continued to reduce the size of the workforce in telecommunication roles.  This has resulted in fewer employees and those in those roles are older.  In the long run this will be an issue as the economy turns around there will be too few “younger” employees who can take over the reigns as telecommunication demands increase.

 

Disaster Recovery High Risk Users

Disaster Recovery High Risk Users

There are three types of high risk users in disaster recovery and business continuity planning. They are:

  • People who do not “participate” actively and often avoid documenting their procedures and backup/recovery processes – When it comes time to activate a plan the process will not work because it is not documented and things will be left out.
  • People who never take a vacation or are the “sole” point of contact within a group because for whatever reason they are the only ones who know the big picture – In the recovery process you have to be working as productivity as possible and can not have a “single” person that is a choke point.
  • People who are the “heroes” who keep things running and are indispensable – when a recovery is occurring there are no hero there are only people who are doing their jobs.

Top 20 CIOs paid over $2 million in 2011

Top Paid CIOs

The top compensation for highest paid CIO is now $8.6 million and that is for Steve Sqaueri the CIO of American Express. From public filings at the SEC we have found that there at least 19 other CIOs who’s compensation exceeds $2 million.

CIO Compensation

Order Salary Survey    Free Salary Survey

IT Job Growth Slows, Though CIOs Anticipate Hiring Next Year

IT Job Growth Slows, Though CIOs Anticipate Hiring Next Year

Both the New York Times and Janco Associates have say that the job market is poor.

IT Job Market Trend Moving Average Workforce Participation Percentage

The workforce participation rate is the lowest that it has been since 1980.  If you look at real unemployment number the real unemployment level is close to 18%.

Disaster Planning – Business Continuity Cost of No Plan

Cost of no Plan

CIO and the organizations they manage need to place a high value on being prepared for disasters of any kind because the practical ramifications of failing to do so can be very high indeed:

  • Lost revenue: Even the loss of a single mission-critical service, such as e-mail or web connectivity, can cost some companies millions of dollars in revenue. Avoiding this downtime with a business continuity and disaster recovery plan in place is a clear benefit.
  • Customer confidence: When a company experiences an interruption in services or suffers a loss of data, customers can lose confidence in that firm’s viability in a crisis and its ability to meet their needs and protect their personal information.
  • Compliance penalties and fines: Government regulated businesses found to be in a state of noncompliance could be subjected to lawsuits, fines and penalties.
  • Staff confidence and effectiveness: As technology becomes an even greater part of business operations, users have come to rely more and more on services and technologies to do their jobs. When those services or technologies become unavailable, even for short periods of time, users suffer major productivity losses.
  • In addition to the direct costs of lost productivity, long-term damage can result in low staff morale and confidence in the organization, extending the monetary damages well into the future, even after services have been restored.

 

Disaster Planning – Business Continuity Tutorial.

Top 10 Disaster Recovery Best Practices

As requirements for avoiding downtime become increasingly stringent, administrators need tools and platforms that can help them plan, design, and implement disaster recovery strategies that can meet those needs.

  • Analyze where single points of failure are and plan for recovery
  • Keep Updated notification trees
  • Be aware of current events
  • Plan for worst-case scenarios
  • Clearly document recovery processes
  • Centralize disaster recovery – business continuity process documentation – Have a printed copy available
  • Create test plans and scripts
  • Retest regularly
  • Perform comprehensive recovery and business continuity test
  • Define metrics and create score cards

Read On…  https://www.e-janco.com/Articles/201108-Ten-Commandments-of-Disaster-Business-Continuity-Management.html

Top 10 Security Myths

Security Myths

Security Policies and Procedures and Audit Program

  1. Organizations are more secure now than they were a year ago
  2. The presence or absence of regulations greatly matters when it comes to protecting customer data
  3. External consultants know more about information protection than in-house personnel do
  4. Information protection must be managed as a separate business unit to be effective
  5. Complex, frequently changed passwords will make my enterprise secure
  6. The padlock icon present during an SSL session means my data is safe
  7. Migrating from Internet Explorer to Firefox or Chrome will make my enterprise secure
  8. Increased security spending results in greater security
  9. Wireless networks aren’t secure
  10. Dumping Windows for Linux will increase security

Read On…

IT Employment Up In a Soft Job Market

Between the first to second quarter of this year, the unemployment rate of computer hardware engineers went from 4.4% to 0.5%. For software developers, the unemployment rate shrank from 3.6% to 2.5% over the same period.

IT Employment Picture

However, for computer support specialists, the unemployment rate over the two quarters rose from 7.1% to 8.2%.

The entire job market in the US did increased by 96,000 jobs in August, but troubling was the fall in the labor market participation rate which fell another .2% to 63.5% with 368,000 dropping out of the labor force. Victor Janulaitis. The CEO of Janco Associates said, “The year to year comparison of workforce participation shows how deep a hole we are in. Until those percentages turn around there will be little hope for a strong recovery.”

IT Job Market Trend Moving Average Workforce Participation Percentage

Order Salary Survey Free Salary Survey