Spring World 2018

Conference & Exhibit

Attend The #1 BC/DR Event!

Winter Journal

Volume 30, Issue 4

Full Contents Now Available!

Industry Hot News

Industry Hot News (393)

When airlines undergo mergers and acquisitions (M&A)—and they frequently do—it means merging IT systems, too, if they don’t rebuild IT infrastructure from scratch or run the systems separately. Merging is the choice companies often make, and it can also be the riskiest.

Jumbled IT systems can cause outages and critical system failures, threatening to ground thousands of flights, and could even allow too many pilots to have the holidays off.

“Quick and dirty” fixes that can get you off the ground often turn into long-term solutions—ones that can sideline your operation years from now. One dormant glitch could make your scheduling system decide to play Santa.

Take the time to remap your systems entirely, with all the dependencies, and treat them as one system. Then you can be sure your infrastructure is more reliable, and your disaster recovery plan can recover the full IT environment.

Airline Merger cartoon


These days social media is the little red sports car of communications platforms while email is more like your father’s Oldsmobile.

However, the fact is, email is still the mainstay of internal communications for business.

For large organizations, email continues to offer powerful advantages over other communications platforms. These include its near universal acceptance and familiarity, its ability to keep a record of important communications, and the ability it provides to send attachments.



Big Data, mobility and the Internet of Things (IoT) are generating an enormous amount of data, and data center operators must find ways to support higher and higher speeds. Many data centers were designed to support 1-gigabit or 10-gigabit pathways between servers, routers and switches, but today’s Ethernet roadmap extends from 25- and 40-gigabit up through 100-gigabit, and 400-gigabit and even 1-terabit Ethernet loom within a few years.  As a result, data center operators have an immediate need to migrate their Layer 1 infrastructure to support higher speeds, and that new infrastructure must also deliver lower latency, greater agility, and higher density. In this article, we’ll look at the challenges of moving to higher-speed cabling infrastructure, and how to plan for the future.

 Recent data center trends predict bandwidth requirements will continue growing 25 percent to 35 percent per year. A key impact of this sustained growth is the shift to higher switching speeds. According to a recent study by Dell’Oro, Ethernet switch revenue will continue to grow through the end of the decade, with the biggest sales forecasted for 25G and 100G ports. The shift to 25G lanes is well underway as switches deploying 25G lanes become more commonplace. Lane capacities are expected to continue doubling, reaching 100G by 2020 and enabling the next generation of high speed links for fabric switches. A number of factors are driving the surge in data center throughput speeds.



Wednesday, 13 December 2017 17:27

Planning for High-Speed Data Center Migration

A suicide bomber attempting to blow up the NYC subway, nut jobs plowing through pedestrians, active shooters killing innocents, and deadly wildfires and hurricanes have saturated our news for months.

From workplaces like yours, lives have been taken, injuries sustained, and mental health eroded. Property ruined or damaged. Businesses in shreds. Jobs lost.

Whether you’re a business, nonprofit organization or government agency, you can’t stop crazy incidents like these.

But you can prepare for them. You can respond. And you can recover.



Wednesday, 13 December 2017 17:26

You can’t stop crazy: Part 2

No one should wait for a medical crisis to learn how healthy they are—yet not so long ago, that was the prevailing attitude among many enterprises concerning their IT networks.

Thankfully, system performance management (SPM) as a key IT discipline has evolved. Now it’s possible to do much more than simply monitor uptime; in fact, enterprises have more ways to measure their system health than ever before.

Today, enterprises are demanding a much more sophisticated and 24/7 assessment of all aspects of network performance. SPM software vendors are doing their part by providing applications that collect and analyze a powerful array of operational metrics.



Meet Sophia, who has Saudi-Arabian nationality. There’s nothing unusual about that, except that Sophia is a robot.

She was granted her nationality very recently, the first robot to ever receive such a distinction.

Whether other countries will follow suit or whether other robots will obtain Saudi-Arabian nationality remains to be seen, but the writing is on the wall.

Robots and other forms of artificial intelligence are poised for not just insertion into, but integration with society and business. Given the propensity of machines to continue to work indefinitely without tea-breaks or any other interruptions, the face of business continuity could be changed forever too.

So far, business continuity has been largely about humans monitoring and mending machines. It has also been about humans interacting with humans, as soon as the interaction became more complex than what a cash dispenser or ecommerce website could handle.



(TNS) - Five years ago, the world was stunned by a crime unprecedented in its horror — the shootings at Sandy Hook Elementary School that took the lives of 20 first-graders and six adults.

State legislators reacted to the massacre not only by enacting tougher gun laws but also by earmarking millions to make Connecticut schools safer, including addressing concerns raised after the shooting about access to school buildings, communication failures and multi-agency coordination gaps.

But now a Courant investigation has found that those efforts, started when the pain of Sandy Hook was fresh, have largely dwindled.

Nearly half the school districts in the state are violating at least some aspect of the law requiring them to submit school security information, a Courant review of state records reveals.



Iron Mountain has agreed to buy IO Data Centers, a colocation provider best known for its pre-manufactured data center modules, for $1.315 billion, the publicly traded real estate investment trust announced Monday.

The deal comes at the end of what has already been a record year for acquisitions in the data center service provider space. The year saw industry-shaping transactions like Digital Realty Trust’s $4.95 billion acquisition of DuPont Fabros Technology, the $1.67 billion acquisition of ViaWest by Peak 10, the $2.15 billion acquisition of the CenturyLink data center portfolio by a group of investors to form a new provider called Cyxtera Technologies, and the acquisition of Vantage Data Centers by Digital Bridge Holdings, reportedly for more than $1 billion.

Iron Mountain, the bulk of whose business has traditionally been document management and storage, has been aggressively expanding its data center services business. The IO deal adds four large data center sites to its portfolio and follows its acquisition of the Denver data center provider Fortrust in July and Credit Suisse data centers in London and Singapore – its first two locations outside of the US – in October.



(TNS) - As thousands wait for insurance money to make repairs in the wake of Hurricane Harvey, more than a half-dozen school districts, cities and other government agencies are still awaiting payment from the Texas Windstorm Insurance Association on nearly $60 million in claims from Hurricane Ike.

Texas City Independent School District leads the list with more than $172 million in outstanding Ike claims, followed by Dickinson ISD with $10.5 million and Chambers County with $9.5 million. Three other school districts, two cities and a community college are awaiting payment on additional claims of more than $22 million, according to a Houston Chronicle analysis.

Officials said they have little faith that TWIA - the insurer of last resort - will pay the claims without further legal battles.



Open-plan offices have become the norm for many companies wishing to optimize their space, encourage collaboration between staff and breaking down traditional hierarchies.

However, recent research challenges the idea that open-plan working is a surefire route to productivity. Far from an antidote to the inefficiency of closed-off offices, open-plan working can mean staff are beleaguered with distractions and stifled by lack of personal space.

Gensler’s 2016 Workplace Survey found that 67 per cent of the UK workforce feel drained at the end of each working day due to their office environment. In addition, badly designed offices are suppressing innovation in businesses: although over eight million UK employees work in open-plan environments, many of these do not offer variety or choice, nor are they tailored to specific tasks and practices.

“Enclosed office space is not the enemy,” says Philip Tidd at Gensler. “Moving to a simplistic open-plan may not be the most effective option in today’s hyper-connected workplace.”



(TNS) - During the Sept. 11, 2001, terrorist attacks, first responders in New York City had trouble talking to each other on radios, leading to more chaos that deadly day. Afterward, federal authorities told local agencies to digitize their radio systems to enable such communications, but it's taken the better part of two decades for Dallas to catch up to the costly recommendations.

But if officials in the city and county have their way, Dallas police and firefighters and county sheriff's deputies will soon be able to use their radios to instantly talk to other first responders nearby.

County commissioners this week approved a $68 million contract with the city and Motorola that will upgrade the outdated radios and provide maintenance for 15 years. Because the city of Dallas needs far more radios than the county does, officials said, Dallas is paying 75 percent of the costs, while the county's share is 25 percent. The City Council will vote on the deal next week.



It's no secret that unstructured data is growing at astronomical rates, contributing to the big data deluge that's sweeping across enterprise data storage environments. A new study from Western Digital and 451 Research sheds some new light on the scale of the challenge that storage administrators face each day and how it's fueling the object storage boom.

A 451 Research survey of 200 technology decision makers and influencers, sponsored by Western Digital, reveals that a majority of enterprises (63 percent) and service providers are managing storage capacities of 50 petabytes (PB) or more. More than half of that of that data falls under the unstructured category, existing outside of databases and within files, multimedia content and other formats.

Service providers are particularly being inundated with unstructured data. They reported annual growth rates of 60 to 80 percent, compared to 40 to 50 percent for enterprise users.



Okay, everyone, raise your hand if you looked at the headline of this article and thought, “Wait a second, why is Herrera writing about my business continuity budget when everybody just finished doing them? Could his timing possibly be worse”?

Actually, my timing could hardly be better, and I’ll tell you why.

The worst way to devise your BCM program budget is to do it in a rush just before it’s due. The best way—the way that is mostly painless and delivers the most accurate, realistic, and defensible result—is to work on it bit by bit over the course of the year. I’ll explain what I mean in a minute. For now, just take it on faith that the time to start thinking about your next BCM budget is now.



The explosive growth in data, the digitization of information, and the massive acceleration in public cloud adoption are some of the key drivers behind the growing demand for public cloud-based solutions among enterprises searching for greater flexibility and cost savings, and shifting IT to the OpEx model.

Among the cloud-based solutions that enterprises are pursuing, disaster recovery is emerging as a top IT priority. A recent survey points to disaster recovery, along with workload mobility and archival automation, as a key driver of enterprise cloud adoption, with 82 percent of those surveyed citing disaster recovery as a critical reason to move to the cloud. Meanwhile, another report estimates the disaster recovery as a service (DRaaS) market will grow from $2.19 billion in 2017 to $12.54 billion in 2022, with the managed services provider segment achieving the highest growth.

The majority of DRaaS solutions in the market today have very good recovery mechanisms focused on replicating on-premise systems to the public cloud. This traditional model of failover has served companies well for capturing migration to the cloud during times of outages.



(TNS) - Facing an active shooter situation may be as likely as getting struck by lightning, but that doesn't mean lightning never strikes.

That was the warning given to University of Idaho faculty, staff and students as part of an active shooter response training session Wednesday afternoon in the Vandal Ballroom of the Bruce Pitman Center.

In a short training video from the Department of Homeland Security shown that afternoon, experts emphasized the need for everyone to develop a survival mindset before being confronted with danger. In the face of a shooter, the video outlined, respondents must decide whether to run, hide or fight to stay safe.



Friday, 08 December 2017 15:12

EM: Run, Hide and Fight

A new finish for your old car may look great, but in the end, it may still be a ’71 Pinto.  The cost of the BIA process – writing, distributing, validating, analyzing, reporting, presenting to Management, revising and repeating annually – can be a staggering amount.  Yet a BIA may be no more valuable than that new paint job.

Business Continuity programs rely on BIA’s because ‘standards’ says they must.  BIA data gathering isn’t useless– just time-consuming, and questionably valuable.

  • There’s little proof that BIA’s improve planning, since there’s often little in a BIA to inform individual plan tasks.
  • If it doesn’t improve planning, it won’t improve organizational readiness either.
  • Most enterprise criticalities are already understood within the organization; there’s little point looking for them (again) in a BIA.
  • The man-hours spent on BIA development, completion and analysis is shockingly disproportionate to the value the results provide.



The worst wildfire season in the history of modern California is taking another bad turn, as three major fires have destroyed more than 200 homes and buildings.

Strong winds will be fanning the flames. The state’s foresters have issued a purple wind alert for Southern California, something they have never done before.

This follows a Department of Insurance report that insurers have incurred more than $9 billion in claims so far from the October fires, being $8.4 billion in residential claims, $790 million in commercial property, $96 million in personal and commercial auto, and $110 million from other commercial lines. County-level details here.



One of the biggest trends in business today can be summed up by an acronym that is (almost) completely familiar to anyone who has ever taken their own bottle of wine to a restaurant or house party. It’s BYOD, and it involves employees bringing not their own bottle but their own mobile devices to work and beyond, and using them to perform work functions or access company data.

A 2016 study by Tech Pro Research found that 59% of the organizations surveyed let employees use their personal devices for work purposes.

A study by Syntonic in the same year found an even higher acceptance of BYOD. It determined that 87% of companies depend on letting employees use mobile business apps from their personal smartphones.

Gartner sums up the trend as follows: “Bring Your Own Device: BYOD is here and you can’t stop it.”



(TNS) - The Saline County, Kan., Commission Tuesday approved the purchase of hardware to enhance the 911 system.

Computer Technology Director Brad Bowers said the software from Tyler Technologies will cost $31,435, with the city of Salina paying half of that cost.

Commissioners then heard from Emergency Management Director Hannah Stambaugh that the 911 radio equipment might have to be upgraded.

Stambaugh said other counties that have upgraded from analog UHS to 800 HMz radio communication systems have spent up to $11 million.

"It has the potential of having a pretty hefty price," she said, but it could be good for public safety.



Wednesday, 06 December 2017 19:23

New County Radio System Could be Costly

With mobile and last-mile bandwidth coming at a premium and modern applications needing low-latency connections, compute is moving from centralized data centers to the edge of the network. But there a lot of myths about edge data centers. Here’s what organizations are typically getting wrong, according to Uptime Institute’s CTO Chris Brown:

Myth 1: Edge computing is a way to make cheap servers good enough

The old branch office model of local servers won’t work for the edge; an edge data center isn’t just a local data center. “An edge data center is a collection of IT assets that has been moved closer to the end user that is ultimately served from a large data center somewhere.”



Wednesday, 06 December 2017 19:21

Five Edge Data Center Myths

Building A Strong Strategy From the Ground Up

There is no one-size-fits-all solution for risk management function, how risk is governed varies across industries and organizations. But there are five interrelated principles that underlie effective risk management within organizations in both good times and bad – integrity to the discipline of risk management, constructive board engagement, effective risk positioning, strong risk culture and appropriate incentives.

Below, we discuss these five fundamental tenets integral to ensuring the success of the independent risk management function.



Wednesday, 06 December 2017 16:04

5 Key Principles Of Successful Risk Management

Large and small businesses differ in more than size. Large companies find it easier to adjust headcount and therefore to introduce new skillsets. For small businesses on the other hand, adding just one person can represent a significant change to the payroll.

As IT solutions have progressed, becoming smarter, user-friendlier, more automated and more granular, smaller companies have been able to more finely adjust their investments and operations, helping them keep pace with bigger corporations. So far, IT security has followed a similar evolution. But will the rising trend of threat hunting change things?

The idea behind threat hunting is that some attackers are getting too smart for current IT security technology. They can penetrate defences without being detected, install malware, and develop their attacks at their leisure. However, in doing so, they leave traces that can be picked up by astute human beings, aka threat hunters.



If you lost your home, business or personal property due to Hurricane Irma, you or your family may be struggling to cope with the emotional impact of the disaster. For individuals and families looking to rebuild, the approaching holidays may be especially difficult.

FEMA’s online information, Coping with Disaster provides suggestions that may ease the stress that can follow a traumatic event such as a hurricane, which can be even more challenging around the holiday season. There are special sections on how to recognize signs of disaster-related stress, and on how to help children deal with their emotional needs.

Among the suggestions:

  • Limit your exposure to traumatic news coverage and social media about the disaster until you can handle it.
  • Stay connected with family and friends.
  • Accept the fact that your recovery may take time.

Disasters can leave children feeling frightened, confused, and insecure. Whether a child has personally experienced trauma, has seen the event on television, or has heard it discussed by adults, it is important for parents and teachers to be informed and ready to help if reactions to stress begin to occur.

The staff at the Mayo Clinic say the holiday season causes stress and depression in some people. This may be heightened by the emotional impact of other situations, such as the recent hurricane. They offer some tips on how to cope with stress, depression and the holidays.

According to the National Institute of Mental Health, symptoms of depression may include:

  • Difficulty concentrating, remembering details, and making decisions
  • Fatigue and decreased energy
  • Feelings of guilt, worthlessness, and/or helplessness
  • Feelings of hopelessness and/or pessimism
  • Insomnia, early-morning wakefulness, or excessive sleeping
  • Irritability, restlessness
  • Loss of interest in activities once enjoyed

The Substance Abuse and Mental Health Services Administration provides crisis counseling and support to people experiencing emotional distress related to natural or human-caused disasters. SAMHSA provides toll-free, multilingual and confidential support on its Disaster Distress Helpline. Stress, anxiety, and other depression-like symptoms are common reactions after a disaster. Call 800-985-5990 or text TalkWithUs to 66746 to connect with a trained crisis counselor.

Other resources for helping you and your children cope after the disaster can be found at these websites or by calling the number provided:

  • FEMA: ready.gov/kids.
  • National Center for Child Traumatic Stress: Floods. Phone 310-235-2633 or 919-682-1552.
  • Save the Children: Ten Tips to Help Kids Cope with Disasters, Hurricane Tips for Parents: How to Help Kids.
  • American Academy of Pediatrics: Helping Your Child Cope, Talking to Children about Disasters, How Children of Different Ages Respond to Disasters, How Families can Cope with Relocation Stress After a Disaster.
Wednesday, 06 December 2017 16:01

FEMA: Coping With Holiday Stress After a Disaster

Big data applications are growing as organizations mine their data for insights about clients, suppliers and operations. But as capacities grow and data becomes more sensitive, the underlying storage remains an important consideration.

Here are ten tips on how data storage professionals can stay on top of the big data deluge that threatens to overwhelm their systems.



Wednesday, 06 December 2017 15:39

8 Top Tips for Beating the Big Data Deluge

A Powerful Combination That Could Save Organizations Compliance Costs


The advances in technology in recent years have led to an exponential increase in the volume of data collected and stored. How can investigators maximize data analytics to achieve the most effective—and efficient—results for their clients? The answer lies in harnessing the power of AI to augment the capability and capacity of an investigator. 

From paper records and rudimentary analytics tools to artificial intelligence (AI) and complex data analysis, the world of investigative technology has clearly come a long way.

To identify potential risk areas for their clients, forensic investigators have traditionally relied on limited sets of information from their clients and rudimentary analytical tools. While this may have been previously adequate, the complex business environment, management structures and data deluge in today’s organizations have given rise to unconventional data sources that add important correlations to financial data. If these correlations are ignored, there is the potential that forensic investigators may miss opportunities to mitigate instances of fraud for their clients. To further complicate the challenges faced today, this in-depth analysis, across a vast amount of data, needs to be done in a cost-effective manner.



Today there are more households with mobile devices than with desktop computers.

According to the Pew Research Center, 84 percent of US households have a median of two smartphones, while only 80 percent have a median rate of one desktop or laptop computer. In fact, 95 percent of American adults now use some sort of cell phone. For all the personal data that is being shared across mobile lines, there needs to be greater attention given to the threats of mobile security.

Scope of Security Threats to Mobile Users

Mobile use is only expected to increase due to the dependency on this type of technology. Already, mobile devices are used to access the internet for everything. The Pew Research Center states that 62 percent of users accessed information about their health conditions on a mobile device. In addition, 57 percent use mobile devices for online banking, while 18 percent have submitted a job application on their smartphone.



Monday, 04 December 2017 17:16

Trends and Threats in Mobile Security

The database market has evolved over the decades on the incredible efforts of several single server databases including Oracle, Microsoft SQL Server, PostgreSQL, MySQL, and MariaDB. There are many more; however, these few have furthered the industry with a recipe for building robust transactional systems.

In fact, Oracle and Microsoft SQL Server, by far the two most popular commercial single server databases, are the driving forces behind the combined 65 percent market share for the two companies.

Single server databases provide an architectural simplicity that is hard to beat. You have a single process running on Server 1, then Server 2 provides high availability.

So why change?



Monday, 04 December 2017 17:14

Graduating from Single Server Databases

Prepare to Plan or Plan to Fail

As Audit teams start thinking about their 2018 plans, being able to identify new trends in emerging risk areas that threaten to disrupt enterprise performance over the next year is critical. This explains 12 risks, connected by four major risk themes, that organizations need to have on their radar and what Audit teams need to do to more effectively identify and communicate these risks to their organizations and stakeholders.

Global unpredicted events this year – election results, natural disasters, corporate scandals – have heightened executive and board sensitivity towards risk. Consequently, Audit committees are increasingly tasking Internal Audit to provide assurance over a wider set of risks, beyond traditional financial and operational focus areas.

Annually, CEB, now Gartner, surveys more than 200 Audit heads globally on risks that should be top of mind for organizations in the next year. This year, our Audit Plan Hot Spots report identified four overarching themes that underlie the risks that Chief Audit Executives (CAEs) express as critical to including on their audit plans in 2018:



Monday, 04 December 2017 17:12

4 Major Audit Risk Themes For 2018

Passengers on the Titanic didn’t think it could sink.  When it did, there wasn’t room for everyone in the lifeboats.  By slavishly tying your BCM program to industry ‘standards’, you may find yourself adrift during a business disruption.  Standards are only guidelines.  They’re no substitute for the knowledge necessary when disruptions occur.



Monday, 04 December 2017 17:09

BCM Standards: Lifeboat or the Titantic?

Disasters come in many forms. Most of the time for a business, a disaster is the result of a power outage, an act of nature, a cyberattack, or human error. Whatever the cause, without a surefire workplace recovery plan, a business is likely to suffer extreme financial losses.

The following facts are alarming. The good thing is, that if you can acknowledge areas for opportunity in your business, you can greatly minimize the impact of any unfortunate incident.



As of October 2017, the United States has seen 273 mass shootings this year alone.

Due to the recent active shooter events across the US, it is increasingly imperative to create a response plan. In the event of an active shooter scenario, government agencies need to be ready to handle the situation. Discover how emergency notification and response methods can be implemented in emergency response plans for your organization.

Emergency Communication Plans

Did you know the US Department of Homeland Security has established a National Emergency Communication Plan that coordinates communications for response and recovery in the event of a crisis? You can utilize the framework of this plan to devise an emergency communication plan for your own organization. It should include the following goals:



Monday, 04 December 2017 17:03

Active Shooter Response Plan

Is Winter That Dangerous?

Sure, spring, summer and even early fall months generally bring us more severe weather, such as hurricanes, tornadoes, and strong thunderstorms, but the winter months can wreak their own havoc. We pulled the following common winter dangers straight from NOAA:

  • Wind – Some winter storms have extremely strong winds that can create blizzard conditions with blinding, wind-driven snow, drifting, and dangerous wind chills. These intense winds can bring down trees and poles, and can also cause damage to homes and other buildings.
  • Snow – Heavy snow accumulations can immobilize a region and paralyze a city, strand motorists, stop the flow of supplies, and disrupt emergency services. Buildings may collapse, and trees and power lines can be destroyed by heavy snow.
  • Ice – Heavy ice accumulations can bring down objects like trees, utility poles and lines, and communication towers. Power can be disrupted or lost for days while utility companies repair the damage.

Winter weather can disrupt life, including business operations, for days, even weeks. Is your company ready? Do you have the systems in place to keep your employees informed during a winter event? If email is your go-to, how do you plan on using it effectively to reach every employee without power? Can you be certain every employee will get the messages?



Friday, 01 December 2017 16:32


(TNS) - The 2017 hurricane season, which ends Thursday, will go down as one of the most active and destructive of all time. There were 17 named storms, six of them major, and significant damage was registered in the Leeward Islands, the Caribbean and the United States.

After 12 years of calm, the Sunshine State received its first direct hit since Hurricane Wilma in 2005. Hurricane Irma blasted through the Florida Keys, roared ashore near Naples, then jetted up the spine of the state, causing at least $6 billion in property damage and another $2.5 billion in agriculture losses.

Locally, Irma caused thousands of trees to topple onto roads, homes and power lines. Most homes and businesses lost power. Residents had to battle gasoline lines and find a way to get to work.

Irma was the most disruptive hurricane to make landfall in recent memory, mainly because the entire peninsula suffered damage. In Alachua and Marion counties, Irma was more disruptive than the double whammy of Hurricane Frances and Hurricane Jeanne in 2004.



In theory, IT service management should contain sprawl, limiting or preventing the spread of underutilised IT assets.

Any organisation that prides itself on being lean will recognise the contradiction in multiplying the number of half-used servers that then take up twice the space and power without twice the results.

So why do some large corporations still manage to run huge server farms for little effect and significantly increased risk of failure because all those half-used (if that) assets are also interlinked with each other?

A recent article by The Register singles out a British Airways service failure, emphasising the high number of servers required for what appears to be relatively small tasks.



Friday, 01 December 2017 16:28

ITSM and the Scourge of Server Sprawl

WASHINGTON – While Nov. 30 marks the end of a historic hurricane season, FEMA and its partners continue to work diligently in support of disaster survivors recovering from the devastating season.  Four hurricanes made landfall:  Harvey, Irma, Maria and Nate (the first three were classified as major hurricanes, which affectedroughly 25.8 million people). Also during this season, nearly two dozen large wildfires burned more than 200,000 acres of land in northern California. 

Hurricanes Harvey and Irma marked the first time two Atlantic Category 4 hurricanes made landfall in the Continental United States, in the same season.  Hurricane Harvey set a new record for the most rainfall from a U.S. tropical cyclone, with more than 50 inches of rain in some areas. The storm resulted in catastrophic flooding in Texas and western Louisiana.  Two weeks later, Hurricane Irma became the strongest Atlantic Ocean hurricane on record. Winds peaked at 185 mph, and Hurricane Irma remained a hurricane for 11 days. Irma was the longest-lived Atlantic hurricane since Ivan in 2004.  The public response to Hurricane Irma, as the storm approached, resulted in one of the largest sheltering missions in U.S. history.

Hurricane Maria devastated the U.S. Virgin Islands and Puerto Rico soon after Hurricane Irma struck their shores. Hurricane Maria was the first Category 4 hurricane to make landfall on the main island of Puerto Rico in 85 years, and the resulting response became the longest sustained air mission of food and water in FEMA history. In addition to these hurricanes, prior to the 2017 season FEMA already had 17 Joint Field Offices working 28 presidentially-declared disasters.

Since Harvey made landfall in Texas on Aug. 25, the President has granted 16 Major Disaster declarations and 14 Emergency Declarations, while FEMA has authorized 25 Fire Management Assistance Grant declarations. Over a span of 25 days, FEMA and our partners deployed tens of thousands of personnel across 270,000 square miles in three different FEMA regions. 

So far, more than 4.7 million disaster survivors registered for federal assistance with FEMA – more than all who registered for hurricanes Katrina, Rita, Wilma and Sandy combined.  To respond to the historic demand, FEMA expanded its call center capacity by tenfold, and increased the number of home and property damage inspectors fourfold.

“This historic hurricane season should serve as a gut check and an opportunity for citizens, businesses, state, local, tribal and federal officials to re-evaluate how we prepare for and respond to any disaster,” said FEMA Administrator Brock Long. “Response and recovery is dependent upon the whole community to be successful. While we continue to support the recovery from these storms, we must also take the opportunity to become better prepared for future disasters.”

To date, FEMA has placed more than $2 billion in disaster assistance into the hands of disaster survivors to help them recover from these events.  As of mid-November, National Flood Insurance Program (NFIP) policyholders filed approximately 120,000 claims, resulting in payments totaling more than $6.3 billion.

“State, local, tribal, and territorial governments, along with the residents in the impacted areas, are the true first responders,” said Administrator Long. “FEMA alone cannot deliver assistance to this vast number of survivors. We must hit the re-set button on the culture of preparedness in our country.”

Non-profit organizations provide crucial services to sustain lives in partnership with the rest of the response and recovery infrastructure.  The private sector also plays a significant role in disasters, as businesses work to restore critical services and donate their time and resources – in close coordination with emergency management personnel – to help communities rebound in the wake of disasters. 

Thousands of members of the federal workforce were deployed to Texas, Florida, the U.S. Virgin Islands and Puerto Rico, including 13,892 staff from various offices of the Department of Defense (DoD), including the military services. For the first time, FEMA extended the Department of Homeland Security’s “Surge Capacity Force,” to all federal agencies, deploying over 3,800 non-FEMA federal employees. 

FEMA search and rescue teams saved nearly 9,000 lives, in addition to those saved or assisted by DoD, the Coast Guard, state and local partners, first responders, and neighbors helping neighbors. 

While the 2017 Hurricane Season has ended, recovering from these devastating hurricanes will take years, and FEMA and our federal partners will continue to support affected governments and survivors as they build back stronger.

For information on how you can prepare for the 2018 Hurricane Season, see https://www.ready.gov/hurricanesor download the FEMA App: https://www.fema.gov/mobile-app.

For the latest information about FEMA support to response and recovery efforts, see:

Hurricane Harvey:  https://www.fema.gov/hurricane-harvey   
Hurricane Irma:  https://www.fema.gov/hurricane-irma  
Hurricane Maria:  https://www.fema.gov/hurricane-maria

U.S. Customs & Border Protection & FEMA personnel deliver food and water to isolatedPuerto Rico residents after their bridge was destroyed by Hurricane Maria in themountains around Utuado, Puerto Rico (U.S. Air Force photo by Master Sgt. JoshuaL. DeMotts)
U.S. Customs & Border Protection & FEMA personnel deliver food and water to isolated Puerto Rico residents after their bridge was destroyed by Hurricane Maria in the mountains around Utuado, Puerto Rico (U.S. Air Force photo by Master Sgt. Joshua L. DeMotts)

A large group of Urban Search & Rescue and disaster survivor assistance teams are spread out in front of a U.S. Coast Guard airplane on the tarmac of a Key West airport. There are assorted suitcases and boxes on the ground.
FEMA Urban Search and Rescue and disaster survivor assistance teams arrive via U.S. Coast Guard transport, in Key West, Florida, in response to Hurricane Irma. Yvonne Smith/FEMA

Disaster survivor Terry Roundtree (center) gets a FEMA hug from Hector Marerro (right), Disaster Survivor Assistance (DSA) Crew Lead.
Disaster survivor gets a FEMA hug from a Disaster Survivor Assistance Crew Lead, after receiving disaster registration information at her home in Texas, following Hurricane Harvey. Photo by Christopher Mardorf/FEMA

guardsmen pass cases of water
National Guardsmen from Virginia and the U.S. Virgin Islands work together to restock a point of distribution at Holy Spirit Church, Christiansted, St. Croix, U.S. Virgin Islands. Photo by Jocelyn Augustino/FEMA

2017 HURRICANE SEASONUnprecedented25.8 Millionpeople were affected by hurricanesHarvey, Irma and Maria.FOR THE RECORDas of November 30, 2017First time 2 Atlantic Category 4Hurricanes (Harvey and Irma)made landfall in the continental U.S.in the same year. Hurricane Harvey grew from aregenerated tropical depression to aCategory 4 hurricane in 56 hours.Harvey set a new record for themost rainfall from a U.S. tropicalcyclone, with more than 50” of rainand remained a cyclone for nearly 5days after landfall.Hurricane Irma became the strongestAtlantic Ocean hurricane on recordwith winds peaking over 185mphand remained a hurricane for 11days.Hurricane Maria was the FirstCategory 4 hurricane in 85 yearsto make landfall on the main islandof Puerto Rico.Hurricane Irma was 500 mileswide, more than 130 miles widerthan the entire state of Florida. Over 700 generators installed inPuerto Rico by the USACE.48 states and the District of Columbia assistedwith operations from Texas to U.S. Territories in theCaribbean, through Emergency ManagementAssistance Compacts.

(TNS) - The national Stop the Bleed campaign aims to save lives by teaching as many people as possible what to do when confronted with life-threatening bleeding in the few minutes after 911 is called and before professional help arrives.

"A person can bleed out in three minutes," said Dr. Andrew Gaugler, trauma surgeon at Lakeland Regional Health. "It takes on average five to eight minutes for an ambulance to arrive in a big city, and that is not (the response time) in a large county like Polk."

Lakeland Regional Health has been sponsoring Stop the Bleed classes for the past several weeks, mostly for those who work at the hospital or for emergency medical services workers, said Diana DeGroot, trauma-program manager. But the health system will start offering the classes to the general public in January, she said.



One of the most interesting engagements MHA Consulting had this year was at a Fortune 500 company where 3 of our consultants conducted approximately 100 BIAs.

Over the course of that engagement, I got a lot of calls from my consultants describing how the sessions went, mainly when there were bumps in the road—and with so many BIAs to conduct there were naturally a few bumps.

These included:

  • The session where the leader of the business unit says he already knows their unit was of critical importance to the company and therefore conducting a BIA is a waste of time. In this case, the group left the interview without providing any data.
  • The time a business unit took four sessions to complete the BIA (rather than the usual one) because they brought many people more than the requested number, and every attendee weighed in on virtually every topic.
  • The episode where a business unit supplied us with data on its current processes and confirmed its accuracy, then stated—after we had loaded the information into the BIA tool—that it was all invalid because they had gone through a reorganization; they then asked us how come we hadn’t known about their reorg.

The stories reminded me of a very common misunderstanding about BIAs: People tend to think doing a BIA is all about the questionnaire. The fact is, conducting a BIA is mostly about working effectively with the people providing the information for it.



Thursday, 30 November 2017 16:52

The Human Side of Conducting BIAs

On October 3, 1993, nearly 100 United States Army Rangers dropped into Somalia’s capital of Mogadishu. They were commanded by Captain Mike Steele. Their mission? Capture two prized lieutenants of a Somali warlord.

The actual event is known as the Battle of Mogadishu, or alternatively the Day of the Rangers. It was a part of a larger operation known as “Gothic Serpent”. In 2001, it was made into the blockbuster film Black Hawk Down.

The film recounts the stories of the heroism of Army Rangers as they attempt to reach two downed Black Hawk helicopters. Don’t worry, we don’t spoil the movie for you (but if you haven’t seen it, you really should).

The Black Hawk helicopters are a pivotal part of the movie. These multi-role helicopters are capable of fulfilling many roles, such as providing medevac, VIP transportation, air-to-ground combat, and even aerial firefighting.

They are intended to operate with a crew of four members – two pilots, and two crew chiefs. Each one of these crew members has a specific role that they must fulfill in order to successfully handle the Black Hawk.

Can the helicopter run with less members? Technically yes, but it’s inadvisable because there’s just so much to do. Can it run with more members? Again, the answer is yes. However, having too many operators can quickly turn from efficiency to chaos.



Thursday, 30 November 2017 16:48

The 4 Critical Parts of Network Security

(TNS) - North Korea’s test launch Tuesday of what could be its longest-range intercontinental ballistic missile yet seems to add further justification to the state planning for what officials are still calling the “extremely unlikely” possibility of a strike on Hawaii.

News of the missile launch coincided with a news conference Tuesday that included the governor, state adjutant general, two Hawaii mayors and representatives of other islands, and state emergency officials to discuss the startup of an “attack warning” siren test Friday and other North Korea preparedness steps being taken.

Gov. David Ige said he’s not aware of any other state conducting such siren tests. Hawaii is one of the first states to comprehensively plan for a North Korean attack.

The community needs to understand this “will become the new normal as we proceed forward,” Ige said, adding, “We believe that it is imperative that we be prepared for every disaster, and in today’s world that includes a nuclear attack.”



Thursday, 30 November 2017 16:47

N. Korean Missile Test Raises Stakes for Hawaii

Cutter Consortium Fellow Vince Kellen continues to blaze the trail by using big data to improve the Higher Ed experience — not just for students, but also for educators, advisers, and administrators.

In addition to being a Cutter Consortium Fellow, Vince is the CIO at University of California, San Diego (UCSD), where he is leading the university’s roll out of the Student Activity Hub, which gives real-time insight into student behavior and performance. UCSD can analyze and correlate the data and use it to create more positive outcomes — in this case, improved retention and graduation rates. Plus, as Edscoop recently reported in its profile of Kellen and the UCSD Activity Hub project, the actionable data can also help reallocate resources and streamline administration and support staff to help reduce costs.

Vince Kellen is certainly ahead of the curve with this project. But it’s not the first time he’s been out front. Several years ago, while serving as Senior Vice Provost, Kellen led University of Kentucky’s bleeding-edge project to develop a student mobile application that integrated with the SAP HANA environment and separated out data visualization as a specific focus area for the advanced analytics team. According to Kellen, after just a month of ideation, his team had a robust list of possible places where high-speed analytics could benefit the university. The analytic models they created include:



A new Forrester study found that companies that handle their data center modernization and migrations alone end up spending $4 million more than companies that receive help from a vendor.

There’s an unstoppable digital transformation under way, and today’s most competitive companies understand they have two options: Rise to the occasion and implement modern technology or miss out on the efficiencies and opportunities enabled by IoT, AI/machine learning, AR/VR, cloud, big data analysis and mobility in the workplace – and possibly be disrupted or replaced as a result.

Much of the pressure to modernize falls on IT teams, who are the gatekeepers of the data center and, therefore, key enablers of – or roadblocks to – their companies’ future opportunities and success. With the modern data center infrastructure becoming “multi cloud,” planning is critical. When the time to modernize comes, most face the decision of whether to handle the process themselves or work with a third party.

A new Forrester study, commissioned by Dell EMC, found that companies that handle their data center modernization and migrations alone end up spending $4 million more than companies that receive help from a vendor. Moreover, it takes these companies two years longer to complete the process, diverting internal IT time that could be spent on other responsibilities.



I am a big coffee drinker, so I naturally found it interesting last week when I talked to someone who told me about a persistent problem he had at a coffee shop where he used to work. He said the shop had a nice atmosphere and friendly staff, but their approach to training was very casual, with the result that new baristas would learn to make drinks the wrong way—and then go on to teach those incorrect methods to the people hired after them. The upshot was, the staff all had different ideas on the right way to do things, and the customers never knew what they were going to get.

As a coffee lover, I found this story unnerving. But as a business continuity consultant, I found it all too familiar.

The reason isn’t because I do a lot of work with neighborhood coffee shops. It’s because I see the same problem over and over again in company training programs that have a bearing on business continuity.

And nowhere is this more true than in the area of data integrity.



(TNS) - Daviess County agencies currently use a communication system that enables them to pinpoint locations small or large and send direct information to anyone with a smartphone.

The only problem has been getting agencies on board to promote it.

Since it was approved for purchase in 2015, Daviess County Emergency Management Agency and Parks and Recreations have been using the ping4alerts! system to send alerts to people who have downloaded the app.

During that time, EMA has been able to send weather alerts to people within specific locations, and ROMP Fest attendants have been able to receive up-to-date messages, but it hasn’t widely promoted the app.



By Kevin Hall

Organizations without an adequate emergency management plan learned a hard lesson in late August and September of 2017. Hurricane season of 2017 showed its might, and while most businesses will never experience a single hurricane in their lifetime, some dealt with four hurricanes in almost as many weeks. Hurricanes Harvey, Irma, Maria and Nate were some of the strongest storms in recent history, causing significant damage and widespread devastation across the United States and Central America.

As Resolver provided counsel and solutions to our customers during these record setting storms, I wanted to share some insight that may help you prepare for future disasters.

  1. The Domino Effect

In the early days of my emergency management career, an experienced and well-respected colleague of mine would say that crises tend to “cluster”. While back-to-back devastations are rare, a single disaster can have a domino effect. During a disaster, emergency response teams are spread thin and when resources are solely focused on the big event, other smaller events will occur and it’s almost always something you didn’t think of during planning. It could be an internal event, like a system outage, or something external, like a government decision, a Facebook post, a crisis at a related company. The key is to prepare for a cluster of crises to occur, because they will.

  1. Executive Management

At almost any conference these days, there are sessions on how to get executive buy in for business continuity and emergency planning. While no one is questioning the importance of executive buy in, it can be even more important to know how to manage executives during a crisis. Why? Well, executives are used to taking the lead and making decisions. But let’s be honest, execs are rarely involved in BC/DR planning. You build the plans. You assign resources. You exercise. And then the event occurs and the company’s reputation, customers, revenue are on the line… and guess who steps in? Executives do what they do best, which is to manage and make decisions, but their involvement often causes confusion and disruption during a crisis response. Be sure your plans clearly define who is making decisions during a crisis. If execs are not participating in emergency planning, they should not be managing the emergency response and it’s your job to define responsibilities and manage executives in these critical times.

  1. Brainstorm

Brainstorming is an important exercise that will help you prepare for worst-case scenarios. Think of all the potential emergencies and how you would respond. In many cases, I find brainstorming to be more effective than planning. There is no way to plan for everything, but brainstorming trains your mind to be creative. A great activity to do with your team is a zombie apocalypse exercise - these can be very engaging and gives your team a break from the norm.

  1. Data, Data, Data

It amazes me that even in today’s world, many organizations cannot access critical data in the event of an emergency. Data is the lifeline of any organization, yet crisis plans are so often void of accurate information. Can you instantly access an up-to-date list of staff at a specific location? What about a list of applications and servers that are in a specific data center? As you brainstorm, think about the data that you will need at your fingertips. I would suggest engaging a business analyst or someone within your organization who is familiar with data mining to help identify your data needs. Most importantly, be sure that data is continuously updated and accessible during a crisis.

  1. Test, test, and test again.

While I’m sure you already know how important it is to test your plans, I cannot stress it enough. While table top exercises are great, remember to test the basics. #1 on that list is ensuring that employee contact information is up-to-date and valid… I can’t tell you how many HR data cleansing projects I’ve seen that were initiated by the continuity or emergency management teams. Test the details and test them regularly.

  1. Communicate

We all know that communication is critical during a crisis, but in this case, I am specifically talking about communication before a crisis. Often, the only time employees or stakeholders ever hear from the crisis or continuity teams is during a disaster. This should not be the case, and you need to develop regular communication with employees as part of your program. They should know what to expect and have a good understanding of the recovery plan well before the event. One of our clients even hired a marketing agency to communicate their crisis program to employees. While not everyone can afford to do this, the concept of communication is simple: Get out of your box and spread the word!

  1. Out of sight, out of mind?

Puerto Rico is a territory of the United States, and while it’s not a U.S. state, residents of Puerto Rico are natural born American citizens just like those in the U.S. – apart from voting rights in Congress or the Electoral College. Despite this, recovery efforts in Puerto Rico were minimal compared to the response to Harvey and Irma. Was Puerto Rico simply too “out of sight, out of mind”? Or perhaps emergency response teams were too tired by the time the third hurricane hit? For businesses with multinational locations, you must include these regions in your BC/DR plans. And don’t forget to test them. Did you know that Puerto Rico SMS text traffic is different than in the U.S. and Canada? The same short codes that work in the U.S. and Canada don’t work within Puerto Rico. There are even variances between mobile network carriers in Puerto Rico. The devil is in the details, so be sure to test your plans in all the regions your business operates.

In the end, Resolver helps organizations around the world protect what matters, and we all know that what matters most is our people. A company’s most valuable asset is its employees, and their safety is always priority #1. That’s why business continuity and emergency planning is so important. Disasters are rare, but recognize that events like this will happen. We live in a crazy time. Record setting storms, terrorism, mass shootings… Don’t play the numbers game. Be a realist and be prepared. It is your responsibility, after all.

Thursday, 30 November 2017 15:52

7 Lessons Learned from Hurricanes Harvey & Irma

Our Advanced Recovery Center (ARC) is the next step in Mail-Gard’s evolution to provide clients with premier disaster recovery services from a dedicated partner—one who consistently demonstrates actual recovery experience and a consistent commitment to continuous improvement and growth. The ARC will allow us to better maximize our assets, increase efficiency of human and equipment resources, and provide even more robust disaster recovery services to our clients.

Recent events confirm that natural disasters are always a wake-up call for businesses, even if they already have a business continuity/disaster recovery (BC/DR) plan in place. We have seen a huge increase in requests for DR information during this year’s hurricane season, and it’s unfortunate that some people need to learn the hard way that DR services are not a luxury, they’re a necessity. Businesses without a DR plan were either taking a huge calculated risk by not having a plan in place, or they got caught without a backup plan and are now trying to remedy that situation.



“Yes, we have a business continuity plan”. Every enterprise wants to hear this from its suppliers, especially the key suppliers.

If it is diligent in making its own BC plan, a company will check that other companies on which it depends have also taken precautions.

Unfortunately, that is often where the investigation stops.

It almost seems like companies are so relieved that they can “tick the box” for BC planning for their suppliers that they forget to find out whether the suppliers’ plans are either effective or relevant.

How much can such laxity cost companies? In one case, about US $1.7 billion.

The widespread existence of Wi-Fi connections that provide wireless connectivity to the Internet at home and in places like coffee shops, airports, and hotels is one of the great conveniences of modern computing life. Unfortunately, it is also one its biggest vulnerabilities. When not properly secured, such connections offer open doorways through which hackers can stroll to steal users’ data and secretly take control of their computer resources.

The good news is, there are steps that can be taken—and which you can train your employees to take—that will greatly increase the security of your data and resources.

Of course in talking about Wi-Fi security, it’s important to understand that we’re really talking about two distinct situations: that of the home Wi-Fi network that the employee owns and controls, and the case of the employee using third-party-provided Wi-Fi connections when out and about at places like coffee shops and airports.



(TNS) - During the last month’s heat wave, residents of Harbison Canyon tried not to worry.

Ed Humerickhouse went for his midday walk. Mary Manning designed a flier for the Lion’s Club while the children in her home daycare napped. Shirlee McAndrews drove to El Cajon for a swim, and Eutha and Bill Scholl rested in their garden, sparrows fluttering around them.

But with highs pushing 110 and humidity at 2%, even the most routine activities were strained. The wind chimes tinkling in the distance didn’t help.



In a recent ILTA webinar, Bluelock’s EVP of Product & Service Development, Jeff Ton, joined forces with Ben Miller, Senior Cloud Solution Architect at Bluelock, to speak about the current state of ransomware among law firms. In the webinar, they gave helpful tips to legal IT departments for ways to curtail risks, both short-term and long-term.

In the video, you’ll learn:

  • Why ransomware is a pervasive threat for the legal industry
  • What can be done to protect against downtime and data loss
  • How to speak to partners for buy-in on changes
  • How Disaster Recovery-as-a-Service (DRaaS) assists law firms in a better IT stance
  • Why law firms are turning to Bluelock for DRaaS



This is part 1 of a 3-part series on Digital Blueprints.

Digital transformation is leveraging new technologies that redefine the ways people live and work. With economic benefits over the next decade estimated at $100 trillion, as projected by the World Economic Forum, it is no surprise that half of all corporate boards have elevated digital to the CEO agenda. Despite the sense of urgency around digital strategy, many organizations fail during the early stages of planning. Mired in legacy processes and technologies, many companies focus too narrowly on one or two processes and miss the broader opportunities to transform the enterprise value chain. A digital blueprint is a planning approach that helps organizations identify the big picture opportunities, allows the flexibility to experiment and innovate, and brings structure and organization to digital transformation efforts.



Formalizing your information security program is a critical step to drive information security capability maturation in any organization. The intent of formalizing a program is to get clear on focus and ensure everyone is on the same page about who is doing what.

From our experience, building a great information security program starts with asking the right questions. At Avalution, we build information security programs from the top down, starting with the strategy of the business and focusing on the following five key questions:

  1. Why do we have an information security program?
  2. What are we going to protect?
  3. How are we going to achieve it?
  4. Who is responsible and accountable?
  5. What are the results going to look like?

Let’s take a closer at each.



Wednesday, 29 November 2017 16:05

Formalizing an Information Security Program

The mobile device management (MDM) market is growing at a meteoric rate. In fact,  it is estimated to grow from $1.69 billion to 5.32 billion between 2016 and 2021, according to market research firm Markets and Markets. Which may leave you wondering: What is MDM and why does it matter so much? Here’s a closer look at this game-changing technology solution, along with six benefits it offers today’s forward-thinking, bottom line-minded organizations.

What is MDM?

IT research and advisory company Gartner defines mobile device management as “a range of products and services that enables organizations to deploy and support corporate applications to mobile devices, such as smartphones and tablets, possibly for personal use—enforcing policies and maintaining the desired level of IT control across multiple platforms.”

Which begs the question: Why does MDM matter so much? A recent forecast from the International Data Corporation (IDC) predicts that nearly 75 percent of the US workforce will be mobile-enabled by the year 2020. Because of the increasing consumerization of IT and the resulting proliferation of devices—both professional and personal in the workplace—there is increasing need for comprehensive management solutions designed to harness the power of mobility without compromising security.



There’s a culture shift afoot in the data center industry. It puts new emphasis placed on safer working conditions for data center engineers and electrical contractors where, historically, such emphasis was a second thought. As equipment has grown increasingly complex and sophisticated, so too have the risks. This new safety awareness is a welcome change.

Today’s data centers -- from the hyper-scale to the agile colocation centers -- have increased in size, complexity and importance. They use massive amounts of power and cooling to ensure reliable operations. Data center companies have come to recognize that safety excellence is imperative to maximize uptime for their customers while reducing operational risk. Of the many safety issues that today’s data center operators must consider, these six rules are at the top of the list. To wit:



Tuesday, 28 November 2017 18:41

Six Golden Safety Rules for Data Centers

Suppose a criminal were using your nanny cam to keep an eye on your house. Or your refrigerator sent out spam e-mails on your behalf to people you don’t even know. Now imagine someone hacked into your toaster and got access to your entire network. As smart products proliferate with the Internet of Things, so do the risks of attack via this new connectivity. ISO standards can help make this emerging industry safer.

As consumers and users of technology, we are often too distracted by the amazing features of the Internet of Things that we don’t even take a minute to think about what this means for our privacy and security. Certainly, a connected baby monitor can give parents peace of mind, letting them easily check on their children from their smartphones anytime, anywhere. But when this technology is not protected, we may be inadvertently exposing ourselves and our loved ones.

Indeed, spying on random strangers has never been easier. All it takes is a search engine like Shodan – the Google of the Internet of Things (IoT) – which, to highlight the risk of this technology, crawls the net taking pictures of unprotected devices. The inside of our homes, our pets, even our fridges, are only a click away. Some parents realized how vulnerable they were the hard way when the baby monitor they relied on for safety was hacked to yell obscenities at their sleeping children. It’s not surprising that the number of complaints related to IoT technology has risen in the UK alone by 2 000 % over the last three years.



Tuesday, 28 November 2017 18:40

Are we safe in the Internet of Things?

Data centers in the U.S. consumed roughly 70 billion kilowatt-hours of electricity in 2014, according to a study conducted by the U.S. Department of Energy and researchers from Carnegie Mellon University, Northwestern University, and Stanford University. While data centers draw a substantial amount of power to run their servers, switches, directors, storage devices, and other equipment, the study revealed that energy consumption in 2014 would have neared 110 billion kWh of electricity had it not been for energy efficiency improvements that have emerged in recent years.

These days, a heightened awareness of data center infrastructure operations has led to engineers designing new products that perform at greater rates but are more energy efficient. While these innovations play a key role in lessening a data center’s carbon footprint, they’re only part of what makes a data center more environmentally friendly—structured cabling is a part of the equation organizations might be missing.

Cabling can be difficult to manage and can impede hot air pathways meant to disperse heat. As a result, data center managers must find ways to improve the efficiency of hot and cold air distribution. Luckily, the simple steps below can help data center managers do just that.



Privacy has taken on new dimensions in our hyperconnected world. New guidance from IEC, ISO and ITU – the world’s three leading international standards bodies – has just been published, providing a code of practice for the protection of personally identifiable information.

Uber is making headlines for its reaction to the theft of personal data of 57 million drivers and users. The July 2017 breach of Equifax, a large US credit bureau, exposed the social security numbers, birthdates and addresses of 143 million people. And last month, Yahoo, just prior to its acquisition by telecommunications conglomerate Verizon, shared new intelligence that a data breach in 2013, thought to have affected only a billion users, had in fact compromised all three billion Yahoo user accounts.

The increasing prevalence of high-profile data breaches has motivated countries worldwide to investigate potential reforms to policy and regulation. One of the best-known examples is the European Union’s General Data Protection Regulation, due to come into force in May 2018, with global implications.



Even the most carefully-crafted communication can fail if it does not reach its intended audience, or if audience members are unable to identify the message as important. Reaching individuals via a geographic locator is helpful in the event of a broader crisis but is not as applicable in the event of a localized emergency that only affects one or more organizations. In this instance, it is critically important to ensure that your audience has opted-in to your crisis communication and that your messages are targeted in such a way that they will be immediately identified as important and quickly read.

Why Accurate Data Matters

Let’s pretend that you have an organization with approximately 500 employees, and you live in an area that is frequented by storms or flooding. It would be incredibly important to be able to get a message to each employee to let them know when it’s unsafe to attempt to reach the office, correct? Or on a broader scale, being able to reach residents who live in flood zones would also become a top priority.



Thanksgiving is as good a time as any to acknowledge the fact that some IT departments, when it comes to being able to restore their organizations’ data in the event of an outage, are real turkeys.

OK, maybe that’s too harsh. Let’s just say that, in my experience and that of other consultants at MHA, many IT departments have a lot of room for improvement when it comes to their business-continuity capability.

Obviously, it’s not very helpful to make negative generalities without giving specific insights and tips on how to improve, so in this blog post on the “5 Biggest IT Management Mistakes” we’ll point out the main problems we see and also give you tips on how to address them.



Monday, 27 November 2017 16:17

The 5 Biggest IT Management Mistakes

First, there was the virtual machine. Then came the container. Now, welcome to the unikernel, the latest initiative for atomising computing.

As everyone know, splitting the atom is a difficult job, so the ultimate computing atom ought to be safe from attacks. Is the unikernel that computing atom?

If you haven’t yet met the unikernel, here’s a super quick definition. It’s a package of what you need and only what you need to run a given application.

It contains the app itself, any middleware, libraries and kernel, including requisite device drivers. It differs from a virtual machine, which bundles up everything in terms of the operating system, etc., whether you need it or not. It also differs from a container, which bundles up the things you need, but minus the operating system.



Many CIOs ponder over the benefits of replicating production and paying significant capital expenses for creating a disaster recovery environment. Such an environment is rarely used, as the occurrence of a disaster is a rare event.

Enterprises do agree that maintaining business continuity in the event of a disaster is essential. However, traditional methods of disaster recovery entail an enterprise to replicating data and applications on dedicated infrastructure. The enterprise spends resources to create, test and maintain this infrastructure for disaster recovery. While this is an effective way to ensure disaster recovery is in place, enterprises can forego these extensive costs by leveraging innovative cloud computing solutions.

Disaster Recovery as a Service (DRaaS) offers an attractive alternative to traditional models by avoiding the outright purchase of servers, storage and licenses, and eliminating maintenance costs. Businesses pay for what they use, resulting in a significant reduction in costs and providing a viable solution for organizations. In the event of a disaster, it enables business continuity and provides with the ability to scale up rapidly and securely to meet business needs.



Fear, uncertainty and doubt. Collectively known as FUD, these items skew rational thinking, panic otherwise sensible people, and throw sizeable spanners in the works of business continuity planners.

Ideally, BC managers would coolly collect and analyse all the relevant facts, calculate a solution, and implement it.

End of story. However, others in the enterprise and even BC managers themselves are seldom that level-headed and clear-thinking.

There’s only one thing to do. Fight FUD so that you can at least keep it down to manageable levels. For that, the following three tactics can be invaluable.



Wednesday, 22 November 2017 14:50

The Business Continuity Battle Against FUD

Forrester’s Predictions briefs examine the major dynamics facing your business so you can prepare and lead change in 2018 and beyond.

Not yet a Forrester client? Contact us to discuss your needs.



Wednesday, 22 November 2017 14:45

Predictions 2018

Mere mention of the word “ransomware” is enough to strike fear in the hearts of business leaders everywhere.

And with good reason. According to Symantec, “Ransomware [has] escalated across the globe as a profit center for criminals.” In 2016 alone, Symantec identified 100 newly released malware “families”—more than three times previously seen numbers—and global ransomware attacks worldwide spiked by 36 percent.

The takeaway? While you may think it can never happen to you, the chances are growing by the day that it can and it will. So while taking steps to prevent a ransomware attack is important, there’s another equally vital part of safeguarding your organization: placing the focus on business continuity should the unthinkable occur.



People today are tied to their digital devices from the moment we wake up and check our email and social media accounts to when we fall into bed at night listening to our favorite tunes or podcast. While this can be annoying to some, mobile phones provide the perfect contact mechanism for local, state and federal government authorities who are attempting to reach a broad range of the population quickly in the event of an emergency. Emergency notification systems (ENS) provide high-visibility notifications directly to the mobile phone of your target audience, providing life-saving information when it is needed.

Building Your Crisis Communication Plan

It can be difficult to stop to think in the midst of a crisis, so it is important to have a detailed crisis communication plan in place before you need it. Having this strategy detailed in advance provides you with the confidence and peace of mind knowing that you know the precise steps you and your team will need to take in order to notify those in the vicinity of a disaster with information that is specific to their needs at that particular time. It also gives training guidelines to allow for productive team exercises to run through the steps in the event of a real-world crisis.

While it would be impossible to pre-determine all types of disasters and write scenarios for them, there are some general guidelines that you can follow to create an outline — allowing you to simply fill in a few gaps instead of starting a communication plan from scratch in the event of an emergency. Start by defining your various audiences, a sample message, detailing contact and information centers, and the various ways you can spread the word.



Thanksgiving is almost upon us, which means Black Friday is right around the corner.

According to a recent study from The Balance, Black Friday is still the busiest shopping day of the year with 101.7 million reported shoppers in 2016. Unfortunately, with the crowds come the risks of negative incidents.  When you consider the volume of theft that happens, with the damage to stores and assets, you’re looking at an incredibly volatile situation that must be contained through proactive measures and immediate communication.

Mass notification systems like CodeRED are one of the most effective ways to manage these situations. These mass notification systems can be incredibly valuable for keeping people safe on Black Friday for a range of different reasons that are worth exploring. Let’s look at a proactive approach.



Today we announced our achievement in winning the Global BCI Continuity and Resilience Innovation Award from the Business Continuity Institute.

Steve Jobs was once quoted saying, “Innovation distinguishes between a leader and a follower.” A quote that we strive to achieve for our clients each day here at OnSolve. Providing an outstanding product is critical to a business’s success, but the choice to further develop, improve and enrich the value of that same product is driven through passionate employees dedicated to making a difference.

OnSolve has produced several groundbreaking innovations this year across our three core brands, CodeRED, Send Word Now and MIR3. Thanks to valuable feedback from our customers, we were able to develop five new features to further business continuity and save lives.



The story you are about to read is true. Only the names have been changed to protect the oblivious.

Joe is the CSO of Acme Enterprise. Arriving at his office a bit late one morning, he runs into Cathy from cryptography, who comments that their IT admin, Adam, has been hard at work since about 5 a.m. This seems odd, considering Adam is not known to be a morning person. Cathy says Adam requested access to the company’s latest build system, where they keep the code to a top-secret product that is about to launch. He also requested access to HR records and the customer payment information systems for maintenance purposes. His access credentials and keys were older, she says, but they still checked out, so she let him continue.

Joe heads for his office and sees Diana from Data Loss Prevention. She tells him that she’s surprised how hard Adam has been working this morning, transferring gigabytes of data around the network. Diana figures there must be a major update in the works, and Joe agrees that’s why Adam must have come in so early. Joe’s impressed with Adam’s initiative to work off-hours, and he asks what kind of data Adam’s been transferring.



(TNS) - It’s a question that’s always asked following major events like the Cascade Fire: How things could have been handled differently?

During the fire, strong winds knocked down power lines compromising the effectiveness of electronic alerts. And then people asked about older emergency warning systems, such as sirens. There aren’t any sirens in Yuba County, Calif.

Russ Brown, the Yuba County spokesman, said older technology, like sirens, also have problems.

“The siren discussion comes up after all types of emergencies – flood and fire alike,” Brown said. “Sirens are a very, very expensive endeavor.”



Monday, 20 November 2017 15:07

Sign up Before Next Emergency

Approximately half of all American businesses will have a tough time getting their data back after an unplanned outage and other mishaps, suggests a new survey from data protection specialist StorageCraft.

A solid data protection strategy and backup technology implementation is a top IT priority at most organizations. How else is a business supposed to recover from an unexpected server meltdown or the latest ransomware outbreak?

The StorageCraft study reveals that this critical safety net is looking a little tattered at many companies. More than half (51 percent) of the 510 U.S.-based IT decision makers surveyed by the firm said they had doubts about their ability to recover data immediately following a disaster or failure.



Traditional law practice will see significant changes in the new year. To assist firms in knowing what to expect, Bluelock has compiled an informative eBook of predictionsfrom 15 different experts within the legal industry, with insights coming from Bluelock, law firm partners, associates and a variety of companies that service the legal industry.

The eBook covers seven categories: Operations, Cybersecurity, Compliance & Regulations, Business Continuity & Disaster Recovery, Artificial Intelligence, Workforce and Major Technology Disruptions.

Readers will learn the following:



Monday, 20 November 2017 14:50

2018 Predictions for the Legal Industry

According to Fortune Magazine, “Cyber Monday 2016 was the biggest day in the history of U.S. e-commerce. Consumers spent $3.45 billion online…”

Also, Practical Ecommerce reports that “consumers spent a total of $12.8 billion online in the U.S. during the five-day period from Thanksgiving Day through Cyber Monday, 2016”. Black Friday 2016 was the first day to generate more than one billion dollars in online sales from mobile devices.

Black Friday, the day after Thanksgiving Day in the U.S., used to be the single biggest retail day of the year, officially kicking off the Holiday shopping season. In recent years, that one day has turned into five – some brick and mortar retailers are open on Thanksgiving Day, and the weekend sales stretch into Monday. And of course, online shopping is available anytime, day or night, from a desktop, pad or phone, with a concentration on Cyber Monday.



Cyberattacks from other countries are now seen as a major threat to the U.S. by 72 percent of Americans, according to a national survey from the Pew Research Center.

This view has changed little in recent years, apparently. But what has changed is public opinions about other global threats.

Take climate change—now viewed as a major threat by 58 percent of Americans, up 7 points since January, and the highest share since 2009.



Data warehouse developers have historically walked a narrow line between data quality and business agility. At the same time, they balance the needs and relationships between IT and internal business clients.  Technology has answered this dilemma with two separate approaches: the data vault optimized for data warehouse agility, and data warehouse automation for faster and more reliable development.

Data vault modeling is designed for long-term historical storage of data from multiple operational systems, looking at data associated with auditing, tracing of data, loading speed and resilience. Data vault inventor, Dan Linstedt, first conceived this approach in the early 2000s. Data vault modeling is now in its second generation.   

The data vault is a hybrid of third normal (3NF) and star-schema forms that offers significant benefits and interesting challenges. On the plus side, it promises agility to address rapid changes in business needs, separates ingestion concerns from various business uses and promotes data quality best practices. However, its structure is enormously complex with thought provoking design choices.



A natural disaster can jumpstart your business continuity plans, but it can also do it more harm than good. Is your disaster response hurting you?

Disasters like the one in Puerto Rico sometimes cause people to learn the wrong lessons.

Major natural disasters such as the recent floods in Texas, the fires in northern California, and the hurricane in Puerto Rico grab everybody’s attention.

Sometimes this has a positive impact on organizations’ business continuity plans, as when it prompts companies who have not been investing in BC to get serious about implementing or strengthening their methods for keeping their organizations running in the event of a disaster.

However, sometimes the impact is neutral or even harmful.



It’s Not Just General Liability Anymore

Business needs in the 21st century are far more complex than just one general policy will cover. We live in a “sue crazy” culture and the reality is there are just as many people looking to nail it to the corporation as there are happy consumers eager for your product. We hope this guide helps.

Years ago your business insurance choices were simple. You called an agent uptown they set you up with general liability and you hung up a shingle and opened up shop.

Unfortunately, business needs in the 21st century are far more complex than just one general policy will cover. We live in a “sue crazy” culture and the reality is there are just as many people looking to nail it to the corporation as there are happy consumers eager for your product.

The internet has brought us many benefits and has given businesses a whole new opportunity to promote our company and our products, but it also has exposed companies to a whole new level of vulnerability.

All of this needs to be taken into consideration when looking into the insurance you’re going to require.



SACRAMENTO – After some of the costliest fires in California’s history, you might not be thinking about buying flood insurance. But, the time to buy flood insurance is now.

Areas that traditionally are not flood prone are at risk due to changes to the landscape caused by fire. Large scale fires like the ones that raged in October leave the land stripped of vegetation, charred and unable to absorb rainfall. This creates the perfect conditions for flooding because of run-off.

What starts as normal rainfall can turn quickly into costly and potentially deadly floods. Residents need to protect their assets with flood insurance now—before a weather event occurs and it is too late!

Floods are the most common and costly natural disaster. While floods cause millions of dollars in damage every year, not all of them are on the scale of a national disaster. It takes very little water to cause extensive damage. In fact, the National Flood Insurance Program (NFIP) estimates that a mere inch of water in your home can cause up to $25,000 in damage!

Normally you would look to your insurance to cover these costs, but most homeowner’s policies do not cover damage caused by flooding. Residents and business owners are encouraged to buy flood insurance now. In most cases, it takes 30 days for the policy to go into effect.

Flood insurance is affordable and is the most powerful tool to financially protect your home, business, or personal property from flood damage. Flood insurance offers protection even if there is no major disaster declaration.

For further information on the NFIP go online to www.fema.gov/national-flood-insurance-program and then talk with your insurance agent.

For more information on California’s recovery, visit the disaster web page at www.fema.gov/disaster/4344,Twitter at https://www.twitter.com/femaregion9 and  WildfireRecovery.org.


All FEMA disaster assistance will be provided without discrimination on the grounds of race, color, sex (including sexual harassment), religion, national origin, age, disability, limited English proficiency, economic status, or retaliation. If you believe your civil rights are being violated, call 800-621-3362 or 800-462-7585(TTY/TDD).

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Wednesday, 15 November 2017 16:18

FEMA: Flood After Fire: The Increased Risk

(TNS) — At least five people are dead following shootings at multiple locations in Tehama County, Calif., including an elementary school where at least two children were wounded.

Authorities described a chaotic scene in which a gunman appeared to pick targets at random in the rural Northern California county. They said the shootings appear to have begun as a "domestic violence incident" but did not provide details.

The gunman was fatally shot by sheriff's deputies. His name has not been released. The Tehama County Sheriff's Office said it was dealing with at least five crime scenes and was trying to assess the number of casualties.



When you see a company trending on social media, do you automatically assume that it’s going to be scandalous gossip? Because I do.  But what if I told you companies could become a player in the game and change the way they appear on social media?

Social media has obliterated traditional communication with its inventiveness and convenience.  Today, it is a rarity to see someone walking around without their phone attached at their hip. This need to be in constant communication with our technologies has changed the way people access information.  “How?” you might ask.  In today’s news reporting world, long before reputable news agencies can report an event, the specifics are already circulating social media avenues in real-time thanks to our societies avid Facebookers and Tweeters.  The answers to all your questions are at your fingertips, quite literally!  You can find an answer to almost any question with a few clicks in Safari or Chrome.

Given its ever-expanding user base, social media has become a powerful tool.  It can be used to shape the publics opinion and even produce desired results from the intended audience!  While social media is often known for being a stage to spread negative comments about an organization, with the proper action plan and team involved it can be used to drive positive outcomes as well.



Wednesday, 15 November 2017 16:15

You Say Social Media like it’s a Bad Thing

(TNS) –– Federal authorities knew technology used to broadcast official emergency warnings from cell towers was outdated years before deadly fires ignited last month in Sonoma County and throughout Northern California, forcing tens of thousands of people to flee for their lives, many with no warning.

Messages were too short, didn’t support web links and had the potential to be broadcast too widely, according to Federal Communication Commission members charged with regulating how cellphone companies issue government warnings. The commission in 2015 began a formal process to update the requirements and bring warning capabilities into step with technological advancements, but implementation was delayed by industry objections.

Sonoma County officials have cited those issues as factors in their controversial decision not to use the Amber Alert-type broadcasts to warn people about approaching fires that erupted Oct. 8 and ultimately burned across 174 square miles in the county, killing 23 people and destroying more than 5,100 homes.



Will it ever go away? The basic password is still alive and well.

Just like a boomerang, every time an attempt has been made to throw it away, it just keeps coming back.

Strong passwords, password vaults, even multi-factor authentication have done little to change the regrettable situation where so many people still “protect” (we use the word loosely) their accounts with a password that reads “1234” or “secret” (or “admin” if you’re working in the IT department).

But perhaps an up and coming field in cybersecurity, that of behavioural analytics, will finally offer the chance to stop the accident and incident prone password, once and for all.



Tuesday, 14 November 2017 15:46

The End of the Password (Again)?

In the first part of this two part series, I outlined why computing power has steadily increased over the years and which challenge it inherently brought for today and in the future. In Part 2, I address why the question of the appropriate cooling system and how additional savings through intelligent waste heat utilization is possible as well as why there are still reservations to water cooling to reduce energy requirements.

Status quo in the air conditioning of data centers is cooling by mechanically cold air.

The entire room is cooled, but more than half of the cold air does not reach the heat hotspots, like the CPU. In doing so, huge sums of money are literally blown into thin air. One of the alternatives to air cooling is to use methods with water or other liquids. But as soon as the data center industry is confronted with "water," it frightens them immediately. Water and IT equipment – they do not fit together. Nevertheless, there are a few operators already who rely on the alternative cooling medium.



How IT Incident Management Can and Should Be Supported with a Foundation of Automated Notifications

One of the most significant challenges in terms of IT incident management today has to do with the growing complexity of the environments themselves. As more and more mission-critical systems move into the cloud, the demands placed on IT managers have never been higher. These hardworking professionals are being asked to accomplish more with less on a regular basis, which itself becomes a major problem when disaster (as it often does) strikes.

In some ways, the solution to these issues is clear – IT professionals need a way to quickly, accurately and concisely communicate essential information to people at a moment’s notice. But what, exactly, is the best way to do that?

This problem has led to many unfortunate trends in the industry today. Many companies make the mistake of assuming there is a one-size-fits-all solution to automated notifications of this type. This fails to acknowledge the fact that every organization is different.



Monday, 13 November 2017 17:30

Improve Your IT Incident Management

Companies are working to transform themselves digitally, and there is perhaps no more important driver than the cloud. However, as more and more companies are discovering, there’s no single path when it comes to moving to the cloud. Rather, an effective digital transformation strategy integrates private, hybrid and, perhaps most importantly, public clouds.

Companies are working to transform themselves digitally, and there is perhaps no more important driver than the cloud. However, as more and more companies are discovering, there’s no single path when it comes to moving to the cloud. Rather, an effective digital transformation strategy integrates private, hybrid and, perhaps most importantly, public clouds.

 In a recent survey of its customers, VMware found that 67 percent foresee an ideal “end state” in which they rely on multiple clouds. And while many companies have dipped their toes into SaaS and private cloud waters, increasing development, data analysis, security and general market demands are driving the need for companies to extend their IT environments to public clouds.

 With all this said, integrating public clouds is not for the faint of heart. The key challenges are:



Our people differentiate us from other products and services. While technology changes and is replaced on a daily basis, our experience and delivery continues to build over time. The team at Continuity Centers will consistently impress you with their knowledge, drive, and focus.

Our instant business recovery (IBR) is made of several parts that complete the whole. Each part works together to deliver a solution that keeps your business up and running through anything.

They include:



Monday, 13 November 2017 17:25

The Features of Instant Business Recovery

Bringing Together HICS, Business Continuity, IT Disaster Recovery, and Information Security

Hospitals place high importance on delivering uninterrupted care regardless of circumstances, and, as such, invest heavily in preparedness.  Hospitals that are the most successful in achieving a high-level of preparedness typically have integration between four disciplines: Emergency Preparedness (HICS), Business Continuity, IT Disaster Recovery, and Information Security.  Building cohesion sounds fairly straightforward, but, in reality, it can be complex. From our experience assisting hospitals successfully tackle this charge, here are some practical steps to move toward an integrated approach to preparedness:

Start with Governance

Ideally, create a cross-functional steering committee that ultimately oversees all of these disciplines and has the authority to make risk-based decisions that takes into account analysis from across the preparedness landscape.  Again, this sounds simple, but it can be difficult to successfully achieve.  If it isn’t possible to work from one steering committee, try to align risk criteria across preparedness disciplines so that risks and considerations are assessed on a level playing field, ensuring the most critical issues are addressed first.



Event Pages Make Organizational Communications More Efficient

Whether it’s an emergency or a non-critical event, ongoing communications with employees is often necessary. AlertMedia is known for mass notifications, but we also support efficient communications throughout the life of any event – from planning through resolution.

AlertMedia recently unveiled its newest feature – Event Pages. This new event information hub can be found on your AlertMedia dashboard and can be utilized as a powerful, real-time two-way communication tool for administrators and employees to share pertinent information. Event Pages provides a single place to find everything related to a specific situation, with current and archived updates, documents, videos and photos, and resolutions.



Editor's note: This is the second of a two-part series on managing a profitable cloud services business. In case you missed part one, "Pricing Strategies to Profitability Grow Your Managed Services and Cloud Business," you can find it here.

Cloud Profitability Hacks: How You Can Increase Your ROI

When determining your pricing model, make sure you are fully aware of all your costs, both hard and soft. Simply adding a 30 percent markup on cloud services could leave you just barely breaking even. While you absolutely must make sure you cover your variable costs, here’s how to make sure you make double-digit margins.



ORLANDO, Fla. – Florida continues making efforts toward recovery from Hurricane Irma’s severe impact on the entire state – spanning 65,755 square miles from Pensacola on the west end of the Panhandle, Jacksonville on the east coast, south to Key West.

Affected communities and disaster survivors are repairing and rebuilding better, stronger and safer with the help of neighbors, friends, family members, voluntary groups, faith- and community-based organizations and local, county, state and federal governments.

Recovery takes the whole community. The following are highlights of the progress made within the first 60 days since the September 10 presidential disaster declaration and how disaster survivors and affected communities are overcoming challenges:

Assistance to Floridians and the Communities They Live In

Survivors in 48 of the 67 Florida counties are eligible to apply for help under FEMA’s Individual Assistance (IA) program. All 67 counties in the state are eligible to receive federal funding through FEMA’s Public Assistance (PA) program for debris removal and emergency protective measures, including direct federal assistance.

In addition, local, county and state government infrastructure and certain private nonprofit organizations in 55 Florida counties became eligible to receive all categories of PA funding including the repair and rebuilding of certain eligible disaster-damaged facilities.

The PA program benefits everyone in the affected communities because essential services such as roads, utilities, schools and hospitals are restored. FEMA relieves burdens of local and county governments and the state by paying 75 percent of the eligible costs.


So far, more than 2.6 million Florida households have contacted FEMA for IA help. The deadline for survivors to register for federal aid under the IA program is Friday, Nov. 24, 2017.

  • To date, Floridians have received more than $1.5 billion through funding from FEMA, the U.S. Small Business Administration and the National Flood Insurance Program.

o Of that total, more than $899 million in FEMA individual assistance has gone to homeowners and renters whose insurance, or other forms of disaster assistance received, could not meet their disaster-caused needs.

o Homeowners, renters and businesses have received $388 million in 10,579 low-interest disaster loans from the U.S. Small Business Administration (SBA) to repair, rebuild and replace damaged property and contents. SBA offers low-interest disaster loans to businesses of all sizes, private nonprofit organizations, homeowners and renters. The deadline to apply is Nov. 24, 2017.

o NFIP policyholders have received more than $239.5 million in more than 26,600 claims to repair and rebuild flood-damaged property.

  • More than 76,700 survivors have visited Disaster Recovery Centers (DRCs). The first centers opened six days after the presidential disaster declaration.
  • More than 797,000 FEMA housing inspections have been completed.
  • FEMA disaster survivor assistance specialists canvassed the affected communities, visiting more than 208,000 homes to encourage survivors to register for help, while providing them with recovery information and listening to their concerns.

Partners in Florida Recovery Efforts

Thousands of disaster recovery officials and volunteers continue to reach out to and interact with survivors and communities in various ways to help them recover. To meet the immediate needs of survivors – including helping to muck and gut homes and provide emotional and spiritual care – more than 300 voluntary agencies logged more than 520,000 volunteer hours.

  • In an effort to help reduce further damage to property until permanent repairs can be made, 13,370 temporary roofs have been installed in Florida by the U.S. Army Corps of Engineers through Operation Blue Roof. The temporary covering of blue plastic sheeting is installed using strips of wood that are secured to the roof with nails or screws.
  • Thanks to a unified effort to mitigate pollution threats from vessels displaced by Hurricane Irma, 1,492 sunken vessels have been recovered/removed from Florida waterways by the U.S. Coast Guard, the Environmental Protection Agency, the Florida Fish and Wildlife Conservation Commission as well as private owners.
  • Through the State of Florida, Floridians have received an estimated $1 million in disaster unemployment assistance if they lost work or are out of work due to Hurricane Irma. This dollar amount continues to increase to assist eligible applicants.
  • The State of Florida reopened approximately 100 roads impacted by the storm across Florida within two weeks after landfall. In addition, local power crews and crews brought in from across the U.S. and Canada restored 99.9 percent of power to 12 million customers in Florida within two weeks after the storm.

The whole community of partners—including other federal agencies, state and local governments, the private sector and voluntary and faith-based organizations—continue to offer a wide range of help for survivors. For more recovery information, visit www.FEMA.gov/IrmaFL, or follow us @FEMARegion4 on Twitter and on FEMA’s Facebook page.


FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s temporary housing assistance and grants for public transportation expenses, medical and dental expenses, and funeral and burial expenses do not require individuals to apply for an SBA loan. However, applicants who receive SBA loan applications must submit them to SBA to be eligible for assistance that covers personal property, vehicle repair or replacement, and moving and storage expenses.

BC in the Cloud provides private and public-sector organizations with a complete, turnkey cloud computing solution for business continuity and disaster recovery. A rapidly growing business with clients ranging in size from 300 to 1 million employees, BC in the Cloud is focused on delivering a strong yet flexible platform that can adapt to the needs of its dynamic, world-wide client base.

The Challenge

BC in the Cloud has always been a cloud first, cloud only business — an approach designed to give the company the horizontal and vertical scalability needed to serve a geographically diverse client base. To support this level of agility, BC in the Cloud hosts its critical infrastructure on Amazon Web Services (AWS). In addition to providing significant cost savings when compared to an in-house data center, using AWS enables BC in the Cloud to focus on its core business. Notes Patrick Escudero, BC in the Cloud Director of Technology, “Working with Alert Logic allows me to focus on making sure that everything is working great for our customers, rather than spending time worrying about the underlying hardware infrastructure.”

BC in the Cloud’s ability to host data remotely provides a major advantage. When their customer’s systems are down, BC in the Cloud can still facilitate a successful response and recovery.



In a newly-published Gartner report, “Source DRaaS With These Five Steps to Avoid a Disastrous Outcome,” expert analyst Ron Blair explains the complicated nature of selecting a Disaster Recovery-as-a-Service (DRaaS) provider in a crowded landscape with varied specialties. According to the report, “The DRaaS market comprises more than 500 providers.”*

In this report, you’ll learn:

  • How to align priorities and expectations across your organization
  • How to effectively scope your DRaaS project
  • Vendor types and how to manage your selection process
  • RFP best practices and how to assess pricing

With so many options, it’s no surprise that organizations struggle to fully assess which DRaaS vendor is right for their IT systems and business objectives, which may often lead to poor decisions in choosing a provider that’s misaligned with company culture and goals.



Some things are hard to predict. And others are unlikely. In business, as in life, both can happen at the same time, catching us off guard. The consequences can cause major disruption, which makes proper planning, through business continuity management, an essential tool for businesses that want to go the distance.

The Millennium brought two nice examples, both of the unpredictable and the improbable. For a start, it was a century leap year. This was entirely predictable (it occurs any time the year is cleanly divisible by 400). But it’s also very unlikely, from a probability perspective: in fact, it’s only happened once before (in 1600, less than 20 years after the Gregorian calendar was introduced).

A much less predictable event in 2000 happened in a second-hand bookstore in the far north of rural England. When the owner of Barter Books discovered an obscure war-time public-information poster, it triggered a global phenomenon. Although it took more than a decade to peak, just five words spawned one of the most copied cultural memes ever: Keep Calm and Carry On.



On the heels of the devastating wildfires in Northern California, hurricanes Irma, Harvey and Maria, the FCC rejected the five largest wireless carriers’ requests for more time to implement upgrades to Wireless Emergency Alerts.

It was September 2016 when the FCC adopted rules to enhance wireless alerts, including increasing the maximum length of messages from 90 characters to 360 characters and requiring that providers support embedding phone numbers and URLs in alerts.

Since then, the Cellular Telecommunications Industry Association (CTIA) sought delays in implementing the new rules. The FCC finally rejected the industry’s reconsideration of the rules.

“It’s amazing that it took four disasters to make this come about,” retired Adm. David Simpson, former FCC public safety and homeland security bureau chief told the San Francisco Examiner. “It should be an embarrassment to the commission, but it’s done.”



For the past several years we have seen many countries creating residency laws, some of which require all government-related data to be stored locally, while others require all consumer data to be stored locally.  European Union countries as well as Russia, China, Brazil and India, are the major proponents of such laws. 

It is not an easy task to satisfy data residency requirements. On one hand, due to cybersecurity concerns, strict residency laws can hinder cloud productivity. Modern IT infrastructure relies on economies of scale, such as a self-driving car may use artificial intelligence software to train itself with a large amount of training data. The more data that is available to the software, the better the software, which makes it easier to contribute more data for training. This process is critical for the success of many cloud applications, from financial transactions to customer relationship management and search engines.

A true hallmark of the internet era has been the free movement of data, leading to concerns as to whether or not residency laws will hinder the development of cloud infrastructure and software. However, if technology is used to secure the data and minimize chances of data getting into the wrong hands, residency laws might actually increase data sharing which would ultimately create new use cases.



Thursday, 09 November 2017 15:09

Cloud Data Centers Need Encrypted Lock Boxes

New IAPP and TrustArc research uncovers perceptions of compliance risk and strategies to mitigate in U.S. and EU

 BRUSSELS – IAPP Europe Data Protection Congress 2017 – TrustArc, the data privacy management company, today announced the results of a joint survey with the International Association of Privacy Professionals (IAPP) that gauges the perceived risks among privacy professionals of not complying with various aspects of the European Union’s General Data Protection Regulation (GDPR). Surveying close to 500 privacy professionals split evenly between the U.S. and EU, the top GDPR compliance risks are failure to: comply with the new 72-hour data breach notification regulation, map data flows, obtain user consent, and manage international data transfers. The results of the survey were released during the IAPP Europe Data Protection Congress in Brussels, Belgium.

“The results of the IAPP survey on the risks of GDPR compliance shines a light on the challenges of implementing effective data protection in general, let alone when you face a looming deadline,” said Chris Babel, CEO of TrustArc. “Working with our customers, we find that the most effective strategy to achieve compliance is based on building employee expertise and know-how, combined with technology platforms that enable the next-generation processes and routines necessary to efficiently do things like identify and map user data and manage user consent.”

With less than seven months to comply with the GDPR, the most sweeping change to data protection in decades, companies all over the world are determining how to best adjust their internal systems and processes in order to address increasingly strict compliance requirements. The risks of not complying with the GDPR include fines up to 20 million Euros or four percent of global turnover, whichever is higher.



A new version of ISO 31000 is due to be unveiled early next year. As the threat of risks grows for governments, organizations and the public alike, how can the new, streamlined standard help to make our future more secure?

Ten years ago, the boardrooms of banks and financial institutions around the world were rattled to hear the news of the collapse of prestigious and highly respected names, such as Lehman Brothers, Bear Stearns and Northern Rock. Alan Greenspan, the former Chairman of the Federal Reserve, described the shock waves that swept the world as a “credit tsunami”.

In family businesses, governments and industry, the aftermath of the global financial crisis is still being felt. Since then, the spotlight has been turned on risk and exposure to risk – how to manage it; how to prepare for it; how to benefit from it; how to learn from it. In our increasingly complex and interconnected world, one of political uncertainty and economic unease and austerity, these questions are more pertinent than ever and the need for best practice even more compelling.



Thursday, 09 November 2017 15:00

The new arsenal of risk management

It’s already that time of year again: pumpkin spice and predictions for the New Year! Forrester’s Cloud team has been busy gathering, analyzing and prioritizing our predictions for what’s ahead in cloud computing for 2018. As our 2018 cloud predictions published today, here’s a sneak peek into what we see ahead for the most transformative technology trend of the past decade.

The cloud computing juggernaut has fueled digital transformation like no other technology disruption before it. Not only have public cloud platforms completely changed how companies of all sizes consume technology; the leading global megaclouds continue to innovate at breakneck speed. New analytics and machine learning services, IoT and edge computing services, powerful container-based development platforms, new database services, advanced SaaS apps that are even easier to buy, integration and API services to link it all together…the list seems endless, and it’s getting longer.

Cloud now permeates all company sizes, industries, and geographies. And all of this innovation isn’t only happening in the big public clouds; exciting new private cloud technology stacks and fresh partnerships between infrastructure vendor stalwarts and upstart cloud-native companies bring the power and energy of elastic, on-demand cloud services to the enterprise data center as well.

In 2018, we’ll pass that magic threshold: Forrester predicts that more than 50% of global enterprises will rely on at least on public cloud platform to drive digital transformation and delight customers. As highlighted in our 2018 cloud predictions, cloud is truly business critical and is now a mainstream enterprise core technology.



You identified risks, then chose and implemented a mitigation strategy. Unfortunately, you have not completed the job. Monitoring risk, including tracking identified risks and evaluating the performance of risk mitigation actions is critical to the risk mitigation process. Systematically monitoring risk feeds information back into the other risk management activities, such as identification, analysis, mitigation planning, and mitigation plan implementation.

The process for risk monitoring includes setting a structure for how often you review your risk, what to monitor, how to report changes, and how to redefine your risk strategies. 



A new 40,000-square-foot training facility will help ensure that the St. Paul, Minn., Police Department gets the most rigorous, up-to-date training available.

It’s been a long time coming, but the department officially unveiled its new $18 million facility, Oct. 31, that will house the trainings that the department has undertaken recently, including efforts that help defuse conflict and provide police with the tools to deal with bias and employ proper strategies when dealing with people with mental illness.

The two-story building is equipped with a new gun range with 12 lanes instead of the six in the old building, five breakout rooms that with moveable walls can be reconfigured into fewer larger rooms or more smaller rooms, a technology room with laptops, virtual training, and even different-sized windows, such as storefront windows for training purposes.  A large classroom can hold up to 10 people or it can be divided into two classrooms with the moveable walls.



BYO Software, BYO Vulnerabilities

The shadow IT phenomenon—in which employees use their personal technology on the job—looms larger than ever. The latest twist- bring your own software.

First up was the bring-your-own-device (BYOD) movement, with employee-owned smartphones, tablets and laptops replacing company-owned devices in the workplace. Now there is a newer shadow IT twist—bring your own software (BYOS). In this increasingly popular model, employees download and utilize software, apps and the like—in some 99 out of 100 cases, web-based—for such work-related purposes as collaborating or exchanging information with colleagues.

Like its BYOD counterpart, the BYOS model affords employees the flexibility to use the tools that best help them fulfill their responsibilities, in turn increasing productivity and benefiting corporations’ bottom lines. But as is true of BYOD, BYOS also opens doors for significant risks, making risk mitigation a must for all corporations that embrace it to any extent.



Nokia let the smartphone get away; Blockbuster never saw Netflix coming to steal its lunch. These are just two of the most frequently cited cases of incumbent businesses that didn’t pay enough attention to the disruptive potential of innovation by a new entrant or competitor. Your company needs to be aware of the imminent reality of being disrupted if it doesn’t stay ahead of the disruption curve.

How do you stay ahead? By starting innovation as early as possible. You’ve heard it many times: fail early, fail often. Or, as Lekshmy Sasidharan wrote in a recent Cutter Consortium Executive Report:

Begin adopting the disruptive and emerging technologies most relevant to your current and future business models as quickly as possible — the idea being to try soon, fail fast to learn fast rather than wait to be disrupted.

“The ‘try soon, fail fast to learn fast’ mentality is essential to both fail fast and fail cheap, since the cost of early failure is less impactful and there’s more time for course corrections by learning from the failure and experimentation. When a company plans to be ahead of the disruption curve, it builds the required capabilities for current and future business models.”

The capabilities Sasidharan refers to include leadership, ecosystem partnerships, strategic flexibility, and a culture that promotes a sense-and-respond outlook on the external environment. Each of these capabilities takes time to build, so getting started early will help you stay ahead of the disruption curve.



Wednesday, 08 November 2017 15:48

Repeat After Me: Fail Early, Fail Often

(TNS) -- Police got a call Monday from people concerned a Janesville man might become violent.

Officers took it seriously, but they determined the man was no immediate threat, Police Chief Dave Moore said.

The man voluntarily turned over a weapon and agreed to work with the police crisis intervention team, which deals with people suffering from mental illness, Moore said.

Paying attention to such tips could avert a tragedy, but despite all their prevention efforts, officials know a mass shooting could happen here, as it did Sunday in Texas.

So they plan for the worst.



Wednesday, 08 November 2017 15:42

Mass Shooting Here? Authorities Have Plans

Bankruptcy per se is not necessarily the end of an enterprise, as several high-profile phoenixes rising from the ashes have shown.

However, unless you know exactly what you’re doing and can trust partners, stakeholders, and bankruptcy courts to let you do it, bankruptcy can end in tears.

For example, trustees or courts force the sales of assets, creditors have their hooks in too deep to be blocked, credit ratings never recover sufficiently for the business to turn a profit, or customers desert in droves, never to return.

Even if bankruptcy is a financial phenomenon (no money), business continuity managers should keep a lookout for factors of any kind that could lead to it.



(TNS) - When the fire swept into Redwood Valley, Calif., Nick Ioimo was among the lucky.

He happened to get up around 1:20 a.m on Oct. 9 to use the bathroom and saw the flames. He and his wife managed to escape, but the elderly couple who lived behind them died in their home.

Nearly a month later, two things are clear to Ioimo, 69: “Nobody could have stopped that fire. But the people could have got out.”

The Redwood Valley fire killed nine people, all living on or near Tomki and West roads, which form the central north-south route in the rural Mendocino County valley. At least half died trying to escape on foot or in their cars.



Tuesday, 07 November 2017 15:49

Confusion Reigned as Redwood Valley Burned

Global mobile commerce growth was expected to double this year, and there are no signs of that growth slowing as we move into 2018. We are seeing the same kind of growth in the use of mobile devices in the enterprise. However, equivalent IT support for that growth is not always a given.

As many of us remember, digital and mobile devices were not always welcome in the enterprise. There was a time when personal mobile devices came into the organization through the “back door,” with employees using them on the sly. The idea of leveraging such devices to access corporate information and systems was just unthinkable.

Flash forward several years: The number of people using mobile devices grew exponentially, and users became accustomed to information at their fingertips—whether their fingertips were at home, in the office, on the soccer field or beyond. The IT department still wanted no part of mobile—at least, not officially—but the genie was out of the bottle and the BYOD movement was born.



We’ve all been in one of those meetings or corporate retreats where “team building” was on the agenda, Teamworkand everyone cringed. Personally, I’ve done more than my share of painful icebreakers in different workplace settings. Team building has gotten a bad reputation for being cheesy or a waste of time. But, according to an article in Forbes, "Despite its reputation for being, well, lame, team building is the most important investment you can make for your people. It builds trust, mitigates conflict, encourages communication, and increases collaboration. Effective team building means more engaged employees, which is good for company culture and boosting the bottom line.” So, how can you reap the benefits of team building without turning people off from the start? 

Here are some tips for team building with purpose:



Tuesday, 07 November 2017 15:46

4 Tips for Team Building with Purpose

In today’s dynamic digital environment, there is no greater imperative than developing an agility and innovation mindset. Organizations must be in a position to turn on a dime—at any time—to meet internal and external customer demand. They must be able to iterate constantly, repeatedly setting and raising the bar in order to stay ahead of the competition. 

However, as partners know all too well, all of this is much easier said than done.

One of the biggest hurdles to business agility and innovation is customers’ legacy data center hardware and software. These systems often exist in silos; therefore, it is difficult to analyze data across systems. This results in information that is, at best, outdated and, at worst, plain wrong. Many companies are also challenged by slow provisioning, complex processes and outdated development systems. And, with shrinking or static budgets, organizations are hard-pressed to scale legacy systems, which means they can’t efficiently meet demand for growth (if they can meet it at all).



Departments within businesses must easily be able to coordinate and cooperate with each other to optimize productivity. Even though this kind of collaboration isn’t always easy, it fosters stability across a company. However, while organizations comprise many specialized departments, the IT department is a driving force behind collaboration, stability and efficiency.

We all would agree that IT management is supported by two major domains: IT services and IT operations. And, of course, the ultimate goal of IT services is to design, manage, deliver and improve information technologies that are used within the organization. IT operations, on the other hand, deal with the administrative side of things. IT operations handle individual application requirements, manage storage and networking, and troubleshoot users’ devices to resolve issues. Typically, organizations employ a help desk solution for their IT services needs and a desktop management solution for their IT operations needs.

Before I dive into how integrating IT services and IT operations streamlines IT management, let’s take a look at how IT services and IT operations influence end-user support and why IT departments need a help desk solution and a desktop management solution in the first place.



The cloud is certainly one of the greatest technology innovations of this century, arguably of all time. The benefits it has provided to organizations across industries are mind boggling, and the benefits it promises in the future are equally profound. It is exciting to think of what organizations will be able to do in five, 10, 20 years as more and more make use of the cloud.

It’s funny, though; once organizations get their data and critical workloads up on the cloud, they often think that they can ignore one of the cornerstones of IT: backup and disaster recovery (BDR).

The logic actually sounds pretty believable. The reason most organizations feel comfortable moving to the cloud now is that it can provide all these benefits reliably and securely. If the cloud is reliable and secure, then it must not have outages, right? Wrong.



During an emergency, you need to know how to send alerts to the public and provide life-saving information efficiently and effectively. Fortunately, today’s officials have much better options than ringing a bell in the town square — the sophisticated and modern IPAWS system is fully integrated with wireless, television, radio and other telecommunication platforms. Learn more about the platform, how to become certified to use it and resources available to you.

Overview of IPAWS

The government’s Integrated Public Alert and Warning System (IPAWS) was created to help protect members of the community as well as to provide protection for valuable property. Emergency management officials can be incredibly busy during an emergency, and creating alerts through three separate systems simply isn’t feasible. IPAWS allows vetted government officials to warn the public through one centralized IPAWS-compliant interface such as CodeRED from OnSolve  The interface  distributes messages via multiple systems that utilize the Common Alerting Protocol (CAP), Emergency Alert System (EAS), Wireless Emergency Alerts (WEA), the weather radio for the National Oceanic and Atmospheric Administration (NOAA) and more.



Advance location alerting helps leaders know when to trigger emergency response plans

By Glen Denny, Baron Services, Inc.


Lately, on an increasingly frequent basis, weather events seem to dominate much of our news, with rising numbers of severe occurrences presenting fresh challenges for public safety officials dedicated to protecting lives and property. It doesn’t just appear that way, it’s an actual fact: Almost 80% of disasters faced by public safety and emergency management professionals today are weather-related. It’s not only dramatic, extreme storms that require advanced forecasting for efficient safety planning, it’s also the numerous, more common fog, rain, ice, snow, and wind events that often impact our daily lives.

In any community, these conditions can differ within neighborhoods, even street to street, and change minute to minute. For anyone involved in safety management—whether responsible for schools, hospitals, churches, companies, organizations, sports venues, pools, parks, or other public gathering sites—being able to monitor and stay ahead of rapidly changing weather at specific locations is a difficult, time-consuming job that can have serious life or death repercussions.

Accustomed to regional forecasting, public safety professionals have traditionally made the best decisions they can given the broad-based storm information they’ve received. But today, with severe weather events rising, they face a growing dilemma: What’s the best way to access customized, advance weather intelligence data specific to their area so they can enforce whatever timely and effective safety plans are necessary to protect their community and its assets?

Though emergency management professionals and public safety officials aren’t trained meteorologists, fortunately, thanks to modern weather data technology and improvements in the ease of access, they don’t have to be. A new system of data-driven, location-based alerts offers an innovative tool for safety management officials, delivering customized, active monitoring that triggers advanced emergency preparation plans addressing multiple weather hazards.

Web and mobile on-demand system alerts keep pace with changing weather conditions

Denny2America’s a big country, one that experiences nearly every weather event Mother Nature dishes out. Safety managers know that severe weather means different things to different regions across the U.S. and preventative plans must change accordingly. In Florida, emergency management professionals might seek weather alerts informing them when temperatures will fall below 40 degrees so they can implement plans to open homeless shelters or advise citrus owners to protect crops. In Arizona, public safety officials need to know when excessive temperatures might dictate additional safety measures to keep people cool, especially the elderly and very young.

Each region has a threshold for hot or cold, too much snow, too little or excessive rainfall. And although the big, headline-grabbing weather events like tornados, blizzards, hurricanes, and floods command attention, safety professionals require accurate weather intelligence affecting specific, localized areas where daily conditions have immediate impact on commuters and the public.

One provider of reliable, weather technology data is changing the way safety and emergency management professionals stay ahead of severe weather events. At Baron, a global leader in critical weather intelligence, scientists have teamed with seasoned meteorologists to develop a next generation tool, easily accessible to emergency safety managers and planners, advancing precision weather forecasting. Baron Threat Net’s web portal products offer public safety officials a comprehensive weather monitoring platform targeting street level views.

Threat Net’s high resolution, customizable mapping allows emergency managers to concentrate their attention on operational conditions impacting specific areas of concern, with user-friendly navigation and a pre-set feature allowing up to 20 site maps to be stored for future reference. How much rain has fallen, and how much is expected? Exclusive precipitation, accumulated precipitation and 24-hour accumulation forecasts keep users on top of possible flooding risks. Baron Threat Net’s Severe Threats allows simultaneous views of areas threatened by potentially damaging winds, flooding or hail. A Cloud to Ground Lightning feature shows real-time lightning strikes at street level. Using a combination of actual and forecasted products, the Road Weather/Conditions feature offers actual road condition alerts displaying a variety of concerns such as Patchy Ice, Flooded, Snow and Heavy Snow or just plain slippery road surfaces. Baron Threat Net’s complete tropical weather package tracks hurricanes and tropical storms, monitoring the latest maximum wind speeds, watches, warnings and storm surge conditions, making the information easily accessible.

Denny3To keep safety professionals informed in advance, Threat Net delivers customizable, pinpointed local alerts making officials aware of locations and assets in the path of impending, potentially dangerous, weather. Users select a location, identify the risk and choose a notification method—on screen, by email, or via push notifications to a phone—while the system, which includes patented Baron Safety Alerts and standard National Weather Service watches and warnings, automatically monitors that location. A companion app lets users access real-time weather conditions from any location, a valuable feature for safety departments sometimes short on personnel resources.

Proprietary, customized weather alerts safety management professionals can depend on

Local and regional safety managers are familiar with their area environment and the kinds of weather events making them most vulnerable. Most have been on the job for some time, and may have grown somewhat skeptical about the accuracy of long and short-term weather forecasting. They shouldn’t be. Advances in computing power, speed and forecast algorithms have dramatically improved weather forecasting technology, and today accessing that critical information is easier than ever.

That’s where Baron’s Threat Net products are making the biggest difference for safety management professionals. While traditional weather services are okay, none deliver the kinds of proprietary, customized weather alerts available through Threat Net & Pinpoint Alerting products. The proprietary alerts they provide supply pre-set custom alerting of 80 different weather conditions.

"When I'm in the field I use a lot of tools to help me navigate around severe weather, and the most reliable one is Mobile Threat Net,” says Martin Lisius, a Severe Weather Expert from Arlington, TX.

Denny4Safety personnel can receive customized forewarning of changing conditions invaluable for getting them ahead of weather events, helping them determine timing and scope of emergency response plans. And quite simply, the more advance notice officials get before dangerous weather arrives—the more accurate, granular and detailed that information—the better their response planning will be.

“Baron has a history of working with our partners to understand their needs and has developed customized alerts that pinpoint the exact timing and location of weather events that will impact our customers; many of these alerts go beyond the traditional weather warnings we are accustomed to receiving and focus on specific weather phenomena, such as hail and lightning,” says Bob Dreiswerd, Baron’s Chief Development Officer. “Baron also works with customers to develop alerts specific to their situation that focus on weather related events that directly impact their operations.”

Not your grandmother’s weather forecasts: incisive weather intelligence takes the ‘might’ out of forecasting

Baron’s suite of weather intelligence products offers safety officials user-friendly, data-informed alerts letting them know what’s actually coming, in many cases well before it arrives. The complete data set of customized tools can provide street-level road forecasts 24 hours in advance, deliver a tropical weather package tracking maximum wind speed, watches, warnings and storm surge, and even keep safety personnel informed during unpredictable emergency situations like hazmat spills or terrorism. With trains and trucks transporting hazardous materials through communities daily, Threat Net can help safety management professionals determine wind and rain conditions with potential to spread spills, smoke, gases or other toxic substances when and if spills occur.

Whether you’re a small-town mayor charged with knowing how much additional rainfall to expect in order to keep residents in the path of impending flooding safe, or an Emergency Management Coordinator like Rusty Chase of Isle of Wight County, VA, relying on Mobile Threat Net to make decisive plans based on its alerts, all safety management professionals need access to the best weather intelligence available today. “We saw dangerous weather on Mobile Threat Net and were able to give the schools adequate time to shelter children in the hallways during a tornado,” Chase says. “Had we released the kids to go home prior to my alert we would have had them on the roads and probably had injuries and fatalities.”

Relying on critical weather intelligence and customized alerts like these gives safety officials the confidence they’re using the most effective tool available for making informed planning decisions to secure the safety of their community. A recent example of the utility of Baron’s weather intelligence tools came with the arrival of Hurricane Harvey on the gulf coast. Threat Net’s live monitoring of Hurricane Harvey allowed users to prepare for the storm before it made landfall. While the storm’s impact couldn’t have been avoided, Threat Net’s prediction helped many people better prepare for Harvey’s force. When advanced technology produces weather data products capable of delivering customized advanced warnings today’s safety management professionals can depend on, why wouldn’t they?  

Positioning Companies to Face the Future Confidently

With most companies and industries facing uncertainty when looking to the future, there arises the question of how confident organizations are in executing their strategies successfully. More specifically, how can executive management and the board of directors assist the organizations they oversee with facing the future confidently?

Confidence is neither a cliché nor an assertion of mere optimism, but rather a quality of the human spirit that drives leaders and their organizations forward. Given the importance of confidence in human endeavors, especially in a rapidly changing environment, we explore the attributes of confidence that executives and directors can use to assess and advance their organizations along the journey to realize their organizations’ respective vision.



Thursday, 02 November 2017 14:57

Armed With Confidence: The Infallible Edge

(TNS) — Two days after a heavy storm ripped through Connecticut, an estimated 21,000 customers remained without power Wednesday morning and both residents and many local officials were growing increasingly frustrated with the response from Eversource.

“I think the storm did take them by surprise,” said Lebanon First Selectwoman Betsy Petrie. “That’s just not acceptable,” said Petrie, who had about 1,100 homes in her town without power late Tuesday afternoon. By 6 a.m. Wednesday, the number of outages was down to 763, 35 percent of the town; Lebanon schools are among a handful that remained closed Wednesday.

In Hebron, where about 25 percent of the town remained without electricity Tuesday night, Town Manager Andrew J. Tierney said residents “can’t understand why it’s taking so long to restore power.” By 6 a.m. Wednesday, 175 Hebron customers, or 4 percent of the town, lacked electricity, according to Eversource.



Avoiding the burden of server management is one frequent reason for moving workloads to the cloud.

Yet the fact is that many cloud environments still require a fair degree of management -- a fact organizations tend to overlook.

This creates an opportunity for MSPs.

Setting up and managing physical servers is a lot of work.

This is a primary reason why organizations move to the cloud.

In the cloud, users don't have to set up the physical servers that host applications or data.

Nor is it users' responsibility to keep the servers up and running.

Failing hard disks, problems with the host operating system and so on are managed by the cloud provider.



The Internet of Things (IoT) has been a hot area in the last few years. The number of connected devices has been growing steadily with Gartner forecasting that IoT devices will outnumber the world’s population in 2017: 8.4 billion connected things in 2017 and 50 billion in 2020. These connected devices generate massive amounts of data. Today, devices and appliances that were not previously connected (fridges, cars, watches, etc.) are equipped with sensors and peripherals that generate data.

Alongside IoT, enterprises are betting hard on big data. Data is the most precious resource of our digital economy. Many enterprises are applying big data analytics to harness this vast amount of data and take advantage of the insights it provides: identifying trends and patterns to deliver improved services and experiences to their customers, helping companies monitor and streamline their operations, or perform preventive maintenance of machinery and infrastructure.

The business process is similar across many applications. IoT devices provide the data and big data analytics allows for extracting insights. However, a monumental challenge arises: Where will all this data be processed and stored?



Aligning ITIL processes to your DR plan leads to more efficient and effective use of IT infrastructure. Inadequate planning is a risk to the business, and is often overlooked until it is too late – when a crisis event such as a major outage, security or other breach results in the loss of supporting IT systems.

About the ITIL Framework

Many organizations strive to become ITIL compliant or to use ITIL as an IT process framework. ITIL is exactly that – a framework for IT processes and services. It provides best practices, key performance indicators (KPI), and benchmarks for measuring IT service development, performance, and quality.  It is not my intent to use this blog to describe ITIL in detail. Standard searches will provide multiple resources than can be used to learn about ITIL. Complete implementation of ITIL can be time consuming – and a program unto itself. We recommend using ITIL, to the level it makes sense in your organization, as a framework. Use of the basic concepts will provide tremendous value without overshadowing other business critical functions and projects.

The goal of using ITIL is to ensure that your program and implementation follow best practices, and to promote efficiency and functional capability.

We will map the appropriate ITIL processes to IT Continuity Service Management listed below. In general, the ITIL processes associated with IT DR are: SD,,,



2017 has shaped up to be a historic year in terms of disasters. In the last 3 months alone, we’ve seen some catastrophic security breaches and cyber attacks along with other disruptions (i.e. active shooters, severe devastation from natural disasters – wildfires, earthquakes, and hurricanes) hit organizations. The need for recovery and response plans is apparent, but leaves the question of how can I better prepare? One way to improve these plans is taking a holistic approach by incorporating Governance, Risk and Compliance (GRC) into planning efforts. As OCEG states, “GRC is the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity”.



Thursday, 02 November 2017 14:44

The Holistic Approach to Planning

A new crop of emerging technology stands poised to unleash another cycle of raised consumer expectations, changing behaviors, and disruption. The stakes for business leaders are high — a wrong investment could put your firm out of business; make the right move and you’ll vault over your competitors.  

Which tech should you bet on? Which vendors are in the space? Which vendors will be the best fit for you, and will they actually be around in two years? We’re launching two new research methodologies to help you untangle the crowded and complicated emerging tech space. These are: 



Fraud Frequently Asked Questions

1. What fraud issues should survivors be aware of after Hurricane Irma?
    There are a number of fraud concerns survivors need to be aware of to protect themselves:

  • Beware of individuals charging survivors a fee to apply for disaster assistance, receive a home inspection or install a blue tarp through the Blue Roof Program. THIS IS FRAUD. Federal workers NEVER solicit or accept money from applicants.
  • There are also reports of people registering for assistance using someone else’s information. If you suspect anyone of committing fraud and stealing your identity, report it to local law enforcement. You should also report it to:

a. The Department of Justice's Disaster Fraud Hotline at 866-720-5721 or email This email address is being protected from spambots. You need JavaScript enabled to view it..

b. If you discover that someone is misusing your information file a complaint with the Federal Trade   Commission through the website: IdentityTheft.gov.

c. You can also file a complaint with the OIG:

i. Online at the OIG’s website (www.oig.dhs.gov),
ii. Fax it to 202-254-4297, or
iii. Mail it to the DHS Office of Inspector General: Mail Stop 0305; Department of Homeland Security; 245 Murray Drive SW; Washington DC 20528-0305.

d. Make sure to alert the FEMA helpline to the issue as well by calling 800-621-3362.

  • Beware of robocalls from imposters. However, FEMA does plan to conduct outreach by autodialer, in some cases. If you are contacted, the phone number you should reply to is the FEMA Helpline: 800-621-3362 (FEMA).
  • Watch out for insurance related scams.

a. Notify your insurance company after a disaster.
b. Beware of imposters claiming to be FEMA representatives, asking for money to assist with the filing of federal flood claims.

2. How do I know if a FEMA representative is legitimate?

  • If you’re meeting a FEMA representative in person, ask to see their identification badge. All federal employees carry official, laminated photo IDs. FEMA shirts, hats and jackets do not make them official.
  • When a FEMA inspector comes to your damaged home, he or she will require verification of your identity, but will already have your registration number. Keep your FEMA registration number safe. Do not share it with others.
  • No federal government disaster assistance agency will call you to ask for your financial account information. If you’re unsure whether someone claiming to be a FEMA representative is legitimate, say you are hanging up and call the main FEMA helpline at 800-621-3362 to speak about the incident.

3. Do inspectors charge for an inspection?

  • Federal inspectors do not charge a fee at any time to inspect your property. FEMA and the Small Business Administration will never ask you for money.  Our inspectors never require banking information or payment in any form.
  • They also do not determine eligibility or dollar amounts of assistance.

4. What happens when a building contractor shows up, and says they were sent by FEMA?

  • FEMA does not send building or repair contractors. The job of a FEMA housing inspector is to verify damage. FEMA does not hire or endorse specific contractors to fix homes or recommend repairs.
  • If someone comes to your door and says that your home is unsafe, do not believe them and do not let them in.
  • Have an engineer, architect or building official inspect it. An unethical contractor may actually create damage to get the work.
  • When in doubt, report any suspicious behavior to your local authorities.

5. How do I hire a legitimate building contractor?
    Here are a few tips to consider when hiring a legitimate building contractor:

  • Always use a licensed local contractor backed by reliable references.
  • In Florida, contractors are required to carry general liability insurance and worker’s compensation.
  • Require a written contract with anyone you hire. Be sure to read and understand the contract. Never sign a blank contract and never pay more than half the cost of the job upfront. Be sure to get a written receipt for any payment.
  • If one estimate seems much lower than the others and sounds too good to be true, it probably is. Many unethical contractors provide low-ball bids that seem attractive. But the contractors are often uninsured and may charge substantial cancellation fees.
  • Never pay for work in full in advance. The Better Business Bureau recommends a consumer pay half or less of the contract price before the contractor begins repairs and the remaining balance once the work is complete and the owner is satisfied.

6. What should people who did not apply for disaster assistance do if they suspect that they are a victim of disaster fraud?

  • To report disaster fraud, contact The Department of Justice's Disaster Fraud Hotline at 866-720-5721 or email This email address is being protected from spambots. You need JavaScript enabled to view it..
  • Email FEMA’s Office of the Chief Security Officer (OCSO) Tip line at This email address is being protected from spambots. You need JavaScript enabled to view it..
  • You can also file a complaint with the OIG:

a. Online at the OIG’s website (www.oig.dhs.gov),
b. Fax it to 202-254-4297, or
c. Mail it to the DHS Office of Inspector General: Mail Stop 0305; Department of Homeland Security; 245 Murray Drive SW; Washington DC 20528-0305.

  • Contact the FEMA Helpline at (800) 621-3362 if you had not previously registered for FEMA assistance, and do not wish to register. They will not need to take further action. The original application will be locked to maintain a record of the potentially fraudulent file.

7. If I was a victim of disaster fraud, but I still need to apply for assistance, what should I do?

  • Contact the FEMA Helpline at (800) 621-3362 and tell them you have not previously registered for FEMA assistance and that you wish to register.

8. If I tried to apply, but the system said I have already applied, what should I do?

  • Contact FEMA’s Helpline at 1-800-621-3362.

9.  Will I need to wait until the investigation is complete, before I can register for assistance?

  • No. FEMA does not need to complete the investigation before you can have a new registration taken. However, FEMA will need to verify your identity.

10.  Is there anything else people should know?

       Unfortunately, scam artists may pose as government officials, aid workers, charitable organizations, or insurance company employees.

  • Do not respond to texts, phone calls or requests seeking your personal information. The only time you should provide personal information is during the initial application process for FEMA help or when you initiate contact with FEMA to follow up on an application. FEMA inspectors only require verification of identity. FEMA may call you by autodialer, in some cases. These calls will not request your personal information—you will only be asked to call the FEMA Helpline at 800-621-3362. 
  • Ask for identification and don’t be afraid to hang up on cold callers.
  • If you need to contact government agencies, use official information posted on their websites or in other verified sources.
  • Don’t sign anything you don’t understand or contracts with blank spaces.
Wednesday, 01 November 2017 16:42

FEMA: Fraud Frequently Asked Questions

Many companies have strong Annual Plans but fail to execute on them and miss their targets year after year. They know that they are missing something, but they aren’t sure what. There are many reasons why nearly half of all companies fail to meet their annual targets, but one of the most important reasons is that they fail to implement a software system to drive company execution. 

Many smaller organizations are using Excel spreadsheets to track their progress and run their company. For some, that may have worked when they were a very small organization, but once they reach 25 or more employees, they hit a new ceiling of complexity. At that size, the old systems no longer work, and many CEOs don’t realize it until it is too late. They get used to losing critical information in a long email list as they search for status updates on projects, trying to find the most recent report from a slew of emails. They should be collaborating in real time with colleagues with comments connected directly to their most important initiatives, the most important data and the vision across all of the departments contributing to the effort.

There is a better way. Hundreds of companies have implemented thousands of plans with Rhythm Software to keep their annual and quarterly plans on track, solve problems faster at weekly adjustment meetings, help managers better utilize their resources and collaborate better on cross-functional projects. The cloud-based software allows you to connect your strategic thinking and annual plan directly to your daily execution. No longer will the efforts of your team be wasted on projects that don’t drive your corporate strategy.



“You know, if you ask a professional athlete what the hardest thing is to do in sports, they’ll all say hit a baseball, but a coach once told me that the hardest thing to do in sports is to walk into your Superbowl locker room at half time and change the strategy that got you there ’cause it’s no longer working.” – The character of President Josiah Bartlett on “The West Wing”.

Even if you’re not a West Wing fan, you can appreciate the challenge implied in the above quote. And, if you deal with protection of data and the resiliency of information systems at work… that quote may hit extra close to home.

The way the majority of businesses today are protecting their data and increasing the resiliency of their systems isn’t working anymore. It may be showtime for your company, but if the data protection and resiliency strategies are no longer working… it’s time to throw out that one and get a new one.



Wednesday, 01 November 2017 16:38

Changing the Data Protection Game

Data center cooling design is one of the most diverse aspects in what otherwise is an industry built on commonality. Despite a common goal of cooling server and heat generating equipment, the factors that drive mechanical cooling system selection differ wildly for each owner, developer, operator, and end user.  Factors such as initial cost, operating efficiency/cost, speed to market, redundancy, reliability, scalability, flexibility, climate control/SLA compliance, water use, equipment space, and maintenance are all weighed differently and have various levels of influence when selecting a system. Today, new technologies offer efficiencies that are reducing both initial costs and energy usage for data center operators.

Out of those factors listed above, initial cost and operating efficiency/cost are often the primary drivers for data center cooling design. Naturally, the question that follows is, ”which cooling system would minimize initial cost and maximize operating efficiency, while scoring well in all the other categories?” One emerging technology that meets these criteria is air cooled chillers with integrated waterside economizer. Integrated waterside economizer provides the ability to create chilled water using just cold air during ideal ambient conditions with no mechanical cooling, all integrated into the standard sequence of controls for the air-cooled chiller.

Air-cooled chillers, while very competitive from a first cost perspective, traditionally have not performed well with regards to energy consumption while operating in mechanical cooling mode.  With a lack of an integral waterside economizer option, air-cooled chillers were almost unusable in most climates, especially those with significant cold weather hours where an economizer would provide significant mechanical cooling relief.



Workplace safety is and will always be a pressing concern. According to a study conducted by the Occupational Safety and Health Administration, we’re making a significant amount of progress in that regard – from a certain perspective. In the four decades that OSHA has been working with state partners, employers and safety and health professionals around the country, worker deaths have fallen from 38 per day on average in 1970 to just 13 a day in 2015. Equally positive is the fact that worker injuries and illnesses are also way down, from 10.9 incidents per 100 workers in 1972 to just 3.0 incidents per 100 employees in 2015.

But one of the unfortunate facts about the modern era that we’re now living in is that the types of dangers that people are likely to face have evolved in a harrowing and unsettling way. People don’t have to worry about falls, being struck by objects, electrocutions or being caught in or between pieces of equipment anymore. They don’t have to worry about safety hazards that were not properly communicated or guidelines that were not adhered to.

With increasing and disappointing regularity, they’ve got to worry more and more about their own co-workers.



Tuesday, 31 October 2017 19:58

How to Spot a Potentially Violent Coworker

It’s not paranoia, they really are out to get you. When the very organisations promoting IT security manage to botch it up, it’s difficult to have confidence in anything anymore.

One of the latest cases of misplaced trust is the CCleaner software saga.

This software, available for PCs and for Android mobile devices, is designed to help users optimise performance by cleaning cookies, internet history, and other temporary files. The PC version was recently hacked, spreading malware to possibly millions of users.



Tuesday, 31 October 2017 19:57

Why You Can’t Trust Anyone These Days

Our Clients Asked. We Delivered!

We recently released a new version of our recipient app to make it even more useful and simple to use.

The MIR3 Recipient App is a free companion app that users can download to their iOS or Android devices as a convenient way to receive and store messages.



Tuesday, 31 October 2017 19:55

The New MIR3 Recipient App

People walking a busy street in Zanzibar.

Countries in Africa are no strangers to major disease outbreaks that can result in illness and death of millions of people.  In the past two years alone the continent has experienced infectious disease outbreaks of cholerameningitisEbola Virus DiseaseLassa fever, and Yellow fever, and other public health emergencies such as drought and famine.

Understanding the big picture

Training participants from Zanzibar discuss the development of an emergency management program
Training participants from Zanzibar discuss the development of an emergency management program.

It is vitally important to have a big picture perspective on emergency management and response – if one country is not prepared for a public health emergency, then all the countries in the region are susceptible to public health threats that can easily cross borders and impact surrounding countries. This is where public health emergency management (PHEM) comes in. In-country PHEM capacities and systems can be strengthened to support global health security. When the workforce is trained, emergency management infrastructure is in place, and functional systems exist, a country is better positioned to execute a coordinated response that can mitigate risk and save lives.

CDC and other international partners support ongoing efforts to help countries across Africa build capacity in outbreak detection and response. This includes preventing avoidable epidemics, detecting public health threats early, and responding rapidly and effectively to outbreaks of international concern. CDC provides expertise in PHEM to train emergency management technicians, provide input on emergency management operations, and guide development of functional processes and systems for ministries of health around the globe.

Getting the workforce ready to respond

In August 2017, CDC spearheaded a 5-day PHEM workshop in partnership with the World Health Organization, the United States Defense Threat Reduction Agency, and Public Health England.  The workshop brought together 55 emergency management staff members from across Africa to learn from experts in the field about how to enhance coordination and response capabilities of their country’s PHEM programs.

Participants came from seven countries – Tanzania, Uganda, Kenya, Ethiopia, Liberia, Sierra Leone, and Nigeria – which all share common interests and challenges related to emergency response. The training focused on developing core principles in PHEM, including trained staff, physical infrastructure, and processes to run a fully functional Public Health Emergency Operations Center (PHEOC). The training highlighted best practices, but since many of the participants had first-hand accounts of responding to public health events in their own countries, they were encouraged to share experiences and network with their peers.

Sharing knowledge and expertise

Public health professionals who work in emergency response know that it’s important to build relationships before an incident so that during a response you work effectively and efficiently with partners. One participant noted that the “rich, valuable contributions from other people’s experiences to build upon what I already knew” was one of the most rewarding parts of the workshop.

The tabletop exercises at the end of the workshop emphasized the importance of information and idea sharing. Participants engaged in tabletop exercises that simulated a response to a Yellow Fever outbreak in northern Tanzania. Participants were divided into 7 teams: management, plans, logistics, operations, finance and administration, communication, and partners. Each team had a mix of participants from different countries.  Teams utilized information they had learned throughout the workshop to developed response products, including an organizational structure chart, objectives for the response, and an initial situation report. This exercise led to a robust conversation about different approaches to public health emergency response.

Seeing response in action

Public Health Emergency Operations staff survey the scene after mudslides in Regent, Sierra Leone.
Public Health Emergency Operations staff survey the scene after mudslides in Regent, Sierra Leone.

A highlight of the training was when Dr. Ally Nyanga, the Tanzania Ministry of Health PHEOC Manager and an alumni of the CDC Public Health Emergency Management Fellowship, took workshop participants on a tour of the Tanzania PHEOC, a small room on the third floor of the Ministry of Health building. Previously used as a storage area for the library, the 10 x 20 foot PHEOC is now an efficient space that staff can use when they respond to public health emergencies and outbreaks.  To date, Tanzania’s PHEOC has been activated to respond to widespread cases of Aflotoxicosis, a type of severe food poisoning, and cholera outbreaks in Tanzania.

While the workshop is over and participants have returned home, the work that they do to prepare for the next public health emergency is ongoing. The workshop highlighted some important takeaways – you do not need a big space and high-tech equipment to respond quickly and efficiently to a public health emergency.  Instead, coordination to share information, resources, and ideas is vital to a successful emergency response, both in-country and across an entire region.

Learn more

Posted on  by Loretta Jackson Brown, PhD, RN, Health Communication Specialist and Meredith Pinto, MPH, Health Scientist

If you are a survivor of Hurricane Irma, have flood damage, and no flood insurance coverage, you may receive a Group Flood Insurance Policy (GFIP) if you claimed disaster assistance for a home or personal belongings.  

You may receive Group Flood Insurance coverage if you:

  • Live in a flood-prone area;
  • Do not have flood insurance;
  • Suffered property damage from Hurricane Irma flooding;
  • Are approved for FEMA disaster assistance; and
  • Were denied a loan from the U.S. Small Business Administration (SBA).

If you meet all these conditions, you will receive Group Flood Insurance coverage for a three-year period. The 36-month GFIP policy term begins 60 days after the date of the presidential disaster declaration, which was Sept. 10, 2017 for Hurricane Irma. The premium will be part of your FEMA disaster assistance grant.

Renters will also receive Group Flood Insurance if they intend to return to their rental property. However, they must first notify FEMA of their intent to return by submitting a written statement or calling the National Flood Insurance Program (NFIP) helpline at 800-621-3362.

Group Flood Insurance provides coverage up to $33,300. You can upgrade your coverage by purchasing an individual flood insurance policy. If you choose to purchase an individual policy, your Group Flood Insurance will be canceled.

If you were affected by Hurricane Matthew in 2016 and qualified for Group Flood Insurance, you may already have coverage. To get more information or to make a claim, call the NFIP direct servicing agency at 800-638-6620.

FEMA gives GFIP recipients a notice 60 days prior to the three-year policy expiration and a final notice when coverage has been terminated. When a GFIP expires, you will be responsible for obtaining and maintaining flood insurance on your own. Failure to maintain flood insurance will affect your eligibility for future disaster assistance.

Individual coverage becomes effective 30 days following NFIP’s receipt of the applicant’s name and premium payment from either the local, state, territorial, tribal government, or FEMA.

For more information regarding the Group Flood Insurance program or flood insurance in general, call the NFIP call center at 800-427-4661 or go online to www.fema.gov/national-flood-insurance-program.

Tuesday, 31 October 2017 19:51

FEMA: Group Flood Insurance -- How It Works

Halloween unleashes a parade of pint-sized pirates and princesses on towns and city streets throughout the country. Unfortunately, this cherished fall holiday isn’t all fun and games. The reality is that a number of threats can compromise public safety on October 31. There is good news, however. Local agencies can play a significant role in safeguarding the health and well-being of their constituents this October 31, by raising awareness with emergency notifications. Here’s what you need to know. 

The Scary Truth About Halloween

Halloween is a magical time for children. However, most of them fail to realize the adults behind the scenes working hard to keep them safe.

One of the biggest public safety challenges haunting Americans every Halloween? Pedestrian safety. In fact, October is second only to August as the month with the most motor vehicle-related deaths, according to the National Safety Council’s Injury Facts 2016 report.  Not only that, but twice as many child pedestrians are killed while walking on Halloween than on other day of the year, according to SafeKids.org.



Balaouras StephanieBy Stephanie Balaouras

Forrester Research Vice President, Research Director

Each year, Forrester Research and the Disaster Recovery Journal team up to launch a study examining the state of business resiliency.

  • Each year, we focus on a specific resiliency domain, whether it’s business continuity, IT disaster recovery, or overall enterprise risk management. The studies provide BC and other risk managers an understanding of how their practices compare to the overall industry, and it also tracks how priorities, challenges, and practices are shifting over time.
  • This year’s study will focus on business continuity practices. We’ll examine the overall state of BC maturity, particularly in process maturity (business impact analysis, risks assessment, plan development, testing, maintenance, etc.), but we’ll also examine how organizations handle workforce continuity and crisis communication, and we’ll explore the most common causes of business disruption and the lessons that we can gleam from them.
  • What I’ve learned from past studies and from all of the high-profile business disruptions that have occurred in the past two years – from massive airline IT outages to natural disasters – is that business continuity has never been more important. Customers’ expectations for availability have increased dramatically while business complexity, IT complexity, and an increasing number of external risk factors have made the likelihood of a major business disruption highly probable.

For those who will be at DRJ Spring World 2018 March 25 to 28 in Orlando, I’ll be there presenting the complete results and answering questions in person. I hope to see you there. The DRJ will also have a summary of the results on its site. For Forrester clients, the survey results will be examined in-depth in a series of reports in the next few quarters. If you think that this data is valuable to the industry and you are a BC decision maker or influencer at your organization, please take 20 minutes to complete the survey. All the results are anonymous. You don’t even need to submit your email address unless you’d like to receive a complimentary Forrester report, and we won’t use your email address for any other purpose.

Click here to take our survey: forr.drj.com

In theory, your disaster recovery plan works perfectly. But have you told your staff about it?

Creating the plan isn’t enough. DR decisions made in the board room must be communicated effectively to those who need to take action. If your employees don’t know what you expect them to do, you’ll be left without the proverbial paddle.

Inform employees about the DR plan long before a crisis, not in the throes of a hurricane or a cyberattack. Assign roles, build those into job descriptions, and conduct regular training and testing. When DR training is part of employees’ routine, it’ll make all the difference when disaster strikes.

Disaster Recovery Plan Cartoon

  • An enraged man concealing a Glock .45 enters your facility to hunt down his ex
  • A visitor loses consciousness during a meeting, and no one knows what to do as the critical first four minutes tick by
  • The fire alarms go off, you think all of your people have evacuated, but you can’t account for all of them as required by law
  • A company in your same building receives a serious bomb threat, but no one alerts you
  • When you call 911, it takes a least four to eight minutes for help to arrive. You don’t realize during these first life-threatening minutes, you are on your own.

You can’t stop crazy, but…



Tuesday, 31 October 2017 16:32

What scares me

It all started with the rapid rise of technology. Businesses around the world decided that it was time to ditch the old school methods of communication. Instead, they decided to accept the future – and that’s when computers entered the picture.

Along with these computers came maintenance problems and constant issues. Most companies brushed these issues aside. But like everything else, they needed to be repaired when they completely broke. It was that exact mentality that created the break/fix model of IT services.

As the name implies, the model was very simple; when a machine broke, the IT teams were dispatched to fix it. While the machines were slowing down and malfunctioning, the IT teams did nothing. After all, it wasn’t broken yet. Why bother wasting time on a machine that (kind of) works?



Friday, 27 October 2017 15:12

The History of Managed Services

Multi-cloud approaches are taking a bigger share of the market. More than 85 percent of enterprise IT organizations will commit to multi-cloud architectures by 2018, according to IDC.

This will decrease the large cloud players’ monopolies and will lead to higher competition, which in turn will lead to more innovation - new and improved products, efficient pricing, better quality services and many more options to attract customers.

Businesses don’t ask anymore why they need the cloud; rather, they ask which cloud they should choose. So the emergence of multi-cloud is a natural progression, as it offers the flexibility to mix and match cloud technologies and services from different vendors to suit an organization’s exact needs. These can be multiple public clouds, multiple virtual or on-premise private clouds, multiple managed or unmanaged clouds, or a mix of them all.



Friday, 27 October 2017 15:08

Multi-Cloud Approaches Within Reach

Organizations That Want to Survive Significant Operational and Reputational Damage Need to Implement a Complete Crisis Management Program

Your crisis management program creation journey starts here…

We hope you’re reading this article because your organization and its leadership have signed off on the company creating a crisis management program, or there was some other driver that got you to this point.   If that’s the case, and you’re here to find out what a program looks like, so you can present it to your leadership team, then you will benefit from this guide to creating a successful crisis management program. This guide is not all-encompassing, but will give you some clear general guidance on what a typical corporate crisis management program looks like.



Thinking Outside the Box

One of the best ways to achieve ROI is to find ways to extend the use of an investment. You may have purchased software to do one thing and then found it could be optimized somewhere else. While this scenario may not happen frequently, it’s considered a victory when it does.

Emergency notification systems can easily fall into this category. We find most of our clients purchase our software in order to quickly and easily connect with employees when a critical event occurs. They want to eliminate all of the disparate communication systems in lieu of a single, integrated system that enables them to leverage one or several communication channels at the same time. They want to be able to segment their audience, pre-build their messages using templates, and in a click or two, know their message has not only been delivered, but received loud and clear. They want to be able to measure message open rates and constantly improve their emergency plans.

Well done, companies. You are prepared. But did you know you can use your emergency notification system for a whole lot more than emergencies? You can quickly increase ROI by maximizing your use of the software for any desired communication with a specific audience, internally or externally.



Imagine entering your workplace and being met with a sign instructing you NOT to turn on your desktop computers or dock your laptops until further notice. No network access; no email; no dependent application. Unfortunately, this was the actual scenario that played out for one global law firm, DLA Piper, who fell victim to the Petya cyberattack in late June. For this law firm, the loss of email services is devastating; and their email was unavailable for over one week.

The June 2017 cyberattack, known as Petya, affected major organizations throughout many industries. Global shipping conglomerate, Maersk, has estimated quarterly losses of between $200M-$300M, due to experienced interruptions. Large manufacturing facilities were brought offline for many days while working to re-establish critical systems.

Prior to Petya, in May, WannaCry spread worldwide and infected over 200,000 computers. In both cases, infected computers had their data encrypted and hidden from its owners until a ransom was paid.



(TNS) - Question: I keep hearing about how we need to be prepared for a potential nuclear attack by North Korea. They say “know where to go,” but I don’t know where to go! Are there shelters? If so, how do I find out which one?

Answer: No, there are no public nuclear blast or fallout shelters designated in Hawaii, according to the Hawaii Emergency Management Agency, a division of the state Department of Defense.

The agency’s recent PSA, which advises “know where to go, know what to do and when to do it,” gives listeners and viewers general information about how to prepare for any potential disaster, such as having 14 days’ worth of food and water on hand.



Five years ago this month (October 29), Superstorm (hurricane until a few hours before landfall) Sandy made landfall along the coast of New Jersey just northeast of Atlantic City.  Sandy was one of the most devastating hurricanes to hit the northeast United States, causing more than 70 fatalities and $50 billion dollars in damage. It was the deadliest Northeast United States hurricane since Agnes (1972) and the 2nd most expensive United States hurricane on record behind Katrina (2005).  While heavy rainfall and strong winds were part of Sandy’s legacy, the primary cause of the massive destruction and damage that occurred was due to high storm surge levels.

Sandy developed in the SW Caribbean on October 22 (Figure 1). This region is a typical hotbed for October Atlantic hurricanes.  The system slowly intensified, eventually reaching hurricane strength before hitting Jamaica as a Category 1 hurricane.  It briefly reached major hurricane strength (Category 3+ on the Saffir-Simpson Wind Scale) before making landfall in Cuba.



Thursday, 26 October 2017 15:46


Cloud computing offers tremendous advantages and has spurred the continued growth of the as-a-service market. In fact, a recent McAfee report found that 93 percent of organizations utilize cloud in some form. Earlier this year Gartner predicted the public cloud services market would grow nearly 20 percent this year to $246 billion. This is largely due to the fact that many organizations are trying to lower their capital expenditures (Capex) by offloading on-premise solutions hosting, management and maintenance needs.

The perceived advantage of any-as-a-service model is that someone else can take ownership and responsibility, so you’re able to sit back and concentrate on other business drivers. It’s the same reason why many of us opt to pay for Spotify and Pandora to stream our music, rather than having music eat up storage on our computers.

But for all its benefits, there is a dark side to the cloud that you might not have heard about unless you’ve experienced it firsthand. The thing about any as-a-service model is that the goals of any subscription is to facilitate recurring revenue. From that perspective, the minute you trade ownership for convenience, you are beholden to the provider, and doing business on their terms, not yours. You can hope the provider continues to deliver services at the same price tomorrow that they did today, or expect them to continue meeting their SLAs, but that probably won’t be the case. Few, if any providers, are going to willfully admit if or when they underserve you. For all these reasons, once you’re in the cloud, getting out is easier said than done.



Wednesday, 25 October 2017 17:30

Beware of the Dark Side of the Cloud

The scenarios are chilling: A busy hospital suddenly cannot use any of its electronic medical records or other computerized systems. The victim of a ransomware attack, the hospital will not regain access without paying those who locked down the records — if at all.

At another hospital, hackers find a way to connect to the software that controls IV pumps, changing their settings so they no longer deliver the correct doses of medication.

Cybersecurity experts say these are among the situations they worry about when they consider the health-care industry — which, with its reliance on technology and a wealth of data, is increasingly a target of cybercrimes.



You may well have heard the story of the person trying to streamline business operations and driving past huge, separated grain silos one day, which reminded him of the mentalities and divisions he was trying to overcome back in the office.

Thus (the story goes) was born the term “silo management” and its derivatives like “silo thinking” and “silo mentality”.

Business continuity managers are usually aware of the challenge to get all departments to collaborate and do their business continuity in harmony, ensuring that no individual action in one area will endanger BC in another.

But even in these enlightened days of cloud computing and workforce mobility, silos will continue to be a challenge and here’s why.



In our experience consulting with universities, high schools, or elementary schools on Emergency Management preparedness, we have found a number of issues that come up on a regular basis. It does not matter if the institution is a private or a public school. Don’t wait for an event to happen to find out if your child’s school is ready.

Here are 10 questions you should ask to make sure your child’s school is ready for an emergency:



(TNS) - To grasp the power and terror of the 2007 firestorms — a 27-day ordeal that began 10 years ago this weekend— you had to be there.

You had to be in Michelle Grimaldo’s car, as flames swept across Honey Springs Road in Jamul, blocking her escape route.

“Everywhere you looked,” she said, “there was fire.”

You had to be with Tony Mecham, stunned by the number of severe burn victims — 22 — being airlifted from Cal Fire's Potrero station.

“It was like a war zone,” said Mecham, now head of the county's Fire Authority. “That was the first time I’d seen that kind of human suffering on a wildland fire.”



In the span of the last few decades, email has become a key communication avenue to coordinate case proceedings and counsel to a law firm’s clients and co-workers. Now more than ever, law firms are leaning on technology to deliver essential and innovative representation, but this is only possible so long as firms are connected to the internet.

Additionally, lawyers and partners may not always recognize the direct connection of their IT stance on email availability. When a technology disruption may impact access to email, it is critical to ensure proper budgeting and resources for IT systems and data protection—but this is where firms often fall short.



The connected world that we’re now living in, along with the Internet in general, has undoubtedly made our lives better in countless ways. Unfortunately, they’ve made our lives more dangerous, as well – particularly when you consider the current state of cybersecurity worldwide.

According to one study conducted by Panda Labs, there were 18 million new malware samples captured in the third quarter of 2016 alone. That number breaks down to an average of about 200,000 per day. Likewise, new and devastating techniques like ransomware are on the rise. More than 4,000 ransomware attacks occurred every day in 2016 – an increase of 300% over the previous year, according to the Computer Crime and Intellectual Property Section of the FBI.

Based on these stats, it’s easy to see why cybersecurity is such a rising concern among organizations in nearly every industry. But the most important thing for them to understand is that the hackers aren’t some group of cartoon super villains operating from a secret bunker somewhere. In truth, they don’t need to be. Cyber-attacks are far easier than that to pull off because of two unfortunate little words: Human Error.



(TNS) — Someday, the waterfront businesses along La Conner’s First Street may be raised to allow coastal floodwater to wash under them. A barrier along the east edge of the street could keep the water from pushing farther into town.

That was an idea generated recently by town officials and Skagit County, Wash., Climate Science Consortium scientists who together brainstormed ways to handle the town’s flood risks, which are increasing as the global climate warms.

“We wouldn’t defend against that area, we would allow water to flow through,” La Conner Town Administrator John Doyle said of the concept.



Most enterprise workloads are poised to run in the cloud within a year. Based on a recent survey conducted by 451 Research, the percentage of these private or public cloud workloads will increase from 41 percent to 60 percent by mid-2018. Among survey respondents, 38 percent have already adopted a cloud-first policy, which prioritizes cloud solutions for all workload deployments. This is not surprising based on the agility, flexibility, scalability, perceived reduction in TCO, and cloud-born data that cloud computing offers. Cloud pricing is a key driver of cloud workloads. As the cost of cloud computing continues to fall, enterprises are increasingly reluctant to pursue costly expansions of their on-premises data centers or even appliances like a data warehouse.

On top of cloud pricing and inherent computing advantages, cloud providers continue to add services such as data warehouse, data integration, data preparation, and analytics that are essential for accelerating the delivery of analytics to both internal and external customers. It's no wonder that the center of gravity for both data and compute capacity is increasingly shifting from the traditional on-premises data center to the cloud, as companies take advantage of its inherent flexibility.



As traditional ICT spending matures, emerging areas of technology including the Internet of Things, AI, and next-gen security will drive new spending through 2021.  

The latest forecast by International Data Corporation (IDC) released this week said that IoT, robotics, and AR/VR in particular will represent a significant share of the overall ICT market by 2021, including in emerging markets.

Spending on traditional IT, telecom services, and new technologies will grow from $4.3 trillion in 2016 to $5.6 trillion by 2021, which represents a compound annual growth rate of 6 percent in constant currency.



Solid state storage has risen to dominance, outselling hard drives in the enterprise market. While organizations are opting to buy all-flash or hybrid arrays in preference over disk arrays, that still leaves the thorny question of what you do with all the old stuff: existing hard disk drive (HDD) arrays, NAS filers or even older hybrid arrays.

Assuming the absence of an unlimited budget, how can you maximize existing storage investments, while adding all-flash arrays strategically?

The good news is that there are plenty of ways to eke out more value from older storage hardware. This article offers tips on how to achieve that, advice on what to run on the newest all-flash arrays, how best to make the transition to an all-flash (or mostly flash) future, how to migrate from one medium to another and more.



(TNS) — Historian Stephen Pyne sees no coincidence in the fact that on Oct. 8, 1542 — 475 years to the day before the wildfires began ravaging Northern California — the Spanish explorer Juan Rodríguez Cabrillo saw smoke in the sky above Southern California.

Cabrillo’s pilot, Bartolomé Ferrelo, dutifully recorded the phenomena in the ship’s log, as the explorer christened the San Pedro roadstead “Bahía de los Fumos o Fuegos.”

“Fire isn’t going away,” Pyne says on the phone from his home near Tempe, Ariz.

Pyne, a onetime smoke chaser on the North Rim of the Grand Canyon, is the author of more than 30 books, most on the cultural and social effects of wildland and rural fires around the world. He is completing a 10-volume history of fire in the United States.



Woman typing


Infographic: CDC Train

When I think about public health preparedness and response I ask myself three questions:

  • Who provides the infrastructure to train public health responders?
  • Where do they learn what they know?
  • Who helps a responder fulfill their mission?

The answers to these questions may rest in the TRAIN Learning Network (TRAIN). After the September 11th terrorist attacks, public health departments needed a way to track the preparedness-related training of professionals in their state, region, or locality. TRAIN was established in 2003 to offer a solution to the tracking challenge and help train the next generation of the public health workforce.

This network IS the track on which the trains run (pun intended)! If we equip responders with as many skills and as much knowledge as possible before an incident, we can expect:

  • Increased expertise during a response,
  • Just-in-time training that is more readily available,
  • Quicker response and recovery efforts, and
  • Greater resilience.
What is TRAIN?

TRAIN is a national learning network of agencies and organizations that deliver, track, and share trainings for professionals who protect and improve the public’s health. The network identifies, develops, and promotes opportunities for professionals to build their skills and knowledge.

TRAIN has more than 1.5 million registered learners in all 50 states, 5 U.S. territories, and 177 countries.

TRAIN is an open platform, meaning that anyone, anywhere can access the training. Learners have access to thousands of health knowledge and skill-related courses. An emergency management specialist at a state health department can take courses in other disciplines or topic areas with content that is curated by the CDC or another partner in the network.

Learners are able to search TRAIN for courses that are tagged with PHEP Capabilities or PHPR Core Competencies. You can register as a learner through your state’s TRAIN affiliate or through CDC TRAIN.

How does TRAIN work?

TRAIN is a collaboration between 27 state health agencies and partners, as well as 3 federal partners – Centers for Disease Control and PreventionVeterans Health Administration, and Medical Reserve Corps – who serve as TRAIN Learning Network affiliates. More than a thousand CDC-developed learning opportunities are available to all the registered learners in the TRAIN network.

Why is TRAIN a wise investment? Over 12 years (2005 – 2016), the Kansas Department of Health and Environment saw a cost savings of $35 million as a result of staff taking trainings through its portal, KS TRAIN. Learners and the agency saved travel expenses as well as personal costs.

TRAIN affiliates operate branded online portals, which allow them to:

  • Identify specific groups of learners for targeted courses or training plans
  • Monitor training and completion of specific groups of learners, including the use of custom reports
  • Partner on training with state, tribal, local, territorial, national, and international providers

Meanwhile, organizations that provide training, including other government agencies, academic institutions, and nongovernmental organizations can:

  • Assign training to a specific group of learners and monitor their progress towards completion
  • Test knowledge and collect feedback, develop custom curricula, and access course data

The TRAIN approach fosters collaboration, saves cost by reducing duplication, and reaches learners across jurisdictional lines. This ensures that together, we can train the entire workforce with all the tools at our collective disposal.

Get more information

If you have additional questions, please send an email to This email address is being protected from spambots. You need JavaScript enabled to view it..

Residents of Crosby, Texas, located 30 miles northeast of Houston, were evacuated last month in the aftermath of Hurricane Harvey. The imminent threat to human life? Not flooding, but noxious explosions at the nearby Arkema chemical plant, which had lost power during the storm and was unable to maintain safe temperatures at its cold storage warehouses.

Wondering whether your community is in danger of a similar incident involving hazardous materials, aka “hazmats,” and what steps you can take to safeguard public health and safety? Here’s a closer look.



Demands on IT in small and medium businesses (SMBs) are continuing to rise exponentially. Competing IT priorities such as budget restrictions, increased application and customization demands are pushing IT administrators to the breaking point. IT administrators lack the time, resources and desire to spend their day in the weeds of keeping their infrastructure up and running.

New technologies such as hyperconverged infrastructure offer help with improved efficiency, scaling and management breakthroughs. Hyperconvergence is the combination (or convergence) of many potentially disparate platforms into a single platform. In relation to the physical hardware, this means placing compute (CPU and memory) and storage (spinning disk and solid state drives) into a single server. From a software perspective, this means that at the very least, all components of the system are managed from a common interface. This may be a custom user interface built by the manufacturer, or it could be an add-on or extension to the existing hypervisor management software.

There are many myths and misperceptions around hyperconvergence for SMBs however. Below are a few to highlight:



If you registered for disaster assistance following Hurricane Irma, stay in touch with FEMA.

Missing or outdated information, such as phone numbers or addresses, can delay help.

The easiest way to update your application, check your status or provide missing information is to create an account at DisasterAssistance.gov to:

  • update your current mailing address or phone number;
  • receive information on the status of your home inspection;
  • find out if FEMA needs more information about your application;
  • learn how to appeal an eligibility determination;
  • get answers to other questions about your application, or upload personal documents.

Call the Helpline to:

  • add or change household members and number of occupants;
  • check on the status of your case;
  • update;
    • insurance information
    • contact preferences (mail, email, other)
    • payment preference
    • location of where you currently reside
    • correct/verify home and property damage

You can also visit a Disaster Recovery Center (DRC) for face-to-face assistance with a FEMA specialist. To find the nearest DRC, visit www.fema.gov/IrmaFL.

If you don’t have internet access or require services not offered on the website call the FEMA Helpline at (800) 621-3362 (voice,711 or VRS, TTY (800) 462-7585) between 7 a.m. and

11 p.m. ET. To minimize wait times, call during off-peak hours (early morning or late night).

Callers should refer to their nine-digit registration number, which is located on all communications received from FEMA and helps us assist you.

The Problem with Emails

Emails. How many do you get each day? How often do you check them? When I say “check,” I mean read. The average time spent reading an email is 11.1 seconds and only five seconds for a text. With instant communications available via texting, instant messaging and social media, email is rapidly losing its charm, particularly amongst millennials.Email still has its place in the work environment for non-urgent messages and regular communications with vendors, customers or other businesses, but is it really the most effective way to notify employees of an urgent situation? Likely not.

There are several problems with emails, such as the sheer number of them we receive each day, (an average of 88, per one study), sending and receiving isn’t always instantaneous, and there is no guarantee the receiver will take the time to open and read it. If there is a network outage, you may never get your message across as it sits in your outbox indefinitely.

When it comes to emergencies, emails simply do not convey a sense of urgency. People assume they can get to an email whenever they get the chance, and only 30 percent of them ever get read. Few emails garner the same level of attention as a text alert or similar form of communication.



Friday, 20 October 2017 14:42


While MSPs do not need a reminder to practice good cybersecurity habits, we cannot always say the same for end users. That being said, National Cybersecurity Awareness Month is a great opportunity to ensure your customers are up-to-date on the latest best practices with a cybersecurity training program.

The nature of your business will dictate the specific cybersecurity training schedule you choose. However, a good start is to ensure new employees receive training as part of onboarding and all employees receive training on a regular basis. It’s important to have a formalized plan in place to keep security front of mind and keep employees informed about new threats.

Unfortunately, there’s no single product that will solve all of your cybersecurity problems. In today’s world, it takes many technologies and processes to provide comprehensive risk and security management. Total data protection requires a multi-pronged approach:



(TNS) - Dr. Scott Witt kept close behind the ambulance carrying the newborns. On his motorcycle, he drove over and ducked under downed power lines. He swerved around embers blowing onto the highway.

Sutter Santa Rosa Regional Hospital, where Witt oversees the neonatal intensive care unit, was being evacuated Oct. 9 because of wildfires that would become the deadliest in California history.

But Witt couldn’t call the doctors who would be caring for the babies because there was no power. The physicians at the other hospital also had no way of accessing Witt’s medical records online to know what treatment was needed.

“I knew if I didn’t leave then, there would be no way I could take care of the babies,” he said.

As the blaze grew feet away, Witt tailed the ambulance through smoke and debris.

The Northern California wildfires created what some described as an unprecedented health care crisis that has served as a wake-up call in the region. Not only were two major hospitals evacuated hours into the disaster, but the chaos continued for days after.



It has been nearly three years since an Amazon Web Services senior executive said “Cloud is the new normal”.  Since that time, the momentum behind cloud migrations has become unstoppable as enterprises look to take advantage of the agility, scalability and cost benefits of the cloud.  

In its 2017 State of the Hybrid Cloud report, Microsoft found that 63 percent of large and midsized enterprises have already implemented a hybrid cloud environment, consisting of on-premise and public cloud infrastructures.  Cisco’s latest Global Cloud Index predicted that 92 percent of enterprise workloads will be processed in public and private cloud data centers, and just 8 percent in physical data centers, by 2020.  

So the future is cloudy, with enterprises adopting hybrid cloud strategies using services from a mix of providers.  But irrespective of the cloud services they use, or the sector in which they operate, all enterprises share common goals:  they want their business applications to deliver a quality user experience under all conditions; they want those applications to be secure and resilient; and they want them to run as efficiently as possible.



Compliance with the Health Insurance Portability and Accountability Act--or HIPAA--often keeps healthcare professionals up at night. Indeed, there is a great deal of misunderstanding and confusion on the topic.

HIPAA requires healthcare organizations to comply with specific security, privacy and breach notification rules for the storage and transmission of protected health information (PHI), including electronic data. Healthcare professionals should have a solid knowledge of HIPAA requirements. But healthcare providers who establish their own smaller practices need to understand the regulatory framework. This is important when it comes to transmitting sensitive information via email.

Many healthcare organizations are concerned about a governing body initiating a HIPAA audit. However, there are many ways that practices can come under scrutiny for email-related HIPAA compliance violations. For example, an audit can originate from a patient or an orthodontist reporting an unencrypted email, or an email server might be hacked.



Recommended four consecutive years by NSS Labs

HONG KONG, CHINA – The need for strong and reliable threat defense is critical to everyday operations and becomes more important as high profile attacks continue to increase. Trend Micro Incorporated (TYO: 4704) (TSE: 4704), a global leader in cybersecurity solutions, attained a perfect breach detection rating of 100 percent in the NSS Lab's Breach Detection System report. This marks the fourth consecutive year that NSS Labs has recommended Trend Micro.

A critical way to compare solution vendors is by their detection rate of evasions, an area in which five of the seven companies tested by NSS struggled. Trend Micro posted a 100 percent evasion detection rating, establishing the company in the top of the breach detection quadrant. NSS Labs results prove that Trend Micro reliably equips customers with the protection needed to keep critical data safe, and detect threats moving inbound, outbound or laterally across the network.

"The data speaks for itself, we are very proud that our customers benefit from the protection and peace of mind that come from using our solutions," said Steve Quane, executive vice president of network defense and hybrid cloud security, Trend Micro. "We remain focused on leading the industry in threat prevention, evasion protection and remediation."

CEO of NSS Labs, Inc., Vikram Phatak said, "Trend Micro's Deep Discovery achieved a 100% security effectiveness rating with the fastest time to detect attacks amongst all tested products," said Vikram Phatak, CEO of NSS Labs. "There is no question that Deep Discovery should be on the short list for everyone considering a Breach Detection solution."

With its layered security approach, Trend Micro, and specifically Deep Discovery Inspector™, has continually improved effectiveness and significantly lowered total cost of ownership. Over the last few years, costs dropped from $240 per protected Mbps to under $40 per protected Mbps on average.

The ultimate recipe for integrated advanced threat prevention calls for two essential ingredients, Deep Discovery coupled with the TippingPoint Next-Generation Intrusion Protection System. Together these protect critical data, applications, and infrastructure from known, unknown, and undisclosed attacks stemming from endpoints to data centers and networks.

To access the NSS Labs Breach Detection System report, click here.

About Trend Micro
Trend Micro Incorporated, a global leader in cyber security solutions, helps to make the world safe for exchanging digital information. Our innovative solutions for consumers, businesses, and governments provide layered security for data centers, cloud environments, networks, and endpoints. All our products work together to seamlessly share threat intelligence and provide a connected threat defense with centralized visibility and control, enabling better, faster protection. With more than 5,000 employees in over 50 countries and the world's most advanced global threat intelligence, Trend Micro enables users to enjoy their digital lives safely. For more information, visit www.trendmicro.com.hk.

It’s a fact of business life that customers, markets, and industry commentators only see your brand, and not the suppliers who provide the materials, components, or products behind it.

Naturally, that’s what many enterprises want, so that they can build their brand image and reap the benefits of more revenues and bigger margins.

The flip side is that if a material, component, or brand is bad or if a vendor exposes your confidential business information, then people still only see your brand.

They then consider your enterprise alone to be the culprit, putting your business continuity in danger. Companies can check up on their vendors to make sure they have preventative procedures in place.



Don’t worry, this isn’t another one of those articles that says, “multi-cloud is coming!” We all know multi-cloud is already here, right? In fact, in its “2017 State of the Cloud” report, Rightscale found that approximately 85 percent of organizations have a multi-cloud strategy. Further, companies in the cloud are utilizing, on average, 1.8 public clouds and 2.3 private clouds.

We also know the reasons why companies have been moving to the multi-cloud model. Making use of many cloud platforms helps you avoid vendor lock-in and choose the right cloud for each app and it’s data.

One thing many companies can’t quite explain, however, is why their multi-cloud projects aren’t staying within budget. One of the major reasons to move to the cloud is the cost savings it promises, so this problem is particularly frustrating for IT departments – and budget makers.



In today’s high-pressure and limited-resource environment, it’s easy for a BCM practitioner to be overrun with just managing the program and addressing external influences. Audit requests and questionnaires can pull you in all directions and before you know it, you’ve had to push back everything you planned to do that day, week or even month.

How do you address this state of things? How do you prioritize your task list?

We’ve put together a 6-step process for taking control of, organizing, and simplifying your BCM program workflow; effectively streamlining your BCM program without creating any gaps.



(TNS) - The morning after Hurricane Harvey struck Victoria, Texas, Councilman Jeff Bauknight started getting calls from residents. But there was a problem.

"A lot of citizens were calling," said Bauknight. "And I had no idea - I absolutely had no idea of what to tell them."

Like some Victoria residents, Bauknight was having trouble getting information after electricity and the internet crashed. After the storm, the city largely relied on Facebook to push out updates, but that became a problem for residents who didn't use social media.



Accumulation risk, where a single event triggers losses under multiple policies in one or more lines of insurance, is emerging in new and unforeseen ways in today’s interconnected world, says a post at Swiss Re Open Minds blog.

From Ruta Mikiskaite, casualty treaty underwriter, and Catriona Barker, claims expert UK&International Claims at Swiss Re:

“Accumulation scenarios have always been familiar in property insurance but for casualty lines of business, they have been perhaps less of an issue. However, large losses in recent years show how traditional physical perils should not be underestimated for their casualty clash potential.”

For example, Kilmore East-Kinglake bushfire, the most severe of a series of deadly wildfires in the Australian state of Victoria on Black Saturday, 7 February 2009, led to a settlement of A$500 million—the biggest class action settlement in Australian legal history.



It's no secret that passwords can be stolen.

In order to maximize the security of your passwords, however, you should understand how password attacks actually occur.

Before we begin, we should note that stealing or "cracking" passwords is not the only way that attackers can gain unauthorized access to sensitive data.



(TNS) - With the annual Great ShakeOut earthquake drill coming on Thursday, now’s a good time to ask yourself: “How’s that whole emergency preparedness thing going?”

Are you feeling twinges of guilt because you still haven’t stashed away any food, water or spare batteries? Maybe you were patting yourself on the back for your family’s three-day supply of provisions and gear — until last year’s Cascadia Rising drill made it clear that folks in Western Washington may have to survive on their own for up to two weeks after a megaquake and tsunami.

From hurricanes in Houston and Puerto Rico to deadly earthquakes in Mexico, recent disasters show how long it can take for assistance to arrive and for power, water and transportation to be restored. Victims are left to fend for themselves and help each other in the chaotic aftermath.



Digitalization in economy and society is rapidly increasing the demand for computing power. As more data centers and server cities are necessary, operators are also challenged to cope with increased energy costs. Part 1 of this two-part series,addresses the need to offset rising costs of power consumption with a green perspective for the efficient data centers of tomorrow.

In recent years, the number of enterprises using cloud computing has steadily increased. More and more devices and sensors are connected to the internet, with their control, measurement and tuning processes digitally coordinated. According to an estimate by Gartner, about 4.9 billion connected devices exist today. Cisco experts  predict 50 billion connected devices by 2020, suggesting that the number will quadruple within the next few years. Consumers will especially use these networked devices in the "smart home" segment. For example, an empty refrigerator can automatically create a new shopping list or request the re-ordering of popular food directly in the store. Networked devices also play an increasingly important role in industry and business in order to better plan production and manufacturing processes, as well as to make them more cost- and time-efficient.

The increasing digitalization of the economy and society leads to a very high demand for computing and storage capacities. The current requirements for data protection and security demand further computing power. New technologies such as Industry 4.0, Machine Learning or Augmented Reality do not only mark the next stage of technologized life, but represent a growing need for a reliable and efficient IT infrastructure. Germany has established itself as the largest data center market in Europe and the third largest in the world, thanks to the expansion and construction of data centers. Many large data centers are concentrated mainly in the Frankfurt am Main area. One of them is e-shelter, the fifth largest data center in the world with nearly 700,00 square feet of total space. Globally, most of the large data centers are found within the U.S., in states including Illinois, Utah, Nevada, Virginia, and Iowa. 



Think about the challenge interpreters at the United Nations undertake. First, they need to understand the concepts being communicated. Next, they translate the concepts for people who speak different languages — without coloring the information with their own perspectives. These interpreters use an “internal resource” that maps terms and concepts. In the business technology world, when we formalize or automate such a resource, we create a conceptual reference model.

Because the terms and concepts in conceptual reference models represent the “stuff of the business,” not the stuff of IT, they make sense to business stakeholders. In his recent Executive Update, Connecting Inside and Outside the Enterprise, Cutter Consortium Senior Consultant Cory Casanave makes the case that the conceptual reference model, which defines the terms and concepts used by the enterprise and the communities in which it operates, provides the foundation needed for any “connection” architecture, capability, or project. Writes Casanave:



Working on cars can be quite the challenge. If you’ve got a project car that you’re hoping to get up and running, you probably want to control every aspect of what goes into it. From the engine to the tail lights, you’re willing to tackle every project head-on without any external help.

Until you get stuck on a problem that you’re not equipped to handle.

When you hit a brick wall, you can keep trying to fix the issue by yourself – which can be extremely frustrating. Or, you have the option to take your car to a master mechanic that can easily fix the issue for you.

It’s not unlike running your company. When you need IT support, what’s your best option for support? Most businesses have two distinct choices; either hire an in-house IT support employee (the DIY fix), or partner with a managed service provider (the master mechanic).

Though both options have their own pros and cons, one comes out on top for growing organizations that want to stay ahead of the curve.



To continue providing us with the products and services that we expect, businesses will handle increasingly large amounts of data. The security of this information is a major concern to consumers and companies alike fuelled by a number of high-profile cyberattacks.

The havoc caused by such attacks runs from celebrities embarrassed by careless photos, to the loss of medical records, to ransom threats amounting to millions that have hit even the most powerful corporations.

Where such data contains personal, financial or medical information, companies have both a moral and legal obligation to keep it safe from cybercriminals. That’s where International Standards like the ISO/IEC 27000 family come in, helping organizations manage the security of assets such as financial information, intellectual property, employee details or information entrusted to them by third parties.

ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS).It’s an International Standard to which an organization can be certified, although certification is optional.



People – “Can’t live with them, can’t live without them” might be the motto for many enterprises and their chief information security officers (CISOs).

Even in the most automated of companies, human beings are still necessary to handle emergencies, think creatively, and exercise judgment.

On the other hand, when it comes to IT security, people are often their own worst enemies and by association the worst enemies of their companies too.

Here are a few bad habits that you might usefully encourage IT colleagues and other employees to change.



Tuesday, 17 October 2017 16:24

Bad Habits Are the Worst IT Security Risk

One of the most important things to understand about working and operating in a healthcare environment is that emergencies are not a question of “if” – they’re a question of “when.” Events that impact patient care, employee safety and overall operations can happen suddenly and without warning. The key to continuing operations involves the ability of doctors, nurses, staff and leadership to respond to these events as quickly and as accurately as possible.

Part of success in this regard comes down to effective crisis communication – something that the Centers for Medicare and Medicaid is already emphasizing. It considers communication to be so pivotal, in fact, that it is one of the four main pillars of the CMS’ new Conditions for Participation for Emergency Planning, which MUST be in place for many types of healthcare organizations by November of 2017.

But just the ability to communicate in an emergency is not enough on its own – you need a system in place that will guarantee that the right message gets to the right people at exactly the right time, no exceptions. When it comes to accomplishing this mission-critical goal, more and more of today’s leading healthcare providers are turning to critical emergency alerting services.



You’ve convinced management to do a BIA, and now it’s time to jump in. But, wait! A proper business impact analysis requires some preparation. You don’t jump into a body of water without looking at it first and changing into swim trunks or at least taking everything out of your pockets. Otherwise, you might hit a rock or damage the phone in your pocket. The same logic applies to a BIA. Preparing for a BIA is critical to its success. 

Here, we’ll outline the prep work required to conduct a solid BIA; one that is worth your while and creates tangible results. In the following, we assume a basic understanding of the concept and components of the BIA



Closeup view of an eighty year old senior woman's hands as she sorts her prescription medicine.

If you read our blog on a regular basis you can probably recite the mantra “Make a kit. Have a plan. Be informed.” in your sleep. You are probably familiar with the important items you should keep in your emergency kit – water, food, a flashlight, and a battery-powered radio. What you may not think about is personalizing your kit for your unique medical needs or the needs of your family. Particularly, including prescription medications and other medical supplies in your emergency kit and plans.

As a pharmacist whose job is focused on emergency preparedness and response, I want to give you 10 pointers about how to prepare your medications for an emergency so you can decrease the risk of a life-threatening situation.infographic illustrating an emergency kit.

  1. Make a list. Keep a list of all your medications and the dosages in your emergency kit. Make sure you have the phone numbers for your doctors and pharmacies.
  2. Have your card. Keep your health insurance or prescription drug card with you at all times so your pharmacy benefits provider or health insurance plan can help you replace any medication that was lost or damaged in a disaster.
  3. Keep a record. Make copies of your current prescriptions and keep them in your emergency kit and/or go bag. You can also scan and email yourself copies, or save them in the cloud. If you can’t reach your regular doctor or your usual pharmacy is not open, this written proof of your prescriptions make it much easier for another doctor to write you a refill.
  4. Start a stockpile. During and after a disaster you may not be able to get your prescriptions refilled. Make sure you have at least 7 – 10 days of your medications and other medical supplies. Refill your prescription as soon as you are able so you can set aside a few extra days’ worth in your emergency kit to get you through a disaster.
  5. Storage matters. Keep your medications in labeled, child-proof containers in a secure place that does not experience extreme temperature changes or humidity. Don’t forget to also include nonprescription medications you might need, including pain relievers, cold or allergy medications, and antacids.
  6. Rotate the date. Don’t let the medications in your emergency supply kit expire. Check the dates at least twice every year.
  7. Prioritize critical medicines. Certain medications are more important to your health and safety than others. Prioritize your medications, and make sure you plan to have the critical medications available during an emergency.
  8. Communicate a plan. Talk to your doctor about what you should do in case you run out of a medication during an emergency. If you have a child who takes a prescription medication, talk to their daycare provider or school about a plan in case of an emergency.
  9. Plan ahead. Make sure you know the shelf life and optimal storage temperature for your prescriptions, because some medications and supplies cannot be safely stored for long periods of time at room temperature. If you take a medication that needs to be refrigerated or requires electronic equipment plan ahead for temporary storage and administration in an emergency situation.
  10. Check before using. Before using the medication in your emergency kit, check to make sure the look or smell hasn’t changed. If you are unsure about its safety, contact a pharmacist or healthcare provider before using.


Trust in business is at an all-time low. Trust in governments is rock bottom as well. At the same time, huge challenges remain to create sustainable societies. What to do? A new project to develop a standard for organizational governance could help, and has just been given the green light.

We don’t need to go far back in history to see how bad governance can ruin lives and tarnish industries. Enron and Lehman Brothers are just some of the names that spring to mind, contributing to an increasing expectation from society for the heads of businesses to be accountable for their organizations. While laws and regulations are necessary foundations, truly good governance that takes organizations to new levels of performance over the long term goes far beyond the law to instil trust and effectiveness.

In this context, ISO’s committee of experts that specializes in governance (ISO/TC 309) has just been given the green light to develop an ISO international guidance standard that will help organizations establish good governance practices, going beyond the avoidance of risk and contributing to their long-term value overall.



For Cybercriminals, it’s a Match Made in Heaven

This is an age in which ransomware has made the barrier to entry for would-be cybercriminals lower than ever. And, with the proliferation of IoT devices, for attackers, there’s ample opportunity to compromise smart devices. And the convergence of these two threats has certainly attracted the interest of cybercriminals.

Ransomware and IoT are colliding – and the impact has created the perfect storm for cybercriminals.

At a high level, ransomware encrypts its victims’ data or blocks their access to a computer system or network until a sum of money is paid. With lower execution costs, high returns and minimal risk of discovery (compared to other forms of malware), ransomware has quickly become a preferred method of attack for cybercriminals. And it’s now easier than ever for virtually anyone – even individuals with minimal security knowledge – to extort money from companies and individuals through do-it-yourself ransomware toolkits or via the services of a Ransomware-as-a-Service (RaaS) provider.

When it comes to the popularity of ransomware as an attack vector, the numbers don’t lie. An August 2016 report from Osterman Research found that, during the course of the previous 12 months, nearly 50 percent of the companies surveyed were the victim of a ransomware attack. And Kaspersky’s Q1 Lab Malware Report revealed a 250 percent rise in mobile ransomware during the first few months of 2017. The business model of ransomware has proven highly lucrative, and there’s no sign that the malware will go away anytime soon.



Tuesday, 17 October 2017 16:17

When Ransomware Marries IoT

With the end of September’s National Preparedness Month, incident response professionals may get questions from colleagues about how their organization responds to natural disasters or other major disruptions.

Communications is an especially important element of disaster response. Small businesses may find calling trees sufficient, but larger enterprises and government agencies often depend on advanced communications and information technology.

Organizations have three options for deploying incident response communications infrastructure:



For Cybercriminals, it’s a Match Made in Heaven

This is an age in which ransomware has made the barrier to entry for would-be cybercriminals lower than ever. And, with the proliferation of IoT devices, for attackers, there’s ample opportunity to compromise smart devices. And the convergence of these two threats has certainly attracted the interest of cybercriminals.

Ransomware and IoT are colliding – and the impact has created the perfect storm for cybercriminals.

At a high level, ransomware encrypts its victims’ data or blocks their access to a computer system or network until a sum of money is paid. With lower execution costs, high returns and minimal risk of discovery (compared to other forms of malware), ransomware has quickly become a preferred method of attack for cybercriminals. And it’s now easier than ever for virtually anyone – even individuals with minimal security knowledge – to extort money from companies and individuals through do-it-yourself ransomware toolkits or via the services of a Ransomware-as-a-Service (RaaS) provider.

When it comes to the popularity of ransomware as an attack vector, the numbers don’t lie. An August 2016 report from Osterman Research found that, during the course of the previous 12 months, nearly 50 percent of the companies surveyed were the victim of a ransomware attack. And Kaspersky’s Q1 Lab Malware Report revealed a 250 percent rise in mobile ransomware during the first few months of 2017. The business model of ransomware has proven highly lucrative, and there’s no sign that the malware will go away anytime soon.



Monday, 16 October 2017 14:57

When Ransomware Marries IoT

Emergencies Aren’t Biased

Small companies can fall victim to a dangerous mindset of thinking they are too small to take formal precautions against crises. They believe that fancy emergency notification systems are relegated to the companies with thousands of employees scattered around the globe. While the magnitude of the emergency may scale with the size of the company, even the smallest mom and pop company needs a plan and a system to communicate when an unexpected event occurs.

The truth is, emergencies can happen anywhere, anytime, to anyone. All we have to do is look at the crazy hurricane season we will thankfully see coming to an end in the coming weeks. Hurricanes Harvey, Irma, Maria and Nate paid no attention to whether or not the buildings they destroyed were owned by a large or small company. They didn’t care if four employees were displaced or 4,000. It was of no concern as to which streets would be impassable and how long the power would be out.



Blockchain technology related topics are gaining a lot of attention lately, most of the attention is focused on cryptocurrency such as Bitcoin.  Some predict it as the new internet revolution which could lead to new technological innovations in economics and social transformations.

Blockchain is running on a peer-to-peer network, with many distributed nodes and supporting independent computer servers globally.  Part of it is implemented without any centralized authority and has a built-in fraud protection and consensus mechanism, such as the concept of Proof-of-Work, where peer computers in nodes approve every requirement for the generation of a new set of transactions or block to be added to the database a.k.a. “Block Chain”.

It also has a built-in check and balance to ensure a set of colluding computers can’t game the system.  Blockchain also brings in an element of transparency, which reduces fraud as the entire chain is visible and auditable.



(TNS) - The heavy winds that downed power lines Sunday night at the start of the deadly wildfires raging across Northern California were far from “hurricane strength,” as PG&E has claimed, according to a review of weather station readings.

On Tuesday, the Bay Area News Group reported that Sonoma County emergency dispatchers sent fire crews to at least 10 reports of downed power lines and exploding transformers as the North Bay fires were starting around 9:22 p.m. In response, PG&E said that “hurricane strength winds in excess of 75 mph in some cases” had damaged their equipment, but they said it was too early to speculate what started the fires.

However, wind speeds were only about half that level, as the lines started to come down, the weather station records show. At a weather station in north Santa Rosa where the Tubbs Fire started, the wind gusts at 9:29 p.m. peaked at 30 mph. An hour later, they were 41 mph.



The Need for Aligned Assurance

Today’s changing risk landscape has put increased pressure on assurance functions to simplify their requirements and to provide the board, senior management and other key stakeholders with a complete risk and assurance picture. To do so requires coordinating on the risk universe, risk terminology and ratings. Malcolm Murray and Rafael Go discuss how, in light of this mandate to the board and companywide remit, internal audit is best placed to kick-start and champion these aligned assurance efforts.

In recent years, both the size and scope of the risk landscape has changed dramatically. These changes are driven by the reality that organizations are becoming larger, more complex and more geographically dispersed. Add that to the number of third parties (now including fourth and fifth parties) rapidly proliferating and the increase in digitization efforts that are requiring more robust protection from cyberattacks and data breaches. And, along with all of this, companies are under increased competitive pressure from more digitized competitors.

Despite an increased focus on these new challenges, assurance functions are faced with stagnant resources, having to provide more comprehensive assurance with less. Most organizations’ assurance functions tend to work independently, which adversely affects operations and strategy by lengthening decision-making, slowing down corporate clock speed and increasing the procedural burden. According to research from CEB, now Gartner, 43 percent of compliance executives report that internal partners sometimes avoid the compliance process and 77 percent of business leaders have indicated becoming more risk averse. This leads to a 48 percent reduction in potential top-line growth from foregone corporate opportunities and new projects.

Having separate groups report independently to the board and senior management also means they get an incomplete or, at worst, contradictory picture of the risk landscape. In order to provide comprehensive risk guidance to the business, assurance functions must increase their efforts at aligning their work.



Friday, 13 October 2017 16:22

Audit’s Increasingly Critical Role In GRC




Disasters affect children differently than they do adults. Learn more about the unique needs of children during and after disasters. Just with all of the disasters in the United States alone, this issue is especially critical to help young ones cope.  The CDC has several great recommendations for the care of children at time of disaster.

Another organization, the Shenandoah Valley Project Impact, the Central Shenandoah Valley’s regional disaster preparedness and mitigation program developed a great set of children’s books both in English and Spanish to help families and their kids cope. You can download them here.



  • Children’s bodies are different from adults’ bodies.
    • They are more likely to get sick or severely injured.
      • They breathe in more air per pound of body weight than adults do.
      • They have thinner skin, and more of it per pound of body weight (higher surface-to-mass ratio).
      • Fluid loss (e.g. dehydration, blood loss) can have a bigger effect on children because they have less fluid in their bodies.
    • They are more likely to lose too much body heat.
    • They spend more time outside and on the ground. They also put their hands in their mouths more often than adults do.
  • Children need help from adults in an emergency.
    • They don’t fully understand how to keep themselves safe.
      • Older children and adolescents may take their cues from others.
      • Young children may freeze, cry, or scream.
    • They may not be able to explain what hurts or bothers them.
    • They are more likely to get the care they need when they have parents or other caregivers around.
    • Laws require an adult to make medical decisions for a child.
    • There is limited information on the ways some illnesses and medicines affect children. Sometimes adults will have to make decisions with the information they have.
  • Mental stress from a disaster can be harder on children.
    • They feel less of a sense of control.
    • They understand less about the situation.
    • They have fewer experiences bouncing back from hard situations.


(TNS) - The catastrophic fires that have ravaged Wine Country this week may be unprecedented in their toll, but they’re only the latest in a wave of infernos that have blasted through the hills and valleys north of San Francisco in recent years. And the trend is likely to worsen.

As temperatures climb across the West and as a sprawling Bay Area expands development into increasingly rural reaches, Northern California is becoming more akin to Southern California, where warm weather and people staking trophy homes along far-flung cliffs and canyons have set the stage for chronic burning, fire experts say.

“I can’t imagine how there isn’t going to be more of this in the future,” said Hugh Safford, an ecologist for the U.S. Forest Service’s Pacific Southwest Region. “It’s shocking what’s happened, but it really isn’t necessarily all that surprising.”



(TNS) - The Memphis Police Department is working to build up a short-staffed police force, and in the meantime, the department's director of emergency communications hopes that a new dispatch system will help police answer calls more quickly.

The new dispatch system, Intergraph Mobile for Public Safety, is being installed on laptop computers in police cars.

The system uses global positioning system technology to show dispatchers and police officers exactly where squad cars are located and what kind of calls they're handling.



Sometimes in business continuity we end up with such a fierce focus on actions inside the enterprise that we neglect actions directed towards the outside world, and specifically towards our customers.

In the logistics sector for example, among third-party logistics service providers (3PLs), business continuity has not always been a strong point. However, the smarter ones (often the larger ones) have developed a tactic that helps them ride out the rollercoaster conditions of the economy and different natural, political, social, technological, and regulatory upsets.

By getting and staying close to their large customers, 3PLs can gain important visibility into business trends. Some 3PLs take things even further and in concertation with the customer embed part of their personnel into the customer’s organisation.



You’ve convinced management to do a business impact analysis (BIA), and now it’s time to jump in. But, wait! A proper business impact analysis requires some preparation. You don’t jump into the water without looking at it first and changing into swim trunks or at least taking everything out of your pockets. Otherwise, you might hit a rock or damage the phone in your pocket. The same logic applies to a BIA.

Here, we’ll outline the prep work required to conduct a solid BIA; one that is worth your while and creates tangible results. In the following, we assume an understanding of what a BIA is and the components of the BIA.



You won’t likely be duped into sending money to an overseas bank account anytime soon. But phishing scams and malware-laced communications are constantly evolving. As we’ve seen with NotPetya this year, cyberattacks are becoming more sophisticated, and yet they can still find their way into systems through phishing emails—right under our noses, with our permission. They may pose as a new business lead, a security update, or a request from your bank. They may even come with a very convincing email.

These sneak attacks have some telltale signs, however. Shortened URLs, unfamiliar senders and urgent demands to CLICK NOW are just a few. Make sure your employees look out for these, conduct regular educational sessions to keep your team aware of the latest attacks, and let them know how one click could jeopardize your entire network.

Perpetrators cast a wide net, and they will get a few bites, even from those who know better. While being the target of a cyberattack is nearly inevitable—and your DR plan should account for this—exercising caution and training employees can head off many incidents before they become disasters.

Hack attack

This year’s hurricane season is like nothing in recent memory. With the country still reeling from Harvey, Irma, and Maria, everyone held their breath as Hurricane Nate headed toward states along the Gulf Coast this weekend. Those of us at IWCO Direct and Mail-Gard were especially anxious as a number of our colleagues and clients were making their way to New Orleans for the DMA’s &THEN Conference. Thankfully, Nate lost steam before hitting the mainland, but our team at Mail-Gard was prepared to help clients manage the print-to-mail operations of their critical communications at the drop of a hat if necessary. Today we wanted to briefly share how we prepare for a disaster declaration in advance of severe storms and natural disasters.

We start by doing our best to become meteorologists. We have a system in place to closely monitor weather patterns in regions where our clients are located in order to determine which ones may be in the path of a severe storm. We contact those clients well in advance to ensure they have our emergency declaration hotline information readily available. We also make sure our team is fully prepared to spring into action by alerting them to which clients may need to make a disaster declaration, so they can review those specific client requirements in advance. We also analyze our testing schedule to “clear the decks” so that we can devote our full energy to impacted clients.



So you’re the DR guy and you have: setup different replication layers and technologies between datacenters, redundant telecom links, off-site backup solutions, VPN connections over the internet, several layers or power redundancy on some of your facilities; you name it. You have even made your homework and have successfully audited all of these solutions, policies and processes.  

Everything is great... Is it? 

Here are just some surprises:



(TNS) - As the number of people confirmed dead in Northern California fires rose to 15, officials warned Tuesday that the toll could rise as multiple fires scorched upward of 100,000 acres.

Sonoma County alone has received about 200 reports of missing people since Sunday night, and sherriff’s officials have located 45 of those people, said Sonoma County spokeswoman Maggie Fleming.

The majority of the fatalities are from Sonoma County, where huge swaths of the city of Santa Rosa were leveled in flames from the Tubbs fire. Nine people have died in Sonoma County as of 11 a.m. Tuesday, Fleming said. Two people have died in Napa County, three in Mendocino County and one in Yuba County, Cal Fire officials said.



More than a dozen fires have burned more than 1,500 structures in Northern California, with more than a dozen dead as of Tuesday afternoon.

CNN lays down the facts:

  • More than 119,000 acres burned, much of it in wine country – Napa and Sonoma counties.
  • Fires surged behind hurricane force winds (79 mph gusts) – about the same speed as Hurricane Nate at its landfall a few days ago.
  • Nearly 35,000 are without power.
  • No rain is forecast for the next seven days.

Cat modeling firm RMS notes that the fires, taken together, are already the fifth most destructive in state history, as measured in the number of homes destroyed.

The Insurance Information Institute has background information on wildfires here.



Wednesday, 11 October 2017 14:54



  • Do file a claim with your insurance company.
  • Do register for FEMA disaster assistance. The quickest way to apply is online at DisasterAsistance.gov or through the FEMA mobile app. You may also apply by phone at 800-621-3362 (voice, 711, VRS or 800-462-7585 TTY).  Because of high demand, lines may be busy.  Please be patient and try calling in the morning or evening when call volume may be lower.
  • Do return a completed application for a low-interest disaster loan if you have been referred to the U.S. Small Business Administration (SBA). Returning the application
    is necessary for FEMA to consider you for certain grants.  Applicants may apply
    online using the Electronic Loan Application (ELA) via SBA’s secure website at https://disasterloan.sba.gov/el.  Additional information on the disaster loan program
    may be obtained by calling SBA’s Customer Service Center at 800-659-2955
    (800-877-8339 for the deaf and hard-of-hearing) or by sending an email to This email address is being protected from spambots. You need JavaScript enabled to view it..
  • Do know that FEMA grants may help pay for a temporary place to stay, make essential repairs or replace certain damaged contents.
  • Do inspect for structural damage before entering your home.
  • Do throw away wet contents such as bedding, carpeting and furniture. These items may be a health hazard due to mold.
  • Do take photographs of hurricane damage. FEMA or the insurance company may
    want to see these.
  • Do keep recovery-related receipts. FEMA or the insurance company may want to
    see these.
  • Do remember that FEMA grants do not need to be repaid, are not taxed and do not affect other government benefits.
  • Do go to a Disaster Recovery Center if you have questions about your FEMA assistance, a letter from FEMA, or your SBA home or business loan application.   Locate the nearest center with the FEMA mobile app or at FEMA.gov/DRC.


  • Don’t submit more than one registration per household.
  • Don’t wait for visits from FEMA or insurance adjusters before cleaning up flood damage and starting repairs.
  • Don’t wait for an insurance settlement to register with FEMA.
  • Don’t wait for an insurance settlement to apply for an SBA low interest disaster loan.
  • Don’t worry that federal disaster assistance is taking money away from someone else. FEMA provides assistance to all eligible applicants.
  • Don’t assume only homeowners can apply for help. Renters may qualify for assistance too.


Disaster recovery assistance is available without regard to race, color, religion, nationality, sex, age, disability, English proficiency or economic status. If you or someone you know has been discriminated against, call FEMA toll-free at 800-621-FEMA (3362). For TTY call 800-462-7585.

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. Follow us on Twitter at https://twitter.com/femaregion4 and the FEMA Blog at http://blog.fema.gov.

The U.S. Small Business Administration (SBA) is the federal government’s primary source of money for the long-term rebuilding of disaster-damaged private property. SBA helps homeowners, renters, businesses of all sizes, and private non-profit organizations fund repairs or rebuilding efforts and cover the cost of replacing lost or disaster-damaged personal property. These disaster loans cover losses not fully compensated by insurance or other recoveries and do not duplicate benefits of other agencies or organizations. For more information, applicants may contact SBA’s Disaster Assistance Customer Service Center by calling 800-659-2955, emailing This email address is being protected from spambots. You need JavaScript enabled to view it. or visiting SBA’s Web site at www.sba.gov/disaster. Deaf and hard-of-hearing individuals may call 800-877-8339.

(TNS) - Long before Florida entered the deadliest hurricane season in a decade, auditors at the state’s Division of Emergency Management warned what the state was ill-prepared for a major disaster.

An annual audit completed in December 2016 by the agency’s inspector general detailed a lengthy list of deficiencies needed to prepare and respond to a hurricane. Among them:

–– Food and water supplies at the distribution center in Orlando were inadequate.

–– Contracts with companies that would supply cots to shelters had expired.

–– The agreements many trucking companies had signed with the state’s emergency management agency to distribute supplies had lapsed.

–– The agency was using “a spreadsheet created in the 1980s to help predict the amount of supplies and equipment that may be needed after a storm makes landfall,” as the state’s giant storage facility remained half empty.



What are companies doing to protect employees against harassment? This question has added weight after the October 8 firing of Harvey Weinstein by the board of Weinstein Co. following reports of sexual harassment complaints against him. Earlier firings at Fox News and Uber have also brought the issue into focus.

From MarketWatch: “Companies are increasingly buying insurance, including employment practices insurance to cover costs associated with employment lawsuits,” said David Yamada, a professor of law and the director of the New Workplace Institute at Suffolk University.”

Some insurers are also providing training materials for companies to teach their employees about sexual harassment in hope of avoiding it, Yamada added.



Wednesday, 11 October 2017 14:50


By Pete Benoit, Enterprise Solutions Architect, iland

For veterans of the IT services industry, DR has always been a popular topic of conversation with potential clients. Those that have been around long enough will certainly remember how many of those conversations progressed.

Typically, it went something like this.

Potential Client: We’ve determined that our current IT infrastructure DR plan puts our business at risk and we are interviewing service providers to assess potential solutions.

IT Services Vendor: What are your infrastructure RPO and RTO targets?

Potential Client: Our CIO wants us to maintain a RPO/RTO of 4 hours or less.

It wasn’t that long ago that everyone in this conversation would have understood that the quote from the service provider was going to be well beyond what the client intended to spend as part of the overall IT budget. This was typical for both small and large environments. Inevitably, the parties would work backwards by decreasing the expected deliverables for the solution until an acceptable price point could be reached. Sometimes the solution met so few of the organization’s requirements, that the conversation would be abandoned with no action.

Was the CIO delusional for requesting such aggressive (for the time) SLAs? Of course not. The importance of the data and the underlying applications and infrastructure was self-evident. The reality was that, not only were the options to meet those goals extremely expensive, there was very little guarantee that it would work as planned when it came down to crunch time.

The reason for the expense was that each production resource had to be duplicated, to a certain extent, at the remote site. This infrastructure would need to be purchased or leased, co-located, upgraded and required experienced technicians to maintain. All of this in hope that it would never have to be used in a live situation.

Fast forward to the present and with the evolution of virtualized workloads, resource pools, metered billing and any to any replication technology, those RPO/RTO targets are now achievable and at a fraction of the cost. The underlying services billing model that makes this a reality consists of a reserved billing storage component for data replication and burstable billing compute resources that can be deployed on demand and be billed per hour of use.

Reserved storage provides a target storage repository sized to handle all replicated workloads plus potential growth dependent on changes in the production environment. Reserved storage is billed on a per GB per month basis. The storage reservation quantity can be increased at any time to mirror changes in the production environment.

Burst compute refers to on-demand CPU and RAM which are necessary to operate the virtual workloads during production failover or testing. Because replication is accomplished without live workloads, the burst compute resources are available on demand and no charges are incurred until the workloads are powered on. CPU is metered on average GHz of CPU used per hour. RAM is metered as average gigabytes (GB) consumed per hour. These burst compute charges are tallied and billed monthly. When testing or failback is complete, the resources are returned and the burst charges are no longer accrued.

While cost is still top of mind for IT Directors and CIOs, the conversations around solutions for IT's data protection and DR needs are drastically different. Reserved storage plus burst compute pricing for DRaaS allows IT organizations to execute a robust disaster recovery plan without having to pay for live compute resources waiting for use. The major obstacles to a credible DR solution, even for small businesses, have been mitigated by technology advances and wide spread adoption of said advances.

Once the question of cost has been addressed, the discussion moves to more important issues. How do end users connect to the DR environment once failover is complete? Does the recovery site adhere to the same security standards as my production environment? How is failback accomplished? These are just a few of many important questions not related to cost.

In conclusion, the reserved plus burst model allows customers to apply the advantages of two pricing models where it makes the most sense thereby protecting critical data without the burden of barely used, monthly infrastructure costs at the service provider location. A comprehensive solution will also provide assisted initial setup, volume discounts for storage, simplified day-to-day operations via a self-service console, straightforward network configuration, the option for customer initiated failover, as well as detailed billing, monitoring and compliance reporting.

Benoit PetePete Benoit is an Enterprise Solutions Architect at iland, currently based out of Dallas with over 20 years of experience in the IT Services industry including time with hardware vendors, VARs and IaaS providers. His career began in the US Air Force as a Communication-Computer Systems Operator before joining the private sector and moving to Texas in 1996. Pete has a wide range of industry experience as a technician, support engineer and solutions engineer and excels at customer service. A proud graduate of the University of Louisiana at Lafayette, Pete is a husband and father of two and enjoys golf and spending time with family and friends.

(TNS) - As the number of mass shootings continues to climb across the United States, emergency medical workers in central Ohio are among those nationwide seeking to arm bystanders with the knowledge, equipment and confidence needed to save lives during bleeding emergencies.

"A person with a severe enough injury to an artery can bleed to death in three to five minutes, so the regular public needs to know how to stop bleeding, whether it's by applying pressure or a tourniquet" said Jodi Keller, who oversees disaster preparedness for the Central Ohio Area Trauma System.

The network of health-care professionals has been participating in the national Stop the Bleed campaign for about a year, she said. The campaign was launched by the White House in October 2015.



Investigators: Don’t Lose Sight of the Basics

These days, attorneys and in-house legal departments can easily get caught up in the electronic evidence frenzy and in their rush to embrace the ever-evolving world of electronic evidence, they may find themselves expending significant resources on digital collection and authentication procedures. They’d do well to remember that many of the challenges attorneys and courts have faced with respect to old-fashioned physical evidence are no different from those they face with electronic evidence.

These days, many attorneys and in-house legal departments are finding themselves ensnared in the electronic evidence frenzy. And in their rush to stay abreast of the ever-evolving world of electronic evidence, these legal professionals often expend significant time, resources and money on digital collection and authentication procedures — measures that often prove entirely unnecessary. Because while there is undoubtedly a unique set of issues associated with electronic evidence (Where do you collect it from? How do you collect?), at the end of the day, electronic evidence is still evidence. Accordingly, many of the concerns associated with electronic evidence (How do you ensure it is admissible? Is there any way to keep it out of a case?) are no different than the challenges attorneys and courts have tackled for years with respect to old-fashioned physical evidence. Indeed, as one court aptly remarked in addressing electronic communication authentication concerns, “the same uncertainties exist with traditional written documents. A signature can be forged; a letter can be typed on another’s typewriter; distinct letterhead stationary can be copied or stolen.” In re F.P., 878 A.2d 91, 95 (Pa. Super. Ct. 2005). So while legal professionals cannot simply ignore the onslaught of electronic evidence issues, they should not lose sight of the basics in navigating them.

Perhaps the most challenging issue associated with electronic evidence is identifying the variety of sources from where it can be obtained. For example, beyond the more traditional e-mails, text messages and social media accounts, attorneys must now also consider those less-trodden electronic sources (at least in the world of litigation) that might contain useful information, such as voice-activated products (Siri, Google Home) and activity trackers (Fitbits). That said, while seeking Fitbit data may be valuable in defending against a plaintiff’s claim of severe disability, the same data would likely have no relevance in defending a gender discrimination claim. And given that irrelevant evidence — electronic or otherwise — generally will not be admissible in court, attorneys should carefully evaluate all of the claims in a case to determine whether seeking these less traditional (and less accessible) types of electronic evidence would be a waste of unnecessary resources and costs.



What Compliance Professionals Need to Know About Employee Data

The deadline for the General Data Protection Regulation (GDPR) is on the horizon, and a customer’s information is not the only thing that should be on a compliance practitioner’s radar. After all, the mishandling of an employee’s information can pose as much financial risk – therefore, it is important to understand the potential GDPR issues from extended rights and burden of proof to social media snafus and the need for defined policies.

Heads up: There’s more to the General Data Protection Regulation (GDPR) and GDPR compliance than meets the eye. That’s because the regulation — which takes effect on May 25, 2018 — doesn’t simply cover personally identifiable information (PII) belonging to the customers of corporate and government entities that are headquartered and/or do business in the European Union (EU). It also applies to employee PII which, as with customer PII, encompasses everything from telephone numbers to gender preferences.

Neglecting to address the employee PII aspect of the GDPR is not simply foolhardy; it puts organizations at risk for financial repercussions. EU authorities have a record of imposing penalties for noncompliance with mandates, as well as for doing so early on. Their approach to the GDPR will be no exception. But just as significant, in today’s economic climate, PII is increasingly viewed as a valuable commodity and as individuals’ personal property. Employees and former employees want control over this property and will undoubtedly capitalize on opportunities to gain it as afforded by the GDPR. Accordingly, it’s important to clarify key issues surrounding the GDPR and employee data.



Friday, 06 October 2017 17:15

Don’t Overlook This Aspect Of The GDPR

Despite the continual emergence of new malware, hackers, and data breaches, people continue to ignore security warnings. Researchers have suggested this all comes down to our brains.

With most successful cybersecurity attacks, we are constantly seeing it come down to basic human errors. From opening phishing emails to using weak passwords to running outdated software, people have long been compromising their own – or their employers’ – security. Cyber-criminals are always looking to exploit this flaw.

Most People Are Ignoring Cyber Security Warnings

We tend to blame people for clicking on links to malware or not following policies or training. Unfortunately, we are training people to ignore warnings. Think about your own experience – how often do you ignore a security warning that a website is not secure? We often believe, correctly, that it is an expired certificate and nothing is wrong. Also, with all the scam security warnings that pop up, we have allowed people to become accustomed to believing that the warnings are not valid.



(TNS) — A week after the first travel trailers to house displaced hurricane victims arrived in the Keys, they remain in storage in Key West with no apparent immediate plan to get people in them.

The Florida Division of Emergency Management said in a statement Tuesday that “the temporary housing units in Monroe County are staged in Key West for just-in-time delivery to ensure that empty units are not sitting in the public eye. As for a timetable, it is ongoing. As pads become available and survivors are approved by FEMA, we are then able to match them.”

On Sept. 18, Gov. Rick Scott, speaking in Marathon, estimated that about 10,000 of the Keys’ 75,000 or so residents were left homeless by Hurricane Irma, which hit the islands as a Category 4 Sept. 9 into 10.



You may find this blog article mind-expanding – especially if your natural reaction is to think about its title in two dimensions, rather than three. To set things straight, we’re not talking about paper printouts of Business Continuity Plans that by definition are out of date the moment they are distributed.

We’re talking instead about 3D printing, which has become a practical reality.

Businesses are finding all sorts of uses for it, including the creation on demand and on location of machine spare parts for maintenance and repair, and therefore increased uptime and greater continuity.

In a recent article on the web, consultancy firm PwC suggests several reasons why enterprises can improve their business continuity by using 3D printing. Suppliers of spare parts can look forward to cost savings: the article suggests that within 10 years, German spare parts suppliers will save 3 billion euros annually by using 3D printing.



(TNS) — Even before Sunday's mass shooting in Las Vegas, emergency management officials in Massachusetts and on the Cape and Islands were preparing for a similar tragedy here, including plans for how to get information to the families of the dead and injured.

"A lesson learned from the events in Orlando and other mass casualties, including San Bernardino and the Boston Marathon, is it's necessary that incident commanders set up a family assistance center," Kurt Schwartz, director of the Massachusetts Emergency Management Agency, said during an interview with the Times last month after he spoke at a meeting of the Barnstable County Regional Emergency Planning Committee.

A formal state-operated family and survivor assistance plan is in the final stages of development, according to Schwartz.

Initial responsibility for meeting the needs of survivors and family members falls to local authorities where the incident occurs, but state-level assistance can be quickly activated if requested.



Case Study

OVERVIEW: Since 1933, the Jericho Fire Department has been charged with protecting its Long Island, New York community residents from the perils of fire and other emergency situations. The Department proudly provides Fire Prevention and Safety Education, Fire Suppression, Emergency Medical Services and Hazardous Materials response. Its staff of 36 dedicated employees and 94 volunteers valiantly serve the residents and businesses of the Jericho Fire District and, since its inception, the department has evolved into an all-risks emergency response agency, currently responding to about 1000 alarms each year. Together as a team they save lives, reduce property loss, and improve emergency services to meet the evolving life safety needs of citizens.

CHALLENGE/OBJECTIVE: As is the case with so many Fire Departments, maintaining control over the myriad keys kept at a firehouse can be challenging. It's critical to be able to have quick, but at the same time, controlled access to some of the keys. John O'Brien, Jericho Fire District Supervisor, chose to demo the MedixSafe Key Care Cabinet to determine if it would meet the Department's key control needs. The Department already had a MedixSafe Narcotics Cabinet/Safe in their ambulances and firehouse, which has been instrumental in securing their emergency response narcotics and making them available only to the advanced life support personnel authorized to administer them in an emergency. "It's been great," O'Brien notes. "There is no key to override it, and it provides an audit trail of who has accessed the safe and when. So when the Key Care Cabinet became available, we were eager to demo it."

KeyBox6SOLUTION: O'Brien reports that "We loved what we saw, because key control was an issue, and knowing who is in the key cabinet and when is so important. The Key Care Cabinet gives us the ability to track that, as well as the capability to restrict access to those not of the rank to have access." The MedixSafe Key Care Cabinet is electronically controlled and allows the user to not only organize their access keys, but to control them, as well. A 'key' feature that differentiates the MedixSafe Key Care Cabinet from low-end key cabinets is that it enables more secure access.

Because a single PIN can be easily compromised, dual, triple or biometric authentication credentials are required before access to the Key Care Cabinet is granted. Users can opt to go with a fingerprint and PIN combination, key card and PIN combination, or a key fob and PIN combination.

It accommodates over 1,000 individual users and provides an audit trail history of up to 50,000 events. The Key Care Cabinet is accessible via a remote Ethernet network and also has a manual key override. This ensures that the cabinet can still be accessed via a single key in the event of an electronic failure.

KeyBox3BENEFITS: The ability to control access to crucial keys is among the most significant benefits the Jericho Fire Department is reaping from the MedixSafe Key Care Cabinet. Certain keys are especially important to store, O'Brien points out, including the Department's radio keys, auxiliary vehicle keys as well as keys to the fuel pumps. "Probably the most important," he says, "Are the keys for the sirens, which always need to be found quickly." There are also outside vendors the Department works with, and some of them need access to keys, as well. "My radio repairman, for instance, needs access," he adds. "We operate the radios, but he repairs them!" O'Brien adds that the software is very easy to operate, and the overall operation is extremely user-friendly. "It's really just some data entry, and our system is wireless, which made it easy to install. All we needed was a power outlet."

"The Key Care Cabinet would benefit firehouses everywhere," he says. "It ensures the security of the most important keys, and gives you the ability to control and track who's accessed those keys. I highly recommend it."

ABOUT MEDIXSAFE: A leader in the access control cabinet market, MedixSafe began designing and manufacturing narcotics control cabinets in 2008. The first narcotics control cabinets were designed for the EMS market to be used in ambulances. Based on customer requests, MedixSafe designed and built different sized cabinets to meet their varying needs. MedixSafe caters to the key control needs of doctors, dentists, veterinarians, university research departments and schools of medicine, hospitals, the U.S. Army, U.S. Navy, pharmacies, and more. For more information, visit http://medixsafe.com/

Page 1 of 2