Contingency Planning for Your Business - PowerPoint PPT Presentation

Loading...

PPT – Contingency Planning for Your Business PowerPoint presentation | free to view - id: 1d10bf-ZDc1Z



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Contingency Planning for Your Business

Description:

Contingency Planning for Your Business – PowerPoint PPT presentation

Number of Views:33
Avg rating:3.0/5.0
Slides: 68
Provided by: AKS5
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Contingency Planning for Your Business


1
Contingency Planning for Your Business
August 12th 2009
Presented to
Government Procurement Conference 2009
Presented by
Alton Smith Director of Technology
2
About Me
  • Director of Technology (Crystal Connections)
  • Sr. Systems Engineer Global Systems Integration
    (Cisco Systems)
  • Practice Consultant (Unisys Corporation)
  • Sr. Systems Engineer (Hypercom Communications)
  • Sr. Network Engineer (American Airlines
    SabreNet)
  • Manager Voice Data Networks (Overhead Door
    Corporation)

3
Agenda
  • Business Contingency Planning
  • Disaster Recovery Planning
  • Vital Statistics
  • Data backup scenarios
  • QA

4
Planning is critical
  • Business Contingency
  • Business Contingency describes the processes and
    procedures an organization puts in place to
    ensure that essential functions can continue
    during and after a disaster. Business Contingency
    planning seeks to prevent interruption of
    mission-critical services, and to reestablish
    full functioning as swiftly and smoothly as
    possible.

5
Things to consider in your plan
  • Business Contingency Process
  • Risk Management
  • Business Impact Analysis
  • BC Strategy Development
  • BC Plan Development
  • BC Plan Testing
  • BC Plan Implementation/Maintenance

6
Statistics
The survey found that 36 percent of IT
departments changed their backup and restore
procedures and disaster recovery planning efforts
post 9/11. The most common changes include
establishing regular testing procedures (56) and
moving data backup offsite (43). However, at
least 30 percent of companies surveyed still
operate without a formal disaster recovery
plan.11
7
Are You Prepared?
8
Where do you start?
9
Where do you start?
  • We have to take a couple of steps back to get an
    adequate idea of where to start
  • A backup strategy is part of your Disaster
    Recovery (DR) plan.
  • Disaster Recovery is concerned with the recovery
    of computer assets that include servers,
    computers, data, networks infrastructure, and
    other computer related assets.
  • A DR plan is part of your Business Contingency
    (BC) plan.

10
Where do you start?
  • Business Contingency
  • Business Contingency describes the processes and
    procedures an organization puts in place to
    ensure that essential functions can continue
    during and after a disaster. Business Contingency
    planning seeks to prevent interruption of
    mission-critical services, and to reestablish
    full functioning as swiftly and smoothly as
    possible.

11
 Where do you start?
  • Business Contingency Process
  • Risk Management
  • Business Impact Analysis
  • BC Strategy Development
  • BC Plan Development
  • BC Plan Testing
  • BC Plan Implementation/Maintenance

12
Where do you start?
  • Risk Management
  • Risk management is a preventative approach or
    method to proactively assess and selectively
    control risk factors that can otherwise lead to
    injuries, loss of life, business interruptions,
    legal consequences, or financial losses. The goal
    is to assess the risk to Business Contingency in
    terms of a possibility of a disaster, potential
    disaster impacts and then to assess the risk and
    then to ultimately control the risk.

13
 Where do you start?
  • Business Impact Analysis (BIA)
  • This involves the analysis of the potential
    operational and financial impact to business from
    an unexpected disaster or a disruptive event in
    order to identify mission-critical business
    functions and processes (facilities, personnel,
    IT, product/service operations, and financial
    administration). The goal is to not only analyze
    the critical business process, but to identify
    recovery requirements.

14
 Where do you start?
  • BC Strategy Development
  • During this stage, a set of alternative recovery
    options are generated that satisfy requirements
    for maintaining Business Contingency in the event
    of disruption to critical systems, services and
    resources. The goal here is to identify options
    in order to select the most cost effective method
    to achieve recovery.

15
 Where do you start?
  • BC Plan Development
  • The Plan Development brings together the previous
    three stages. It documents those steps needed to
    keep the business up and running. It is going to
    do the following
  • Outline the Disaster Recovery (DR) plan for IT
    assets
  • Give procedures to recover disrupted processes
    and resources in a safe and timely manner
  • Develop/identify recovery strategies, objectives
    and resources (with contact information) and
    responsibilities
  • Develop evacuation and shelter-in-place plans,
    including procedures for support after the
    disaster
  • Document a crisis communications plan
  • Develop and document emergency procedures for
    employees and stock emergency supplies

16
Where do you start?
  • BC Plan Testing
  • Plan Testing can be elaborate or simple. Testing
    can include checklist walk-throughs to make sure
    all aspects are covered to disaster drills and
    simulations.

17
 Where do you start?
  • BC Plan Implementation/Maintenance
  • New equipment will be incorporated into the
    business. Personnel changes occur. New
    regulations are implemented. All of these are
    reasons to re-evaluate the plan and make changes
    as needed. The plan should be a living document.

18
Where do you start?
  • Benefits of BC
  • Prevent damage to critical resources before a
    disaster happens
  • Minimize damage to critical resources during and
    after disaster
  • Protect Your Reputation
  • Comply with Rules and Regulations
  • Protect Your Patients
  • Protect Your Revenue Flows
  • Provide Safety of Employees
  • Minimize legal liability 

19
 Where do you start?
  • A piece of advice
  • Start small
  • Pick two or three key business principles
  • Go through as many of the steps as possible
  • The goal is to preparesomething is better than
    nothing. If you do not start, you will never get
    anywhere.

20
DRs role in BC
  • DR is just one component to BC
  • Backup is just one part of DR
  • However, your BC is incomplete without a a
    successfully implemented DR plan with a well
    thought out backup strategy.

21
WARNING
The information you are about to see and hear is
very graphic in nature and may not be suitable
for most small business owners.
22
(No Transcript)
23
Business Contingency is Key
\\\ 93 of companies that lost their data for
10 days or more due to a disaster filed for
bankruptcy within one year of the disaster.
(National Archives Records Administration in
Washington) \\\ 34 of companies fail to test
their tape backups, and of those that do, 77
have found tape back-up failures. (The Gartner
Group) \\\ In 2006, IT executives list the top
three priorities on their to-do list as
technological fixes including data backup
(PricewaterhouseCoopers)
  • CD-based backups
  • Leave them in server
  • Take them home
  • Quality issues
  • Backup tapes
  • Many failure points
  • Continually backing up to same physical
    tape
  • Fail to verify recoverability
  • Backup process
  • None
  • Inconsistent
  • Not verified
  • Access is limited

24
Are You Really Prepared?
6 of all PCs will suffer an episode of data loss
in any given year. Given the number of PCs used
in US businesses in 1998, that translates to
approximately 4.6 million data loss episodes.1
25
(No Transcript)
26
Statistics
  • According to Gartner, the average business has 87
    hours of downtime a year.
  • Average Cost of Downtime per Hour
  • Overall average - 42,000
  • Brokerage Operation 6.5M
  • Credit Card/Sales Authorization 2.6M
  • Pay per View Television 1.1M
  • Airline Reservations 89,500
  • Small to medium business 1,100 

27
Statistics
Lost data has an impact. The Computer Security
Institute estimates that it costs an average of
32,000 to replace data and proprietary
information on stolen computers. Typically, that
is three times the cost to recreate the data than
it did to create it originally.
28
Revenue costs
The bottom line lies in the bottom dollar.
When you lose your data, you lose your ability
to maintain your profitability in the face of the
inevitable disaster. If you can not invoice
your customers, they will not pay.
29
Are You Really Ready?
  • Reasons
  • Environmental Disaster
  • The Human Factor
  • Hardware Failure
  • Compliance
  • Data is Growing
  • Breeches

30
(No Transcript)
31
Statistics
Nearly 44 of all data losses that occur are
attributed to a faulty hard drive or a head
crashThe hard drive has an estimated lifespan of
3 years.2
32
(No Transcript)
33
Statistics
  • 93 of companies that lost their data center for
    10 days or more due to a disaster filed for
    bankruptcy within one year of the disaster.
  • 50 of businesses that found themselves without
    data management for this same time period filed
    for bankruptcy immediately.3

34
Are You Really Prepared?
  • Key causes of data loss
  • 78 Hardware or System Malfunction
  • 11 Human Error
  • 7 Software Corruption or Program Malfunction
  • 2 Computer Viruses
  • 1 Natural Disasters
  • 1 Other4

35
(No Transcript)
36
Statistics
  • Natural disasters have quadrupled over the last
    two decades from an average of 120 a year in the
    early 1980s to as many as 500 today.5

37
(No Transcript)
38
Disasters Happen
  • The number of people affected by all disasters
    has risen from an average of 174 million a year
    between 1985 and 1994 and to 254 million a year
    between 1995 and 2004. 5

39
(No Transcript)
40
Are You Really Prepared?
  • Six fold increase in floods since 19805

41
Are You Really Prepared?
  • Wind-storms have risen from 60 to 1980 to 240
    last year. 5

42
(No Transcript)
43
Are You Really Prepared?
  • Unprecedented rise in geothermal events.
  • Earthquakes
  • Landslides
  • Sinkholes
  • Tsunami

44
Are You Really Prepared?
According to a 2004 Wall Street Journal
report, more than 83 of all critical data loss
is due to some form of human error.
45
The Human Factors
  • Unhappy employees can
  • Steal data
  • Bring systems down
  • Damage hardware
  • Load malicious software
  • Think about this, work place violence is on the
    rise. That is active aggression. What keeps
    those that are unhappy from acting out passive
    aggression by taking it out on your computer
    networkand your data?

46
Causes of Data Loss
  • Hard Drive Failures
  • Storage array errors
  • Power Issues (Surge and Sag)

47
Database Data
Forrester Research estimates that enterprises
have doubled the number of mission-critical
databases applications in the past five years.
48
Know your Data
49
How much when it happens
  • Data recovery starts at around 250 for a
    non-damaged hard drive with deleted data.
  • When we start looking at a damaged drive, the
    price increases exponentially into the range of
    250 an hour. A recovery of a large drive could
    be 50 hours of work. Do the math

50
Fully understanding your technology choices
  • Tape
  • External Hard Disk
  • SAN/NAS device
  • Other External Devices
  • Optical Media
  • Televaulting

51
Tape
  • Pros
  • Most widely used and supported
  • Scalable solution
  • Many options for hardware/software applications
  • Mid Level cost (High entry cost and low
    maintenance cost until hardware replacement is
    needed)
  • Decent reliability
  • Constantly increasing capacity

52
Tape
  • Cons
  • No real way to verify backups worked without
    actually doing data restores
  • Tapes are very susceptible to environmental
    hazards such heat, dust, and moisture.
  • Tapes must be replaced often because they wear
    poorly.
  • Human error. The biggest issue around tape is
    that they have to be manually touched and rotated
    and must be moved offsite in order to have
    separation from main equipment in case of
    disaster. Reliable tape storage can be expensive.
  • No data encryption by default which can put data
    from lost tapes in the wrong hands
  • While there are ways of automating tape backup,
    with automation comes added hardware and
    software even then there must be some type of
    human contact.
  • Linear read can have relatively long write and
    read times
  • Technology changes very quickly, making upgrades
    a necessity

53
External Hard Disk
  • Pros
  • Includes backup software 
  • Range of storage options 
  • Portable
  • Increased speed when compared to tape because of
    non-linear read and write
  • Capacities of 1 TB and beyond

54
External Hard Disk
  • Cons
  • You must invest in the hardware, and in some
    cases, disks as well
  •  Moving data offsite may mean carrying an
    unencrypted drive full of our data
  • Moving the data offsite also relies on a high
    level of human interaction

55
SAN/NAS (Network Storage Array)
  • Pros
  • High Speed
  • Highly Scalable
  • Site replication is possible
  • Degree of fault tolerance by using RAID 5 in the
    disk arrays

56
SAN/NAS (Network Storage Array)
  • Cons
  • Potentially extremely high front investment
  • Requires dedicated IT personnel to support it
  • Requires rack and server space
  • Ideally, deserves a data room with redundant power

57
Optical Media
  • CDs and DVDs
  • Pros
  • Cheap Media
  • Potential storage of multiple GB on a single
    BluRay Disk
  • Fast read/write
  • Hard ware can be relatively inexpensive

58
Optical Media
  • CDs and DVDs
  • Cons
  • Media holds up to heat very poorly
  • Limited space on CDs
  • High reliance on the human factor to move data
    offsite.
  • Large amounts of media created after time due to
    rewritable cost more
  • Media must be labeled
  • Encryption is not the standard for creating the
    backup
  • Drives can be costly
  • 10 year shelf life
  • Must purchase backup software for automation

59
Other External Devices
  • USB Flash Drives, ZIP Drives
  • Pros
  • Inexpensive
  • Easy to use
  • Very reliable data integrity
  • Quick backup and restore

60
Other External Devices
  • USB Flash Drives, ZIP Drives
  • Cons
  • Relies heavily on manual backups, making
    automation hard to attain without the purchase of
    additional software
  • The human factor is high relying on workers to
    not lose media and to take it offsite
  • With capacity comes price
  •  Small drives can be lost or stolen easily

61
Televaulting
62
Televaulting
  • Pros
  • An automated process
  • Offsite instantly
  • Offsite backup providers have powerful servers
    with fault tolerant storage and facilities with
    power back up
  • No software or hardware acquisition or
    maintenance
  • Potentially high level of security through strong
    encryption
  • Quick and easy restores of single files or
    multiple directories
  • Reduces the burden on the IT staff
  • Virtually no capital expenditures

63
Televaulting
  • Cons
  • Contracts
  • Reliance on Internet connection
  • Initial Backup will be lengthy

64
5 Things to Take Back with You
  • Know your data
  • Have a plan
  • Automate your backups
  • Store your backups offsite
  • Dont put your all eggs in one basket Vary your
    backups depending on its critical nature

65
References Used
  • The Cost Of Lost Data, David M. Smith
  • Top Causes of Data Loss, by James Walsh
    http//www.articlegold.com/Article/Top-Causes-of-D
    ata-Loss/38322
  • National Archives and Records Administration in
    Washington
  • http//www.ontrack.co.uk/datarecovery/dataloss.asp
  • Disasters Escalating, Says Oxfam Contingency
    Insights November/December 2007Volume 5, Number
    6
  • HIPAA Compliance and Disaster Recovery -
    TechRepublic, February 13, 2006
  • Sepaton launches Enterprice VTL InfoStor
    December 2007 Volume 11No. 12
  •  Numbers Sheet, CRN November 12, 07 Issue
    1253
  • http//www.privacyrights.org/ar/DataBreaches2006-A
    nalysis.htm
  • http//etiolated.org/
  • http//www.imation.com/en_US/main.jhtml?Id71_01_0
    2
  • http//www.engadget.com/2005/02/24/tell-us-your-wo
    rst-data-disaster-and-win-meminas-2gb-pocket/
  • The Data Dilemma Best Practices Contingency
    Insights November/December 2007Volume 5 Number
    6
  • Why users opt for online backup? InfoStor
    November 2007 Volume 11 No. 11
  • ITs new dirty little secret InfoStor
    October 2007Volume 11No. 10
  • Its Not Business as Usual Business Contingency
    April 2002

66
Resources
  • U.S. Dept. of Homeland Security Business
    Contingency Planning www.ready.gov
  • National Emergency Management Association
    www.nemaweb.org
  • www.contingencyplanning.com
  • Disaster Recovery Journal www.drj.com
  • Disaster Recovery Institute www.drii.org
  • www.availability.com
  • Information System Security www.infosyssec.org

67
Thank You for Your Participation
Questions Answers
About PowerShow.com