SlideShare a Scribd company logo

Top 5 Steps to Disaster Preparedness for Businesses

- Mark - Fullbright
- Mark - Fullbright

Company names mentioned herein are the property of, and may be trademarks of, their respective owners.

EducationBusinessTechnology
1 of 6
Download to read offline
White Paper: Keeping Your Business Up and Running - No Matter What © 2014. Axcient, Inc. All Rights Reserved. The news is filled with headlines of disasters – everything from earthquakes, tornadoes, and accidents like flooding or transformer malfunctions due to heavy rain, to computer viruses that threaten to shut down an entire network, or to delete all the data on a server. None of us want to think of these impending disasters, but when you run a business, it is part of the job to make sure your company is prepared for the worst – the loss of business-critical data and applications. The purpose of this white paper is to outline the five steps required to prepare businesses for these disasters. Step 1: Validate the Need Step 2: Conduct a Business Impact Analysis Step 3: Determine the ROI Step 4: Create Your Plan Step 5: Test Your Plan The old adage “Plan for the worst, and hope for the best” is a good place to start, but is certainly not sufficient when talking about business-critical data. The steps outlined below help ensure that your company is well positioned if a disaster does occur. Step 1: Validate the Need for a Disaster Recovery Plan Data backup, business continuity, and disaster recovery mitigate the risks associated with potential loss of data. Corporate systems (laptops, desktops, and servers) and the applications and data they contain, are critical to the operation of a company. The importance of ensuring the continued operation of those systems, or the rapid recovery of the systems, in case of a failure, has increased dramatically. Businesses around the world are looking for ways to address these risks and protect their systems and data from the variety of disasters that could occur at anytime. These disasters range from natural disasters like earthquakes and building fires, to the less dangerous — yet no less damaging — technical disasters like data corruption from computer viruses or simple hardware failure, which is the guaranteed end of every laptop, desktop and server. Quantifying the Impact: The Centre for Research on the Epidemiology of Disasters (CRED) has quantified the economic impact of these disasters. Between 2000 and 2008, CRED cites the average number of natural disasters per year as 392, and the average annual economic damage at $102.6 billion worldwide1 . In 2009, 335 disasters were cited with economic damages of $41.3 billion. This impact isn’t limited only to natural disasters. 1. http:www.emdat.be/natural-disasters-trends Top 5 Steps to Disaster Preparedness for Businesses $41.3 billion Total economic cost of disaster-related damages in 2009. 7% Total amount of IT budget businesses allocate to business continuity and disaster recovery. 335 Total number of natural disasters in 2009. By the Numbers $8 billion Total economic cost to businesses per year resulting from computer viruses. www.iCorps.com 888.642.6484
© 2014. Axcient, Inc. All Rights Reserved. A study conducted by Intel Corporation and the Ponemon Institute2 analyzed the impact of missing laptop computers. The 329 organizations polled in 2010 collectively lost more than 86,000 laptops worth a staggering $2.1 billion. Add to this the fact that computer viruses cause additional losses of around $8 billion per year and you have a significant impact on American businesses. The damage and costs associated with these disasters clearly underscore the strategic importance of disaster recovery plans. This holds true for large corporations and smaller businesses alike. Forrester Research estimates that businesses allocate about 7 percent of their total IT budget to business continuity and disaster recovery3 . In addition, 36 percent of businesses plan to increase their spending in this area. These statistics indicate the critical role disaster recovery is playing in a comprehensive IT strategy among businesses. Understanding the need is the first step. Analyzing and documenting your environment in a Business Impact Analysis is the next. Step 2: Conduct a Business Impact Analysis The Business Impact Analysis (BIA) is the foundation of your disaster recovery plan. The BIA will identify which systems need to be recovered in priority order. Start by identifying the most crucial systems and processes and the effect an outage would have on the business. The greater the potential impact, the more important it is to restore a system or process immediately. For example, a stock trading company may decide to pay for completely redundant IT systems that would allow it to immediately start processing trades at another location. On the other hand, a manufacturing company may decide that it can wait 24 hours to resume shipping in the event of a system failure. Your BIA will establish a prioritized list of assets and determine which parts of the business should be restored first. A well-crafted BIA starts with an environmental assessment and process review, which address the following questions: • What types of systems, applications, networks, and facilities are required to function? • Who are the key personnel responsible for these functions? • How critical are these functions to the health/reputation/finances of the organization? • What is needed to perform the functions? • What dependencies are required to perform these functions? • How long can you accept a break in these functions? Time-Critical OR Time-Sensitive: Each application, server, and personal computer has a specific function. But some are more time-sensitive than others in the face of a disaster. For example, a law firm suffers a flood and a number of their servers are destroyed. One of the servers was the company’s email server running Microsoft Exchange. Another server ran the company’s time and billing software that helped the attorneys track their billable hours. 2. http://blog.digitalriskstrategies.com/ponemon-institute-lost-laptops-cost-billions/ 3. Forrester Research, Global IT Budgets, Priorities, And Emerging Technology Tracking Survey, Q2 2010 White Paper: Keeping Your Business Up and Running - No Matter What (risk) — n. The possibility of incurring misfortune or loss; hazard Types of Risk: Financial: May include opportunity lost during downtime, loss of revenue from sales, the cost of borrowing to meet cash flow, penalties from not meeting contractual commitments or service levels, loss of core asset (data) leading to bankruptcy. Regulatory: May include penalties for not having appropriate records and document history as mandated by SOX, HIPPA, and other regulations; filing financial reports or tax returns on time; fines or penalties for noncompliance; or the need to recall products due to lost product-testing information. Reputation: May include loss of customer confidence, decrease in market share, liability claims, customer dissatisfaction, negative media coverage, and loss of goodwill. Risk www.iCorps.com 888.642.6484
White Paper: Keeping Your Business Up and Running - No Matter What While the loss of the time and billing application will cause significant extra work and lead to increased cost and lost productivity, the lawyers could manually track their time and billing temporarily or go back and retrospectively input their hours. The loss of email communication, however, means that clients’ emails aren’t getting read, urgent correspondence from the courts or opposing council isn’t being received, and the attorneys aren’t able to communicate with their clients. While the time and billing software is critical to efficiently running the law firm, it is less of a priority in the middle of a disaster, not because it is not critical, but because it is not time-sensitive. Identify the Risks: The next step is to identify possible risks, or causes of potential disasters. Consider both internal and external causes in your evaluation. Internal causes could include hardware failure, sabotage, theft, hacking, or data corruption. External causes could include earthquakes, fire, or a power outage. Evaluate the Impact: Once the risks have been identified, the next step in the BIA is to valuate the impact of the risks on your business. There are several ways to do this, but a look at the estimated impact of the risk against the probability of the risk occurring is one of the more straightforward approaches, and often the clearest to communicate to the management team. Using the matrix in Figure 1, map the impact of the event against the estimated probability. All items in the upper right must be dealt with immediately as they clearly have the highest impact and are most likely to occur. Those in the lower left are the least of your worries. Those in the middle need to be prioritized accordingly. Step 3: Determining the ROI of your Disaster Recover Plan Having identified the possible risks and evaluated the likely impact on the business, the next step is to calculate the return on investment (ROI) to prove that your investment in disaster recovery is worth every penny. There are many formulas to calculate a ROI. The most common is a simple equation: ROI = (Benefits-Costs)/Costs Quantifying the Benefits: Quantifying the benefits associated with a disaster recovery plan will vary by industry. But in general, if your business can’t operate – send and receive payments, facilitate transactions, or service customers – what does that do to your company? How much is it worth to avoid the impact of unforeseen disasters? We start by calculating the benefits that will be derived from the disaster recovery plan. Direct benefits are the savings that would occur if the company was able to recover quickly after a disaster. Continuing with the legal example: assume the law firm we are discussing has 10 attorneys that bill at an average of $200 an hour. Let’s say that the attorneys aren’t able to email with clients or access critical records because of the flood in the server room. The law firm would lose a minimum of $2,000 per hour in lost revenue or $20,000 per day (if the attorneys work 10 hour days). This is merely the cost of downtime and assumes full recovery. If the firm actually lost the emails or client data permanently, the loss could be fatal to the business and would either lead to millions of dollars in loss and/or cause the firm to shutdown. Therefore, the benefit from your investment in a DR plan is inversely related to the cost of downtime. Low Low High HighProbabilityofOccurence Impact of Risk Low -LevelriskM edium -LevelRisk CriticalRisk Figure 1: The Risk Impact/Probability Chart © 2014. Axcient, Inc. All Rights Reserved. “ ” If your business can’t operate — send and receive payments, facilitate transactions, or service customers — what does that do to your company? How much is it worth to avoid the impact of unforseen disasters? www.iCorps.com 888.642.6484
White Paper: Keeping Your Business Up and Running - No Matter What Calculating the Costs: Soft costs include the negative impact to customer satisfaction, brand value, and shareholder equity if the company is not able to quickly recover after a disaster. These need to be layered onto the hard costs. The $20,000 per day that was calculated above for the law firm is the “opportunity cost” or “hard cost” because the firm must pay its attorneys, yet those attorneys aren’t able to work. However, the soft costs are likely even greater in this scenario because clients are likely to switch firms or use a different firm in the future if their emails go unanswered for an extended period of time and key dates and deadlines for their cases are missed. The cause of the disaster is also a factor. Although customers are likely to be more forgiving in the case of a natural disaster than a technical failure, this should still be figured into the potential soft costs lost. The costs associated with implementing a backup, business continuity, and DR plan are fairly easily quantified if you use a comprehensive all-inclusive service like Axcient. However, if you use a cobbled together solution that involves DR planning and separate hardware, software, and service, as well as the cost of your time managing the solution, you must calculate the direct investment required to create the plan. In addition, you must also calculate the cost of implementation and management, plus the amortized rate of the hardware and software, as well as the subscription to the disaster recovery service. Using the Axcient-iCorps case, for example, a managed service provider implements a fully managed business continuity and disaster recovery solution for the law firm with a recurring subscription of $400/month. Completing the law firm example we get the following calculation: Step 4: Create Your Disaster Recovery Plan At this point, you are ready to create an actual disaster recovery plan. This plan will strategically prioritize all assets and formulate the recovery sequence necessary to keep your business operational. The plan will also provide tactical details needed to execute the plan should it become necessary. Access to Information It is critical that your plan includes how to access all information required to re-establish the systems. This includes authentication, SSL certificates, and passwords. Without these critical pieces of information, it is almost impossible to access the systems and information needed to reset systems, access data, etc. Often forgotten, yet critical to the recovery process, is personnel contact information and contact methods. In the case of a disaster, knowing who to contact and how to best reach them is essential. Cell phones, home phones, email, and other options will be required. In the case of a serious natural disaster cell phones may not be operational, but social media services like Twitter and Facebook may be. Consider all possible touch points to ensure you have access to the people required to get your systems back up and running. Prioritize recovery procedures Recovery procedures should take into account the overall network infrastructure as well as personal computing devices needed to restart operations. In general, most network resources will be unavailable until directory services are up, so these should be brought up first. Identify key dependencies and take them into account when documenting and describing recovery processes and procedures. For example, if servers need access to a data farm before they can deliver access to key services or information, those resources must be ready before or as the servers come online. Benefits Benefits Revenue Saved $20,000 (inverse of 10 hours of downtime) Costs Create the Plan Subscription Fee Total Cost $0 $4,800 (average annual subscription fee) $4,800 ROI ($20,000 - $4,800)/4,800 = 3.16 © 2014. Axcient, Inc. All Rights Reserved. www.iCorps.com 888.642.6484
White Paper: Keeping Your Business Up and Running - No Matter What Make sure the plan addresses issues involved in providing desktop or notebook access to key staff members during recovery. If the key team can’t access the servers or backup data, they will not be able to initiate or manage the recovery. Also, make sure to consider computing access for key executives, sales, and support personnel throughout the recovery process. Document the recovery processes Write the disaster recovery plan based only on what is true today, but know that it will evolve over time. It is tempting to include changes that are expected to be in place soon, however, more often than not, new systems are delayed or do not function as expected. The result is a disaster recovery plan not rooted in fact; one that is sure to fail in the event of an actual disaster because it does not actually represent the true nature of the IT systems and infrastructure. Therefore, document the plan as it exists today. If you know changes are forthcoming, wait to document the change until it is in place and the details are known. Alternatively, establish an update schedule that routinely publishes revisions to the plan. Quarterly updates that coincide with testing procedures can be very effective and efficient. Step 5: Test Your Plan Beyond addressing essential dependency issues covered above, many companies discover during testing that some aspects of their processes and procedures are missing, insufficiently detailed, or lacking important information. Identify gaps Your first test will identify these critical gaps. Amending the plan to address these gaps is one of the biggest benefits of testing your plan. Many companies find that creating and documenting the plan, and providing supporting checklists and timetables, help mange what could be a very stressful situation. With clear guidelines and processes, people are more comfortable and therefore more in control. Following the plan during practice drills gives people focus and helps highlight oversights and omissions. This way, issues can be addressed before genuine disasters or business interruptions strike. During an actual crisis or disruption, many companies discover that they can’t draw on adequate power or facilities when they go into recovery mode. Practice sessions will quickly identify and help suggest remedies to such problems. Without having a plan for backup power or physical facilities, you are guaranteed to delay recovery. Lack of sufficient power and facilities will show up during practice drills when teams try and fail to bring systems back up because of power or facilities-related issues or problems. This is another benefit of testing your disaster recovery plan. Industry best practices recommend conducting a “conference room” test on a quarterly basis. These tests are informal reviews of the documentation. The team walks through the procedures in the safety of a conference room. The discussions focus on processes, policies, and procedures and ensure that all team members understand their roles and responsibilities. If possible, live tests should be conducted annually to ensure everything is in working order. Failure of a “conference room” test is one thing. Failure during an actual crisis can and will cause significant damage to a business. The live test should include service providers, complete failover, restore, and validation processes. Communication processes and procedures should simulate a disaster scenario, including alternative means of communication. It’s essential to put processes in place that require staff to report regularly on plan status and enact change management to keep plans in sync with organizational and technical realities on the ground. It’s also important to perform regular audits to check how well plans and reality match. Conclusion As much as we’d like to think that technology is flawless, it isn’t. The processes recommended are based on best practices, industry standards, and our experiences with businesses. Taking these processes into account when developing your disaster recovery plans will help ensure that the critical issues are addressed. Axcient and iCorps both focus on ensuring that you always have access to your data, systems and applications – anytime, anywhere – not matter what. Your peace of mind and the success of your business are our top priority. © 2014. Axcient, Inc. All Rights Reserved. “ ” Many companies discover during testing that some aspect of their processes and procedures are missing, insufficiently detailed or lacking important information. www.iCorps.com 888.642.6484
About iCorps Technologies iCorps Technologies, a leading IT Consulting, Managed Services and Cloud Computing Company, provides strategic leadership, innovative services and hands-on expertise to small and medium businesses. An industry pioneer, the iCorps team guides some of the fastest-growing organizations and collaborates with hundreds of clients to help transform their businesses – while delivering exceptional results. To learn more, please visit www.iCorps.com About Axcient Axcient is an entirely new type of cloud platform that eliminates data loss, keeps applications up and running, and makes sure that IT infrastructures never go down. Designed for today’s always-on business, Axcient replaces legacy backup, business continuity, and disaster recovery software and hardware, and reduces the amount of expensive copy data in an organization by as much as 80%. By mirroring an entire business in the cloud, Axcient makes it simple to access and restore data from any device, failover IT systems, and virtualize your entire office with a click - all from a single deduplicated copy. Trusted by thousands of businesses to store and protect more than 10 billion files and applications, Axcient maximizes productivity, reduces cost, and eliminates risk. Learn more at www.axcient.com. White Paper: Keeping Your Business Up and Running - No Matter What © 2014. Axcient, Inc. All Rights Reserved. www.iCorps.com 888.642.6484

Recommended

Risk neversleeps wps-016
Risk neversleeps wps-016Risk neversleeps wps-016
Risk neversleeps wps-016Jake Lepine
 
Risk management by Deepak kumar dwivedi
Risk management by Deepak kumar dwivediRisk management by Deepak kumar dwivedi
Risk management by Deepak kumar dwivediEm Red
 
2014-2015-data-breach-response-guide
2014-2015-data-breach-response-guide2014-2015-data-breach-response-guide
2014-2015-data-breach-response-guideJames Fisher
 
2009_NYC_OpRiskUSA_Conf
2009_NYC_OpRiskUSA_Conf2009_NYC_OpRiskUSA_Conf
2009_NYC_OpRiskUSA_ConfPeter Poulos
 
2017 global-cyber-risk-transfer-report-final
2017 global-cyber-risk-transfer-report-final2017 global-cyber-risk-transfer-report-final
2017 global-cyber-risk-transfer-report-finalΔρ. Γιώργος K. Κασάπης
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity PlanningInstitute for Business Continuity Training
 
Experion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsExperion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsPeter Henley
 
Health and Safety Proposal
Health and Safety ProposalHealth and Safety Proposal
Health and Safety ProposalGreta McClain
 

Recommended

Risk neversleeps wps-016
Risk neversleeps wps-016Risk neversleeps wps-016
Risk neversleeps wps-016Jake Lepine
 
Risk management by Deepak kumar dwivedi
Risk management by Deepak kumar dwivediRisk management by Deepak kumar dwivedi
Risk management by Deepak kumar dwivediEm Red
 
2014-2015-data-breach-response-guide
2014-2015-data-breach-response-guide2014-2015-data-breach-response-guide
2014-2015-data-breach-response-guideJames Fisher
 
2009_NYC_OpRiskUSA_Conf
2009_NYC_OpRiskUSA_Conf2009_NYC_OpRiskUSA_Conf
2009_NYC_OpRiskUSA_ConfPeter Poulos
 
2017 global-cyber-risk-transfer-report-final
2017 global-cyber-risk-transfer-report-final2017 global-cyber-risk-transfer-report-final
2017 global-cyber-risk-transfer-report-finalΔρ. Γιώργος K. Κασάπης
 
Business Continuity Planning
Business Continuity PlanningBusiness Continuity Planning
Business Continuity PlanningInstitute for Business Continuity Training
 
Experion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsExperion Data Breach Response Excerpts
Experion Data Breach Response ExcerptsPeter Henley
 
Health and Safety Proposal
Health and Safety ProposalHealth and Safety Proposal
Health and Safety ProposalGreta McClain
 
Disaster Recovery - Deep Dive
Disaster Recovery - Deep DiveDisaster Recovery - Deep Dive
Disaster Recovery - Deep DiveEnvision Technology Advisors
 
Technology Risk Management
Technology Risk ManagementTechnology Risk Management
Technology Risk ManagementSocial Tables
 
Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016Samuel Loomis
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
What every CEO needs to know about Califorinia's new data breach law
What every CEO needs to know about Califorinia's new data breach lawWhat every CEO needs to know about Califorinia's new data breach law
What every CEO needs to know about Califorinia's new data breach lawDavid Sweigert
 
A Study of Automated Decision Making Systems
A Study of Automated Decision Making SystemsA Study of Automated Decision Making Systems
A Study of Automated Decision Making Systemsinventy
 
Healthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALHealthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALSteve Knapp
 
Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...Gross, Mendelsohn & Associates
 
Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk ManagementDeepak Bansal, CPA CISSP
 
Dit yvol5iss10
Dit yvol5iss10Dit yvol5iss10
Dit yvol5iss10Rick Lemieux
 
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI
 
Dit yvol2iss49
Dit yvol2iss49Dit yvol2iss49
Dit yvol2iss49Rick Lemieux
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15James Fisher
 
Kpacket 2014 Top_Ten_Guide
Kpacket 2014 Top_Ten_GuideKpacket 2014 Top_Ten_Guide
Kpacket 2014 Top_Ten_GuideAPEX Global
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS Accelerite
 
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas FinalBehavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Finalksteadman
 
Business Continuity Emerging Trends - DRIE Atlantic - Summary
Business Continuity Emerging Trends - DRIE Atlantic - SummaryBusiness Continuity Emerging Trends - DRIE Atlantic - Summary
Business Continuity Emerging Trends - DRIE Atlantic - SummaryMarie Lavoie Dufort
 
Ics white paper report 2017
Ics white paper report 2017Ics white paper report 2017
Ics white paper report 2017Ir. Indin Hasan ST, MT, IPM, ASEAN Eng
 
DRAFT - FSII appendix z10 draft 2
DRAFT - FSII appendix z10 draft 2DRAFT - FSII appendix z10 draft 2
DRAFT - FSII appendix z10 draft 2Nicole Rosie
 
Business Continuation The Basics
Business Continuation The BasicsBusiness Continuation The Basics
Business Continuation The Basicsguest13df88e8
 
Drp
DrpDrp
DrpEdward Tisdale
 

More Related Content

What's hot

Technology Risk Management
Technology Risk ManagementTechnology Risk Management
Technology Risk ManagementSocial Tables
 
Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016Samuel Loomis
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
What every CEO needs to know about Califorinia's new data breach law
What every CEO needs to know about Califorinia's new data breach lawWhat every CEO needs to know about Califorinia's new data breach law
What every CEO needs to know about Califorinia's new data breach lawDavid Sweigert
 
A Study of Automated Decision Making Systems
A Study of Automated Decision Making SystemsA Study of Automated Decision Making Systems
A Study of Automated Decision Making Systemsinventy
 
Healthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALHealthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALSteve Knapp
 
Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...Gross, Mendelsohn & Associates
 
Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk ManagementDeepak Bansal, CPA CISSP
 
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15James Fisher
 
Kpacket 2014 Top_Ten_Guide
Kpacket 2014 Top_Ten_GuideKpacket 2014 Top_Ten_Guide
Kpacket 2014 Top_Ten_GuideAPEX Global
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS Accelerite
 
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas FinalBehavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Finalksteadman
 
Business Continuity Emerging Trends - DRIE Atlantic - Summary
Business Continuity Emerging Trends - DRIE Atlantic - SummaryBusiness Continuity Emerging Trends - DRIE Atlantic - Summary
Business Continuity Emerging Trends - DRIE Atlantic - SummaryMarie Lavoie Dufort
 
DRAFT - FSII appendix z10 draft 2
DRAFT - FSII appendix z10 draft 2DRAFT - FSII appendix z10 draft 2
DRAFT - FSII appendix z10 draft 2Nicole Rosie
 

What's hot (20)

Disaster Recovery - Deep Dive
Disaster Recovery - Deep DiveDisaster Recovery - Deep Dive
Disaster Recovery - Deep Dive
 
Technology Risk Management
Technology Risk ManagementTechnology Risk Management
Technology Risk Management
 
Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016Generic_Sample_incidentresponseplanIRP_ISS_2016
Generic_Sample_incidentresponseplanIRP_ISS_2016
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
What every CEO needs to know about Califorinia's new data breach law
What every CEO needs to know about Califorinia's new data breach lawWhat every CEO needs to know about Califorinia's new data breach law
What every CEO needs to know about Califorinia's new data breach law
 
A Study of Automated Decision Making Systems
A Study of Automated Decision Making SystemsA Study of Automated Decision Making Systems
A Study of Automated Decision Making Systems
 
Healthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALHealthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINAL
 
Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...
 
Information Technology Vendor Risk Management
Information Technology Vendor Risk ManagementInformation Technology Vendor Risk Management
Information Technology Vendor Risk Management
 
Dit yvol5iss10
Dit yvol5iss10Dit yvol5iss10
Dit yvol5iss10
 
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise" ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
ESEI White Paper-Disaster Recovery "A Risk Assessment Exercise"
 
Dit yvol2iss49
Dit yvol2iss49Dit yvol2iss49
Dit yvol2iss49
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample Material
 
Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15Foley-Cybersecurity-White-Paper_3.9.15
Foley-Cybersecurity-White-Paper_3.9.15
 
Kpacket 2014 Top_Ten_Guide
Kpacket 2014 Top_Ten_GuideKpacket 2014 Top_Ten_Guide
Kpacket 2014 Top_Ten_Guide
 
REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS REAL TIME ENDPOINT INSIGHTS
REAL TIME ENDPOINT INSIGHTS
 
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas FinalBehavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
 
Business Continuity Emerging Trends - DRIE Atlantic - Summary
Business Continuity Emerging Trends - DRIE Atlantic - SummaryBusiness Continuity Emerging Trends - DRIE Atlantic - Summary
Business Continuity Emerging Trends - DRIE Atlantic - Summary
 
Ics white paper report 2017
Ics white paper report 2017Ics white paper report 2017
Ics white paper report 2017
 
DRAFT - FSII appendix z10 draft 2
DRAFT - FSII appendix z10 draft 2DRAFT - FSII appendix z10 draft 2
DRAFT - FSII appendix z10 draft 2
 

Similar to Top 5 Steps to Disaster Preparedness for Businesses

Business Continuation The Basics
Business Continuation The BasicsBusiness Continuation The Basics
Business Continuation The Basicsguest13df88e8
 
Contingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMContingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMWajahat Ali Khan
 
Whitepaper : Building a disaster ready infrastructure
Whitepaper : Building a disaster ready infrastructureWhitepaper : Building a disaster ready infrastructure
Whitepaper : Building a disaster ready infrastructureJake Weaver
 
Provide a MEMO.docx
Provide a MEMO.docxProvide a MEMO.docx
Provide a MEMO.docxwrite30
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationIBM Security
 
Business Continuity and Disaster Recover Week3Part4-ISr.docx
Business Continuity and Disaster Recover Week3Part4-ISr.docxBusiness Continuity and Disaster Recover Week3Part4-ISr.docx
Business Continuity and Disaster Recover Week3Part4-ISr.docxhumphrieskalyn
 
Disaster recovery white_paper
Disaster recovery white_paperDisaster recovery white_paper
Disaster recovery white_paperCMR WORLD TECH
 
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docxRUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docxanhlodge
 
1. After a cyber attack, the organizational decision making and re.docx
1. After a cyber attack, the organizational decision making and re.docx1. After a cyber attack, the organizational decision making and re.docx
1. After a cyber attack, the organizational decision making and re.docxjackiewalcutt
 
V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...VMware_EMEA
 
200606_NWC_Strategic Security
200606_NWC_Strategic Security200606_NWC_Strategic Security
200606_NWC_Strategic SecurityChad Korosec
 
Business Continuity Workshop Final
Business Continuity Workshop FinalBusiness Continuity Workshop Final
Business Continuity Workshop FinalBill Lisse
 
How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach SecurityMetrics
 
© 2017 Journal of the Practice of Cardiovascular Sciences Pu.docx
© 2017 Journal of the Practice of Cardiovascular Sciences Pu.docx© 2017 Journal of the Practice of Cardiovascular Sciences Pu.docx
© 2017 Journal of the Practice of Cardiovascular Sciences Pu.docxgerardkortney
 

Similar to Top 5 Steps to Disaster Preparedness for Businesses (20)

Business Continuation The Basics
Business Continuation The BasicsBusiness Continuation The Basics
Business Continuation The Basics
 
Drp
DrpDrp
Drp
 
BCI Counting The Cost
BCI Counting The CostBCI Counting The Cost
BCI Counting The Cost
 
Contingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMContingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATM
 
Whitepaper : Building a disaster ready infrastructure
Whitepaper : Building a disaster ready infrastructureWhitepaper : Building a disaster ready infrastructure
Whitepaper : Building a disaster ready infrastructure
 
Provide a MEMO.docx
Provide a MEMO.docxProvide a MEMO.docx
Provide a MEMO.docx
 
Cyber Risks - Maligec and Eskins
Cyber Risks - Maligec and EskinsCyber Risks - Maligec and Eskins
Cyber Risks - Maligec and Eskins
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and Reputation
 
Business Continuity and Disaster Recover Week3Part4-ISr.docx
Business Continuity and Disaster Recover Week3Part4-ISr.docxBusiness Continuity and Disaster Recover Week3Part4-ISr.docx
Business Continuity and Disaster Recover Week3Part4-ISr.docx
 
Disaster recovery white_paper
Disaster recovery white_paperDisaster recovery white_paper
Disaster recovery white_paper
 
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docxRUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
RUNNING HEADER Disaster Recovery Plan Information and Documentat.docx
 
1. After a cyber attack, the organizational decision making and re.docx
1. After a cyber attack, the organizational decision making and re.docx1. After a cyber attack, the organizational decision making and re.docx
1. After a cyber attack, the organizational decision making and re.docx
 
The Ultimate Guide To Business Continuity
The Ultimate Guide To Business ContinuityThe Ultimate Guide To Business Continuity
The Ultimate Guide To Business Continuity
 
V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...V mware business trend brief - crash insurance - protect your business with...
V mware business trend brief - crash insurance - protect your business with...
 
200606_NWC_Strategic Security
200606_NWC_Strategic Security200606_NWC_Strategic Security
200606_NWC_Strategic Security
 
Business Continuity Workshop Final
Business Continuity Workshop FinalBusiness Continuity Workshop Final
Business Continuity Workshop Final
 
CloudSource-white paper
CloudSource-white paperCloudSource-white paper
CloudSource-white paper
 
How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach How to Effectively Manage a Data Breach
How to Effectively Manage a Data Breach
 
Prevent & Protect
Prevent & ProtectPrevent & Protect
Prevent & Protect
 
© 2017 Journal of the Practice of Cardiovascular Sciences Pu.docx
© 2017 Journal of the Practice of Cardiovascular Sciences Pu.docx© 2017 Journal of the Practice of Cardiovascular Sciences Pu.docx
© 2017 Journal of the Practice of Cardiovascular Sciences Pu.docx
 

More from - Mark - Fullbright

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019- Mark - Fullbright
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019- Mark - Fullbright
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019- Mark - Fullbright
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...- Mark - Fullbright
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)- Mark - Fullbright
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 - Mark - Fullbright
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft- Mark - Fullbright
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017- Mark - Fullbright
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business- Mark - Fullbright
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business- Mark - Fullbright
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report- Mark - Fullbright
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016- Mark - Fullbright
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015- Mark - Fullbright
 

More from - Mark - Fullbright (20)

ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report
 
Police, Protesters, Press, 2020
Police, Protesters, Press, 2020Police, Protesters, Press, 2020
Police, Protesters, Press, 2020
 
2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)2020 Data Breach Investigations Report (DBIR)
2020 Data Breach Investigations Report (DBIR)
 
FCPA Guidance 2020
FCPA Guidance 2020FCPA Guidance 2020
FCPA Guidance 2020
 
Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019Consumer Sentinel Network Data Book 2019
Consumer Sentinel Network Data Book 2019
 
CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019CFPB Consumer Reporting Companies 2019
CFPB Consumer Reporting Companies 2019
 
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
Advisory to Financial Institutions on Illicit Financial Schemes and Methods R...
 
2018 IC3 Report
2018 IC3 Report2018 IC3 Report
2018 IC3 Report
 
2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)2019 Data Breach Investigations Report (DBIR)
2019 Data Breach Investigations Report (DBIR)
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report
 
Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018 Consumer Sentinel Network Data Book 2018
Consumer Sentinel Network Data Book 2018
 
Credit Score Explainer
Credit Score ExplainerCredit Score Explainer
Credit Score Explainer
 
The Geography of Medical Identity Theft
The Geography of Medical Identity TheftThe Geography of Medical Identity Theft
The Geography of Medical Identity Theft
 
Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017Consumer Sentinel Data Book 2017
Consumer Sentinel Data Book 2017
 
Protecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for BusinessProtecting Personal Information: A Guide for Business
Protecting Personal Information: A Guide for Business
 
Data Breach Response: A Guide for Business
Data Breach Response: A Guide for BusinessData Breach Response: A Guide for Business
Data Breach Response: A Guide for Business
 
2017 Data Breach Investigations Report
2017 Data Breach Investigations Report2017 Data Breach Investigations Report
2017 Data Breach Investigations Report
 
Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016Consumer Sentinel Network Data Book for January 2016 - December 2016
Consumer Sentinel Network Data Book for January 2016 - December 2016
 
Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015Consumer Sentinel Data Book 2015
Consumer Sentinel Data Book 2015
 

Recently uploaded

Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfchloefrazer622
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 

Recently uploaded (20)

Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Disha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdfDisha NEET Physics Guide for classes 11 and 12.pdf
Disha NEET Physics Guide for classes 11 and 12.pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 

Top 5 Steps to Disaster Preparedness for Businesses

  • 1. White Paper: Keeping Your Business Up and Running - No Matter What © 2014. Axcient, Inc. All Rights Reserved. The news is filled with headlines of disasters – everything from earthquakes, tornadoes, and accidents like flooding or transformer malfunctions due to heavy rain, to computer viruses that threaten to shut down an entire network, or to delete all the data on a server. None of us want to think of these impending disasters, but when you run a business, it is part of the job to make sure your company is prepared for the worst – the loss of business-critical data and applications. The purpose of this white paper is to outline the five steps required to prepare businesses for these disasters. Step 1: Validate the Need Step 2: Conduct a Business Impact Analysis Step 3: Determine the ROI Step 4: Create Your Plan Step 5: Test Your Plan The old adage “Plan for the worst, and hope for the best” is a good place to start, but is certainly not sufficient when talking about business-critical data. The steps outlined below help ensure that your company is well positioned if a disaster does occur. Step 1: Validate the Need for a Disaster Recovery Plan Data backup, business continuity, and disaster recovery mitigate the risks associated with potential loss of data. Corporate systems (laptops, desktops, and servers) and the applications and data they contain, are critical to the operation of a company. The importance of ensuring the continued operation of those systems, or the rapid recovery of the systems, in case of a failure, has increased dramatically. Businesses around the world are looking for ways to address these risks and protect their systems and data from the variety of disasters that could occur at anytime. These disasters range from natural disasters like earthquakes and building fires, to the less dangerous — yet no less damaging — technical disasters like data corruption from computer viruses or simple hardware failure, which is the guaranteed end of every laptop, desktop and server. Quantifying the Impact: The Centre for Research on the Epidemiology of Disasters (CRED) has quantified the economic impact of these disasters. Between 2000 and 2008, CRED cites the average number of natural disasters per year as 392, and the average annual economic damage at $102.6 billion worldwide1 . In 2009, 335 disasters were cited with economic damages of $41.3 billion. This impact isn’t limited only to natural disasters. 1. http:www.emdat.be/natural-disasters-trends Top 5 Steps to Disaster Preparedness for Businesses $41.3 billion Total economic cost of disaster-related damages in 2009. 7% Total amount of IT budget businesses allocate to business continuity and disaster recovery. 335 Total number of natural disasters in 2009. By the Numbers $8 billion Total economic cost to businesses per year resulting from computer viruses. www.iCorps.com 888.642.6484
  • 2. © 2014. Axcient, Inc. All Rights Reserved. A study conducted by Intel Corporation and the Ponemon Institute2 analyzed the impact of missing laptop computers. The 329 organizations polled in 2010 collectively lost more than 86,000 laptops worth a staggering $2.1 billion. Add to this the fact that computer viruses cause additional losses of around $8 billion per year and you have a significant impact on American businesses. The damage and costs associated with these disasters clearly underscore the strategic importance of disaster recovery plans. This holds true for large corporations and smaller businesses alike. Forrester Research estimates that businesses allocate about 7 percent of their total IT budget to business continuity and disaster recovery3 . In addition, 36 percent of businesses plan to increase their spending in this area. These statistics indicate the critical role disaster recovery is playing in a comprehensive IT strategy among businesses. Understanding the need is the first step. Analyzing and documenting your environment in a Business Impact Analysis is the next. Step 2: Conduct a Business Impact Analysis The Business Impact Analysis (BIA) is the foundation of your disaster recovery plan. The BIA will identify which systems need to be recovered in priority order. Start by identifying the most crucial systems and processes and the effect an outage would have on the business. The greater the potential impact, the more important it is to restore a system or process immediately. For example, a stock trading company may decide to pay for completely redundant IT systems that would allow it to immediately start processing trades at another location. On the other hand, a manufacturing company may decide that it can wait 24 hours to resume shipping in the event of a system failure. Your BIA will establish a prioritized list of assets and determine which parts of the business should be restored first. A well-crafted BIA starts with an environmental assessment and process review, which address the following questions: • What types of systems, applications, networks, and facilities are required to function? • Who are the key personnel responsible for these functions? • How critical are these functions to the health/reputation/finances of the organization? • What is needed to perform the functions? • What dependencies are required to perform these functions? • How long can you accept a break in these functions? Time-Critical OR Time-Sensitive: Each application, server, and personal computer has a specific function. But some are more time-sensitive than others in the face of a disaster. For example, a law firm suffers a flood and a number of their servers are destroyed. One of the servers was the company’s email server running Microsoft Exchange. Another server ran the company’s time and billing software that helped the attorneys track their billable hours. 2. http://blog.digitalriskstrategies.com/ponemon-institute-lost-laptops-cost-billions/ 3. Forrester Research, Global IT Budgets, Priorities, And Emerging Technology Tracking Survey, Q2 2010 White Paper: Keeping Your Business Up and Running - No Matter What (risk) — n. The possibility of incurring misfortune or loss; hazard Types of Risk: Financial: May include opportunity lost during downtime, loss of revenue from sales, the cost of borrowing to meet cash flow, penalties from not meeting contractual commitments or service levels, loss of core asset (data) leading to bankruptcy. Regulatory: May include penalties for not having appropriate records and document history as mandated by SOX, HIPPA, and other regulations; filing financial reports or tax returns on time; fines or penalties for noncompliance; or the need to recall products due to lost product-testing information. Reputation: May include loss of customer confidence, decrease in market share, liability claims, customer dissatisfaction, negative media coverage, and loss of goodwill. Risk www.iCorps.com 888.642.6484
  • 3. White Paper: Keeping Your Business Up and Running - No Matter What While the loss of the time and billing application will cause significant extra work and lead to increased cost and lost productivity, the lawyers could manually track their time and billing temporarily or go back and retrospectively input their hours. The loss of email communication, however, means that clients’ emails aren’t getting read, urgent correspondence from the courts or opposing council isn’t being received, and the attorneys aren’t able to communicate with their clients. While the time and billing software is critical to efficiently running the law firm, it is less of a priority in the middle of a disaster, not because it is not critical, but because it is not time-sensitive. Identify the Risks: The next step is to identify possible risks, or causes of potential disasters. Consider both internal and external causes in your evaluation. Internal causes could include hardware failure, sabotage, theft, hacking, or data corruption. External causes could include earthquakes, fire, or a power outage. Evaluate the Impact: Once the risks have been identified, the next step in the BIA is to valuate the impact of the risks on your business. There are several ways to do this, but a look at the estimated impact of the risk against the probability of the risk occurring is one of the more straightforward approaches, and often the clearest to communicate to the management team. Using the matrix in Figure 1, map the impact of the event against the estimated probability. All items in the upper right must be dealt with immediately as they clearly have the highest impact and are most likely to occur. Those in the lower left are the least of your worries. Those in the middle need to be prioritized accordingly. Step 3: Determining the ROI of your Disaster Recover Plan Having identified the possible risks and evaluated the likely impact on the business, the next step is to calculate the return on investment (ROI) to prove that your investment in disaster recovery is worth every penny. There are many formulas to calculate a ROI. The most common is a simple equation: ROI = (Benefits-Costs)/Costs Quantifying the Benefits: Quantifying the benefits associated with a disaster recovery plan will vary by industry. But in general, if your business can’t operate – send and receive payments, facilitate transactions, or service customers – what does that do to your company? How much is it worth to avoid the impact of unforeseen disasters? We start by calculating the benefits that will be derived from the disaster recovery plan. Direct benefits are the savings that would occur if the company was able to recover quickly after a disaster. Continuing with the legal example: assume the law firm we are discussing has 10 attorneys that bill at an average of $200 an hour. Let’s say that the attorneys aren’t able to email with clients or access critical records because of the flood in the server room. The law firm would lose a minimum of $2,000 per hour in lost revenue or $20,000 per day (if the attorneys work 10 hour days). This is merely the cost of downtime and assumes full recovery. If the firm actually lost the emails or client data permanently, the loss could be fatal to the business and would either lead to millions of dollars in loss and/or cause the firm to shutdown. Therefore, the benefit from your investment in a DR plan is inversely related to the cost of downtime. Low Low High HighProbabilityofOccurence Impact of Risk Low -LevelriskM edium -LevelRisk CriticalRisk Figure 1: The Risk Impact/Probability Chart © 2014. Axcient, Inc. All Rights Reserved. “ ” If your business can’t operate — send and receive payments, facilitate transactions, or service customers — what does that do to your company? How much is it worth to avoid the impact of unforseen disasters? www.iCorps.com 888.642.6484
  • 4. White Paper: Keeping Your Business Up and Running - No Matter What Calculating the Costs: Soft costs include the negative impact to customer satisfaction, brand value, and shareholder equity if the company is not able to quickly recover after a disaster. These need to be layered onto the hard costs. The $20,000 per day that was calculated above for the law firm is the “opportunity cost” or “hard cost” because the firm must pay its attorneys, yet those attorneys aren’t able to work. However, the soft costs are likely even greater in this scenario because clients are likely to switch firms or use a different firm in the future if their emails go unanswered for an extended period of time and key dates and deadlines for their cases are missed. The cause of the disaster is also a factor. Although customers are likely to be more forgiving in the case of a natural disaster than a technical failure, this should still be figured into the potential soft costs lost. The costs associated with implementing a backup, business continuity, and DR plan are fairly easily quantified if you use a comprehensive all-inclusive service like Axcient. However, if you use a cobbled together solution that involves DR planning and separate hardware, software, and service, as well as the cost of your time managing the solution, you must calculate the direct investment required to create the plan. In addition, you must also calculate the cost of implementation and management, plus the amortized rate of the hardware and software, as well as the subscription to the disaster recovery service. Using the Axcient-iCorps case, for example, a managed service provider implements a fully managed business continuity and disaster recovery solution for the law firm with a recurring subscription of $400/month. Completing the law firm example we get the following calculation: Step 4: Create Your Disaster Recovery Plan At this point, you are ready to create an actual disaster recovery plan. This plan will strategically prioritize all assets and formulate the recovery sequence necessary to keep your business operational. The plan will also provide tactical details needed to execute the plan should it become necessary. Access to Information It is critical that your plan includes how to access all information required to re-establish the systems. This includes authentication, SSL certificates, and passwords. Without these critical pieces of information, it is almost impossible to access the systems and information needed to reset systems, access data, etc. Often forgotten, yet critical to the recovery process, is personnel contact information and contact methods. In the case of a disaster, knowing who to contact and how to best reach them is essential. Cell phones, home phones, email, and other options will be required. In the case of a serious natural disaster cell phones may not be operational, but social media services like Twitter and Facebook may be. Consider all possible touch points to ensure you have access to the people required to get your systems back up and running. Prioritize recovery procedures Recovery procedures should take into account the overall network infrastructure as well as personal computing devices needed to restart operations. In general, most network resources will be unavailable until directory services are up, so these should be brought up first. Identify key dependencies and take them into account when documenting and describing recovery processes and procedures. For example, if servers need access to a data farm before they can deliver access to key services or information, those resources must be ready before or as the servers come online. Benefits Benefits Revenue Saved $20,000 (inverse of 10 hours of downtime) Costs Create the Plan Subscription Fee Total Cost $0 $4,800 (average annual subscription fee) $4,800 ROI ($20,000 - $4,800)/4,800 = 3.16 © 2014. Axcient, Inc. All Rights Reserved. www.iCorps.com 888.642.6484
  • 5. White Paper: Keeping Your Business Up and Running - No Matter What Make sure the plan addresses issues involved in providing desktop or notebook access to key staff members during recovery. If the key team can’t access the servers or backup data, they will not be able to initiate or manage the recovery. Also, make sure to consider computing access for key executives, sales, and support personnel throughout the recovery process. Document the recovery processes Write the disaster recovery plan based only on what is true today, but know that it will evolve over time. It is tempting to include changes that are expected to be in place soon, however, more often than not, new systems are delayed or do not function as expected. The result is a disaster recovery plan not rooted in fact; one that is sure to fail in the event of an actual disaster because it does not actually represent the true nature of the IT systems and infrastructure. Therefore, document the plan as it exists today. If you know changes are forthcoming, wait to document the change until it is in place and the details are known. Alternatively, establish an update schedule that routinely publishes revisions to the plan. Quarterly updates that coincide with testing procedures can be very effective and efficient. Step 5: Test Your Plan Beyond addressing essential dependency issues covered above, many companies discover during testing that some aspects of their processes and procedures are missing, insufficiently detailed, or lacking important information. Identify gaps Your first test will identify these critical gaps. Amending the plan to address these gaps is one of the biggest benefits of testing your plan. Many companies find that creating and documenting the plan, and providing supporting checklists and timetables, help mange what could be a very stressful situation. With clear guidelines and processes, people are more comfortable and therefore more in control. Following the plan during practice drills gives people focus and helps highlight oversights and omissions. This way, issues can be addressed before genuine disasters or business interruptions strike. During an actual crisis or disruption, many companies discover that they can’t draw on adequate power or facilities when they go into recovery mode. Practice sessions will quickly identify and help suggest remedies to such problems. Without having a plan for backup power or physical facilities, you are guaranteed to delay recovery. Lack of sufficient power and facilities will show up during practice drills when teams try and fail to bring systems back up because of power or facilities-related issues or problems. This is another benefit of testing your disaster recovery plan. Industry best practices recommend conducting a “conference room” test on a quarterly basis. These tests are informal reviews of the documentation. The team walks through the procedures in the safety of a conference room. The discussions focus on processes, policies, and procedures and ensure that all team members understand their roles and responsibilities. If possible, live tests should be conducted annually to ensure everything is in working order. Failure of a “conference room” test is one thing. Failure during an actual crisis can and will cause significant damage to a business. The live test should include service providers, complete failover, restore, and validation processes. Communication processes and procedures should simulate a disaster scenario, including alternative means of communication. It’s essential to put processes in place that require staff to report regularly on plan status and enact change management to keep plans in sync with organizational and technical realities on the ground. It’s also important to perform regular audits to check how well plans and reality match. Conclusion As much as we’d like to think that technology is flawless, it isn’t. The processes recommended are based on best practices, industry standards, and our experiences with businesses. Taking these processes into account when developing your disaster recovery plans will help ensure that the critical issues are addressed. Axcient and iCorps both focus on ensuring that you always have access to your data, systems and applications – anytime, anywhere – not matter what. Your peace of mind and the success of your business are our top priority. © 2014. Axcient, Inc. All Rights Reserved. “ ” Many companies discover during testing that some aspect of their processes and procedures are missing, insufficiently detailed or lacking important information. www.iCorps.com 888.642.6484
  • 6. About iCorps Technologies iCorps Technologies, a leading IT Consulting, Managed Services and Cloud Computing Company, provides strategic leadership, innovative services and hands-on expertise to small and medium businesses. An industry pioneer, the iCorps team guides some of the fastest-growing organizations and collaborates with hundreds of clients to help transform their businesses – while delivering exceptional results. To learn more, please visit www.iCorps.com About Axcient Axcient is an entirely new type of cloud platform that eliminates data loss, keeps applications up and running, and makes sure that IT infrastructures never go down. Designed for today’s always-on business, Axcient replaces legacy backup, business continuity, and disaster recovery software and hardware, and reduces the amount of expensive copy data in an organization by as much as 80%. By mirroring an entire business in the cloud, Axcient makes it simple to access and restore data from any device, failover IT systems, and virtualize your entire office with a click - all from a single deduplicated copy. Trusted by thousands of businesses to store and protect more than 10 billion files and applications, Axcient maximizes productivity, reduces cost, and eliminates risk. Learn more at www.axcient.com. White Paper: Keeping Your Business Up and Running - No Matter What © 2014. Axcient, Inc. All Rights Reserved. www.iCorps.com 888.642.6484