Beyond Business Continuity And Disaster Recovery The Paradigm Shift Mardecia Bell Ann Harris.

Slides:



Advertisements
Similar presentations
Web Security for Network and System Administrators1 Chapter 1 Introduction to Information Security.
Advertisements

FMS. 2 Fires Terrorism Internal Sabotage Natural Disasters System Failures Power Outages Pandemic Influenza COOP/ Disaster Recovery/ Emergency Preparedness.
Information Technology Disaster Recovery Awareness Program.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
1 Disaster Recovery “Protecting City Data” Ron Bergman First Deputy Commissioner Gregory Neuhaus Assistant Commissioner THE CITY OF NEW YORK.
© 2009 EMC Corporation. All rights reserved. Introduction to Business Continuity Module 3.1.
1 Disk Based Disaster Recovery & Data Replication Solutions Gavin Cole Storage Consultant SEE.
6.1 © 2007 by Prentice Hall 6 Chapter Foundations of Business Intelligence: Databases and Information Management.
Optimizing the User Experience Throughout the Infrastructure Consolidation Process Dan Smith, Enterprise Solutions Manager, GTSI Chris Theon, Practice.
Security Controls – What Works
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Disaster Recovery and Business Continuity Planning in a University Environment Mardecia Bell Ann Harris Copyright Mardecia Bell/Ann Harris This work.
Introduction Security is a major networking concern. 90% of the respondents to the 2004 Computer Security Institute/FBI Computer Crime and Security Survey.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.
Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
1. 2 New Computing Models, and What They Mean to the Small and Mid Sized Business Consumer How your business can make practical decisions between “The.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Demonstrating IT Relevance to Business Aligning IT and Business Goals with On Demand Automation Solutions Robert LeBlanc General Manager Tivoli Software.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
November 2009 Network Disaster Recovery October 2014.
EASTERN MICHIGAN UNIVERSITY Continuity of Operations Planning (COOP)
DTS Disaster Recovery Service Fact and Fallacy By Marianne Chick, CBCP DTS Disaster Recovery Planner.
Discovery Planning steps (1)
Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.
© TecSec® Incorporated 2003 Threat Notification Model for Federal, State and Local Authorities Threat Notification Model for Federal, State and Local Authorities.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
ISA 562 Internet Security Theory & Practice
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
NOAA WEBShop A low-cost standby system for an OAR-wide budgeting application Eugene F. Burger (NOAA/PMEL/JISAO) NOAA WebShop July Philadelphia.
Secure Data Sharing What is it Where is it What is the Risk – Strategic > What Policy should be enforced > How can the process be Audited > Ongoing Process.
1. 2 Cost to Recover Time to Recover Last Backup Work Backlog Created Lost Data Recovery Operations Time Cost Disaster Recovery Time Frame Reconstruct.
©2006 Merge eMed. All Rights Reserved. Energize Your Workflow 2006 User Group Meeting May 7-9, 2006 Disaster Recovery Michael Leonard.
Hosted by Why You Need a Storage Management Organization Ray Paquet Vice President & Research Director Gartner.
Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.
Unit 3: Identifying and Safeguarding Vital Records Unit Introduction and Overview Unit objective:  Describe the elements of an effective vital records.
Introduction to Information Security
Office for Information Resources Crisis Management and DR Larry K. Peck Disaster Recovery Consultant Office of Information Resources State of Tennessee.
Business Continuity. Business continuity... “Drive thy business or it will drive thee.” —Benjamin Franklin ( ), American entrepreneur, statesman,
Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.
September Information Technology Division BCP Presented By Roy Gregory IT Security Manager.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.
1 ITS STRATEGIC INITIATIVES Ken Orgill Assistant Vice Chancellor, Information Technology Services and Campus Chief Information Officer.
11 DESIGNING AN ADMINISTRATIVE SECURITY STRUCTURE Chapter 7.
BTEC NAT Unit 15 - Organisational Systems Security ORGANISATIONAL SYSTEMS SECURITY Unit 15 Lecture 3 OTHER DAMAGING THREATS.
Business Continuity Disaster Planning
ANNELIES BULKENS UNIFIED COMMUNICATIONS PRODUCT MARKETING MANAGER ILSE VAN CRIEKINGE TECHNOLOGY ADVISOR CORE UNIFIED COMMUNICATIONS.
CLOUD-BASED VIDS A CIO’S PERSPECTIVE Stephen Alford, CIO WEP, Inc.
CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.
EXPECT THE UNEXPECTED Prepare Your Business for Disaster.
Business Continuity Planning 101
Information Systems Security
Chapter 6 Foundations of Business Intelligence: Databases and Information Management.
DTS Disaster Recovery Service Fact and Fallacy
Our Data Center Structure
Chapter 6 Foundations of Business Intelligence: Databases and Information Management.
Storage Trends: DoITT Enterprise Storage
What a non-IT auditor needs to know about IT & IT controls
INFORMATION SYSTEMS SECURITY and CONTROL
1 2 Please stand by! The webinar will begin shortly.
Disaster Recovery at UNC
Chapter 6 Foundations of Business Intelligence: Databases and Information Management.
The Survival Plan.
Information Technology Organization Overview RFP #220-05
Presentation transcript:

Beyond Business Continuity And Disaster Recovery The Paradigm Shift Mardecia Bell Ann Harris

History/Timeline 1997 Initiated with the administrative environment Mainframe environment recovery test 1999 Y2K - Business Continuity concept Acquired central repository software (LDRPS) 2001 Scheduled annual Mainframe recovery test Included communications & academic environment 2002Expanded to include Enterprise Business Continuity/Disaster Recovery Planning 2004Successful DR test of ERP systems 2005Co-processing of production services began in Data Center II 2005DR Unit created – restructured to Organizational Resilience in 2006

Organizational Resilience Unit The OR Unit was established to close the gaps in the Capability Maturity Model by using: Industry standards and best practices Auditing processes for resiliency Promoting policies, rules and regulations

Business Resiliency Resiliency is an enterprise-wide state of readiness including people, processes, information, facilities, and third-parties as well as technology to cope effectively with potentially disruptive events. (Financial Services Technology Consortium)

Business Resiliency Cont.’d It is an enterprise's capability to respond rapidly to unforeseen change, even chaotic disruption. It is the ability to bounce back — and, in fact, to bounce forward — with speed, grace, determination and precision. (Gartner Research “The Five Principles of Organizational Resilience”)

The Paradigm Shift Disaster Recovery –Static in nature –Slow and dogmatic –Reactionary –Stationary work dependencies Organizational Resilience –Flexible –Rapid response –High state of readiness –Mobile work environments

Layers of Organizational Resilience

The Layers of Organizational Resilience Strategy and Vision –What are the concerns? –What is the future direction/roadmap? –What does this mean for me? –What are the expected service levels?

The Layers of Organizational Resilience Organization –Who should I turn to for help? –[Someone] should know about this? –Documented roles, responsibilities, accountability

The Layers of Organizational Resilience Processes –Who knows how/why it was done that way? –Where is that manual??? –What if the change happened here? –Do we have identified alternatives?

The Layers of Organizational Resilience Applications and Data –Is the data secure/stable? –Is the application accessible remotely? –Is the application/data changed becoming unusable? –What’s the tolerance level in the event of a disruption? –Backups…

The Layers of Organizational Resilience Technology –Is there a better way? Cheaper Safer More secure Market advised –Have threats or potential impacts changed? –Redundancy/Failover

Illustration of Various DR Deployments  Fault-tolerant cluster (file and print services) A Production B Configuration B Production A Configuration B Production A Production  Distributed deployment (hosted systems) A Production A Development A Production  Co-processing and load-balancing (ERP) A Production  Data replication (mainframe) Server Data Server Data Server Data

Enterprise Resource Planning (ERP) Deployment DC II  Financial System (Version 8.4)  Human Resources (Version 8.8)  Student Information System (v8.9 under development) DC I Web Server DB Server Application Server Batch Server Campus Users Web Server Application Server Batch Server Web Server Application Server Web Server Application Server Batch Server DB Server Batch Server Data Storage Area Network

Summary and Future Steps DC II Hosted systems Infrastructure Data Storage Area Network Active Directory / Windows Novell Directory Services / Novell Citrix ERP Web ERP Batch ERP Application Data Backup/vaulting ERP DB Server DC I Hosted systems Infrastructure Data Storage Area Network Back up/vaulting Active Directory / Windows Novell Directory Services / Novell Citrix ERP Web ERP Batch ERP DB Server ERP Application Development Server Mainframe Server /Calendar Anti-SPAM File/Print, User Home Web Server Database Server Development Server Mainframe Server Web Server Database Server Data Storage Area Network Data /Calendar Anti-SPAM File/Print, User Home

The Layers of Organizational Resilience Facilities –What if I can’t get to my PC? Can you perform your critical tasks remotely? Are your critical applications hosted or local to your PC? –What if I can’t get to my office? Are critical files accessible remotely? –Manuals –Procedures

Capability Maturity Model

Business Impact Analysis and Risk Summary Workshop Session I Network failure Fire (in data centers and/or offices) –Inability to access data centers and/or offices Extreme weather conditions Human errors Theft or malicious activities Lack of staff resources Corrupt data Vaulting damage or errors Regional disasters Flooding of datacenters and/or offices Main Distribution Frame (MDF) fire and/or flood Lack of equipment Third-party network failure (i.e. RoadRunner down) Hardware Failure Software Failure Network breaks (fiber and cable damage) Physical access of data centers (keys, card readers) Access to data in an emergency (maintenance of ACL's) Security documentation

OR Resilience Chart Threat Assessment Strategy and VisionOrganizationProcessesApplications and Data TechnologyFacilities Lack of uniform visionLack of staff resources Human ErrorsSoftware Failure Network Failure/ Breaks Fire Defined SLALack of Communication Lack of Documentation Corrupt DataHardware Failure Extreme Weather Customer ValueVaulting damage Errors Lack of equipment Physical Access & Security Authentication During incident 3 rd Party Failure Data/TeleCom Regional disasters Flooding Theft/ Malicious Activities Access

Organizational Resiliency The next step in DR/Business Continuity To incorporate readiness and contingency in daily operations To be ready to address any type of disruption at all times

Contact Ann S. Harris Assistant Director NC State University RMIS Organizational Resilience

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.