Spring World 2018

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 30, Issue 3

Full Contents Now Available!

DRJ Blogs

DRJ | The premiere resource for business continuity and disaster recovery

Social Media in Business Continuity

Social Media in Business Continuity

Social media is everywhere. It’s in coffee shops, at tourist attractions, even walking down the street. People are constantly cataloguing what is happening in their lives on social media with photos, news articles and trendy hashtags. And this is especially true when emergencies arise. Loved ones reach out, asking if they are ok. Photos still get taken, and sometimes the event is live-streamed as it occurs. With 2.06 billion Facebook users and 328 million Twitter users worldwide,* that’s a LOT of news going out! So what is the place of social media from a business continuity perspective? What should companies and employees be doing, and not doing, on social media during and after events?

Like most things, social media has pros and cons. This is especially true within the context of business continuity. As a reminder, business continuity and emergency response are not the same thing, but they also must work together to be successful. Allowing certain things to happen during an emergency may set an unwanted precedent for the business continuity response. So, let’s start with the cons.

 

...
Continue reading
316 Hits
0 Comments

Need Business Continuity Buy-in? Present It As a Tool for Business Growth

Originally published on Rentsys Recovery Services' blog.

Would you agree that in your organization, management views business continuity planning as a necessary hassle, much like filing taxes? It’s not going to build the business, but you need to do it. That’s one of the reasons business continuity owners constantly struggle to get management buy-in.

The key to getting management’s enthusiastic support for business continuity is to challenge a certain entrenched belief they have about business continuity. It’s mentioned in the previous paragraph, but you might have skimmed over it because it’s usually accepted as fact: Business continuity isn’t going to build the business.

...
Continue reading
45 Hits
0 Comments

Disaster Recovery in Microsoft Dynamics 365

Disaster Recovery in Microsoft Dynamics 365

When Amazon Web Services (AWS) stopped working earlier this year, the internet panicked. A while later, the company reported that the outage was caused by a typo. According to an estimate published by the Wall Street Journal, the outage which lasted for over three hours saw business corporations in the S&P index lose a whopping $150 million. What’s more, Apica Inc., a company that monitors websites reported that the $150 million typo also caused 100 websites of the top retailers online a performance slowdown of over 20%.

Events like this while rare, they remind everyone of the undisputed significance of disaster recovery. Without well laid out disaster recovery protocols, a failure on one side of the web can have devastating effects across the internet. For any enterprise, the greatest fear in the event of a disaster is the deleterious effect the outage has on its customers. This perhaps explains in part why customer relationship management (CRM) market has been on a steady growth path in recent years. According to Gartner, the CRM market is estimated to be worth $36 billion today.

A section of CRM industry watchers strongly believes that Microsoft Dynamics 365 is the future of customer service. Microsoft is investing heavily in the cloud, the clearest indicator that the multinational predicts considerable growth of its cloud business. Available statistics estimate that Microsoft Dynamics CRM market will be worth €1.1 billion (approximately $1.3 billion) by 2019. As this market grows, the demand for dynamics CRM consultants will rise and Microsoft Dynamics 365 features like disaster recovery could become the industry standard in customer service management, financial management, operations management, marketing, etc.

...
Continue reading
85 Hits
0 Comments

Increase your Business Continuity Profile

Increase your Business Continuity Profile

Business Continuity Profile

It’s one thing to have a business continuity plan, but it’s another to make sure your staff know about it.  Those involved in writing the plan and the core members of recovery teams are likely aware of the plan.  This is great, but what about everyone else in the organization?  When bad things happen, will the staff know the company has a plan in place?  Will they know they have a role? Will they know how to quickly (and easily) access the plan so they can assist in the recovery?  In short, once you have written the plan, you have to raise the business continuity profile to a level where everyone knows about it.

While it's great the say "raise the business continuity profile", but how do we do that without a time-consuming training initiative?  Here are 6 resource-light ways to elevate the business continuity profile in your organization:

Add BCP to new staff orientation

Most companies have some sort of orientation process for all new employees.  This is a perfect opportunity to share information about the business continuity plan and who to contact should they have follow-up questions.  This is the time to capture after-hours contact information, and emphasize the need to keep the information current.  Be sure that new employees know that this is how you will reach them after hours, if needed.  If they are reluctant to provide the information, ask them if they would prefer the company notify them that the office is closed, before they leave home, or after they arrive at the office in the morning.  This is often enough to convince them!

...
Continue reading
79 Hits
0 Comments

Banks: What If You Made These Common Cybersecurity Mistakes With Cash?

Originally published on Rentsys Recovery Services' blog.

“Data is the new currency” is one of the new slogans of the digital transformation. Modern consumers recognize the value of their data, and 67 percent are willing to share more data with banks in exchange for new benefits. Surprisingly, banks don’t always afford sensitive data the same protections they do for physical currency. While PwC’s 2017 Risk in Review report reveals that the financial services industry has strong cyber risk maturity overall, there are a few common mistakes that could be leaving your institution vulnerable. To give you an idea of the gravity of these errors, think of your cybersecurity practices in terms of cash management and physical security.

Transmitting Unencrypted Data Is Like Sending Unsecured Bulk Cash Shipments

Would you ever transfer a bulk cash shipment to a major customer without using their armored carrier service? Not a chance. You know that that decision would not only be a liability for your institution, but it would also put your customer’s assets at risk and breach their trust.

...
Continue reading
103 Hits
0 Comments

Understanding the Concept of Cloud Backup and Replication

IT industry has evolved a lot in a couple of years.  Cloud is really starting to gain attraction and a lot of companies have already moved their solutions to cloud. When we talk about  Cloud Backup Amazon AWS and Microsoft Azure are the two great guns in the market and cloud connects to Amazon AWS and Microsoft Azure.

Cloud services for Backup and Replications

Cloud is quite a generic term, it can have a lot of more other services but among all of them backup is the most desired Service from the Clients. Stone Fly Clients can Backup their Virtual machines, they can recover Files but they also have the option available for replications and failover for the Customer’s Business Continuity.

Replication of Data can be very useful for their clients in case of disaster recovery, Although Customers can replicate their data in the private cloud only if they have 2 sites Available at a time, But alternate scenario could be that they can avail the opportunity of the Public Cloud from the Service Providers like Amazon AWS and Microsoft assure and cloud connect to Amazon AWS and cloud connect to Microsoft Azure. Service Providers have taken the time to Build Data centers put infrastructure inside of that and then manage those data centers and make it available to their Clients thus minimizing the overheads for the Customers.

...
Continue reading
122 Hits
0 Comments

Custom Business Impact Analysis Tool..? YES!

The Business Impact Analysis (BIA) phase of writing your business continuity plan can seem like a daunting task. With the varying needs of each business comes different requirements for the BIA. That’s why KingsBridgeBCP has done our research and asked you, our customers, what your needs are for completing a BIA. And now, recently released in Shield, is a complely custom Business Impact Analysis tool. Read on to learn more about this great new feature!

 

Shield Silver – Now Includes Threat Risk Assessment (TRA) and Business Impact Analysis (BIA)

Shield Silver users now have access to a standard Threat Risk Assessment (TRA) and Business Impact Analysis (BIA) tool in Shield. The TRA covers standard threats most businesses might face. It also includes a simple survey to complete each assessment. Best of all, it prioritizes your threats for you as you complete the surveys.

Shield Silver users also gain access to a standard BIA. You define your business processes for each team. Then for each process you define:

...
Continue reading
83 Hits
0 Comments

Active Directory and Single Sign On (SSO) in Business Continuity

Active Directory and Single Sign On (SSO) in Business Continuity

When we head to client sites, we listen for the key words Active Directory. This part of IT infrastructure can be a blessing for every day functionality. It can also fall apart dramatically during an incident. Before we get to the implications of what might happen if it goes down, let’s give a general explanation of what it is.

Active Directory

Active Directory (AD) is the place on the network where all of the user permissions are stored. For those end users out there who are not overly tech savvy, think of it like this. Every day you come to the office, boot up your computer, and enter a user name and password. When it opens to your home screen, you can see your email and your desktop, and the files you need to do your job.

Now think about how many people work at your company. Every person that comes to work has their own user name and password, so that when they log on to their computer they see their emails and desktops and files. In order to make sure that each person sees their emails and no one else’s, all of those user names and passwords need to be kept somewhere. AD is often where they are kept. And it automatically checks to make sure that the user name and password match, and the information the user (that’s you) sees is their own. Put in the wrong info, and it won’t let you in.

...
Continue reading
124 Hits
0 Comments

Never, say never… 

Never, say never… 

Previously we wrote about the fall-out from the Lac Megantic rail disaster – the deadliest Canadian rail disaster since 1867.  Many lessons were learned from the two-year investigation that followed.  While less catastrophic, the recent post-Hurricane Harvey Arkema plant explosion near Houston, Texas, will also reveal its own take-aways.

However, even without results from investigations into the Arkema explosions, these incidents deliver a critical lesson: ‘Never say never’.

The 'perfect storm' in Lac Megantic

At Lac Megantic, there were 18 factors that led to the rail disaster, taking 47 lives and devastating an entire town.  Each factor, considered in isolation, never would have predicted the disaster that resulted: a short-cut on an engine repair; a small engine fire; an improper brake test; insufficient brakes set; a train left unattended at the top of a hill.  While any one of these factors would have not created the disaster that resulted, unfortunately, for the community and the rail company, many of them collided on one fateful night.

...
Continue reading
138 Hits
0 Comments

3 Steps Prevention against Ransomware

3 Steps Prevention against Ransomware

Regrettably ransomware are becoming a regular occurrence. The stories of data loss, locked away data and critical operation disruption are real. With the General Data Protection Regulation (GDPR), applicable after 2018, companies are already addressing their backup and disaster recovery plans to ensure that they remain compliant with the data protection regulations. Regardless of compliance reasons, enterprises still need a reliable way of protecting themselves from ransomware.

The following three steps can prepare an enterprise to prevent the damage done by ransomware:

Step 1: Prepare

Preparation is of the utmost importance; something as grand a scale as moving to the cloud takes a great deal of it. It can be classified into these major segments: Training staff, employing security layers, removing outdated operating systems.

...
Continue reading
897 Hits
0 Comments

BCP Headaches you can Avoid by Using Shield: Part 3

BCP Headaches you can Avoid by Using Shield: Part 3

Solve BCP Headaches

Welcome to the third and final installment of our series on how SHIELD can solve BCP headaches.  Last week we talked about how SHIELD helps the newcomer to business continuity get started on the plan development process.  This week we’re going to look at what challenges that come up after you finally have that plan written.

Updating contact information is so time consuming!  Isn’t there a better way?

Keeping contact information up to date is one of the most challenging and yet important parts of a business continuity plan.  Just keeping personnel information current is challenging enough but what about all those vendors you need to be able to reach out to if disaster strikes?  You don’t want to be editing information in two different places.

If you’re a SHIELD user there is a simple way of importing information from other data sources into SHIELD.  With an extract from your HR database or your vendor management system, Shield has import and merge functions that allow you to pull new information into SHIELD with just a few clicks.  No more editing row after row.  Simply choose your method of importing and SHIELD will do the work for you.

...
Continue reading
189 Hits
0 Comments

The Impact of Cyber Activity on Traditional Resiliency Programs

Traditional resiliency designs are most often predicated upon the ability to restore an IT environment to a point whereby the business can resume operations. Reducing the amount of down time, along with being able to minimize data loss (measured using Recovery Time and Recovery Point Objectives) are the keys to a successful resilience program.

These objectives have held up over time in defining the actual techniques required to resume the IT function in support of overarching business objectives. When applied to a full recovery at an enterprise level, this approach has proven sound and is acknowledged across the industry as the optimal way to design and implement a resiliency strategy and overall program.

Recent changes in the dynamics of a potential outage, primarily being driven by a growing set of threats in the form of cyber activity, have demanded a rethinking of how a response should be handled. More specifically, evolving threats are now focused on potentially smaller targets with greater levels of impact that can prevent a company from conducting business that look to damage or worse yet hold for ransom critical information within the firm. This increased level of compromise requires not only that an expedited response be in place but likewise necessitates that more complete, accurate, and protected systems and information be always available to immediately resume business processing.

...
Continue reading
2234 Hits
0 Comments

BCP Headaches You Can Avoid by Using Shield: Part 2

BCP Headaches You Can Avoid by Using Shield: Part 2

We hope you enjoyed last week’s blog post on how KingsBridge Shield can solve some of your Business Continuity Planning (BCP) information security headaches.  This week, part two of our series focuses on how Shield can cure the headaches of the BCP newbie.  Has management assigned you the responsibility of heading up the company’s BCP program but you don’t know where to begin?   At KingsBridge, our motto is Keep It Simple and Straightforward.  Our Shield software has everything the newcomer needs to resolve their BCP headaches.  Here are a few examples:

I’m brand new to this.  Starting BCP on the right foot.

Starting BCP can seem like a daunting task, knowing where to begin can be the hardest part.  Often senior management assigns business continuity plan development to an employee with no experience or resources to complete the job.

At KingsBridge, our Shield software takes that first step for you.  Out of the box, Shield comes with hundreds of pages of template content for every type of recovery team you can imagine.  We also have specialized templates for credit unions or for those who want to follow the FEMA format.  But that’s not all, the Shield content also includes recommendations for exercising and getting you started on your Business Continuity Management Program.  Shield doesn’t just house your plan, it writes a lot of it for you.

...
Continue reading
222 Hits
0 Comments

Trends Dominating Disaster Recovery Industry In 2017

Trends Dominating Disaster Recovery Industry In 2017

More than any other time in the past, today, digital information occupies a very central part in any business, and has become one of the 21st century business’ most valuable assets. For this reason, businesses can no longer stay on the sidelines and watch as their data wiped out when a disaster strikes.

Every effort must be made to ensure digital information is secure regardless of the magnitude of the disaster that hits the business organization. Businesses across various industries have invested quite heavily in Big Data solutions that ensure their digital information is accurate, uncorrupted and up to date.

Preference given to DRaaS vendors

The emergence of Disaster Recovery as a Service has made it possible for businesses to use redundancy protocols to replicate their physical and virtual servers via the cloud as a way of mitigating possible data losses. Given how complex, expensive and time-consuming it is to develop a disaster recovery strategy from scratch, many companies, especially small and mid-sized businesses choose available solutions in the DRaaS niche.

...
Continue reading
429 Hits
0 Comments

5 Top ransomware exploits that you should know

We used to call the Internet the “information super-highway” back in the day, when connections were slow, bulletin boards and gopher were about as techie as it got. Those days are long gone, but something of the ‘highway’ has remained, like a bad smell, one that has come back to haunt us in 2017… The highway robber!

The person who went about their villainy on the trade routes and highways of the world, extorting money and valuables from unsuspecting travellers with a simple threat –– ”your money or your life” –– reinforced of course with the trademark flintlock pistol and sabre.

Today’s highway robber is a lot more sophisticated and savvy. They take far less risk and turn to the latest technology to extort you out of your money by threatening your valuables. In this case your data, your technology and most probably your computing ability.

...
Continue reading
310 Hits
0 Comments

BCP Headaches you can avoid by using KingsBridge Shield

BCP Headaches you can avoid by using KingsBridge Shield

Welcome to the first in our three-part series on business continuity planning headaches and how you can use the KingsBridge Shield solution to resolve them.  Today "BCP plan access" is the focus.  Making sure those that need it have it, while also ensuring that access to sensitive information remains restricted.

BCP Headache - #1 Keeping current copies of the plan in the hands of those that need it. 

Access to a business continuity plan is critical when disaster strikes.  To ensure this, many companies periodically print and distribute their plans to their recovery team members.  A wide plan distribution is great to make sure everyone has the information they need.  There is risk however, when old copies of the plans remain in circulation.

Shield’s web-based solution eliminates the risk of those old, stale copies floating around while ensuring that users have access to the latest and greatest plan information.  All plan changes are immediately reflected in the plan for all users with access to view them.  No need to print and distribute.

...
Continue reading
260 Hits
0 Comments

This Underutilized Group Could Save Your Business in a Crisis

Originally posted on Rentsys Recovery Services' blog.

 

...
Continue reading
272 Hits
0 Comments

Secure Documents with Shield

Secure Documents with Shield

As covered in our last post, Records Management for BCP, one of the most challenging and yet critical elements of your business continuity plan (BCP) is records management. In this follow-up post, we’ll look at how KingsBridge Shield helps you to secure documents that are most critical to your business’ recovery.

Safe and Secure Documents Storage

When it comes to business continuity, documents needed to help recover the business have to be safely and securely stored.  Many of our clients initially put a lot of faith in their IT department’s backups.  They know the data is backed up and therefore feel that having a copy stored elsewhere is unnecessary.  However, backup does not mean instant access.  Recovery of electronic document storage takes time.  Once documents are recovered, user access may be limited due to connectivity with the recovery location.

Shield provides a secure, web-based solution that supports the storage of critical documents independent of your company’s servers.  The Shield mobile application syncs with the web application placing an additional off-line copy of these documents on your phone.  No internet?  No problem.  Your phone will have all the documents you need.

...
Continue reading
408 Hits
0 Comments

OWASP Top 10 - Combating Data Security Breach in Web Applications

Most of the organizations are now developing and using web applications to do their business online. This shift in the style has undoubtedly eased the way to do the business, but at the same time has exposed critical business and customer data to security threats. Recent report of Verizon Data Breach Investigation (2017) suggests that a good percentage of breaches were associated with web applications.

Some of these threats have now been addressed by various automated scanners which provide a robust detection of security vulnerabilities. However, it is still important to understand such vulnerabilities before we can resolve the danger posed.

Open Web Application Security Project (OWASP) is a group that works towards defining security recommendations, specifications, and explanations in key areas. This group was initially created as a project to define testing standards for web applications security. The specialized project concluded that purchase of dedicated software tools can make the web application immune to security breaches. Apart from this, OWASP published and drafted ‘Top 10 Security Vulnerabilities List’ for any web application.

...
Continue reading
356 Hits
0 Comments

Disaster Recovery Planning: Who Needs A Seat At The Table & Why

Whether you’re implementing or just refining your disaster recovery (DR) process, one of the most important things to consider is your team. Depending on the people at the helm, your efforts will either be thorough and coordinated, or incomplete and disjointed. To start off on the right foot, you’ll need to assemble a knowledgeable group whose areas of expertise cover all the necessary bases.

Below is a list of roles that, in our view, are instrumental to the success of disaster recovery planning. Note that in your organization these roles may not be clearly defined yet (there may not be anyone who currently holds the title Disaster Recovery Coordinator, for example), but these roles should be assigned before the process begins.

Key Roles & Responsibilities For The Disaster Recovery Planning Team 

Your disaster recovery planning team should consist of the following:

Management Steering Committee

Executive team members who oversee the process are involved at a high level, which means they may not technically need a seat at the table—but they should be standing in the room. They play an important role when it comes to approvals for things like budgetary issues, policy considerations, strategic direction, and overcoming roadblocks or intradepartmental issues. These individuals might be part of an existing business continuity oversight committee, or form a separate disaster recovery steering committee, depending on the organization.

...
Continue reading
370 Hits
0 Comments