Preparing for Disaster

Similar documents
Fordham University BCP / DRP Lunch. Lunch

COMMUNICATION AND DISASTER RESPONSE. Denise O Shea Montclair State University

DISASTER PREPAREDNESS Guide & Template

Technology Planning Simplified

Voice Services. Your voice disaster recovery plan

18 Questions You Should Ask Your Computer Consultant Before Hiring Them To Support Your Network

About Us. Under one roof. Why work with us? The A (to Z) team. Awards & associations

Business Continuity Overview

UReady FAQs. 1. How do I access the UReady Continuity Planning tool?

6 Key Elements of Successful DRaaS

Online Services Help Software Firm Affordably Access Enterprise-class

LEVERAGING TECHNOLOGY TO OPTIMIZE CONTINUITY AND RECOVERY

IT Alignment and The Cloud. How Cloud Computing Can Help Your Organization s Technology Management

CISSP Certified Information Systems Security Professional (CISSP)

Cloud is about how you do computing, not where you do computing. - Paul Maritz, CEO of VMware

Roger Peters Founder, Continuity Onward, Inc

2018 Invenio IT SIMPLE STEPS. 20 tips for. to developing a solid business recovery plan. Created by. Invenio IT 2018

Guide to Business Continuity and Recovery Planning

10 Steps to Preparedness

Business Continuity Advice. Loss of premises

Reinventing the IT War Room:

University Systems Desktop Support Service Level Commitment

Position Description. Senior Systems Administrator. Purpose and Scope

Business Continuity Through Planning, Prevention and Preparedness. READINESS RESOURCES

Business Continuity Through Planning, Prevention and Preparedness. READINESS RESOURCES

The Outsourced IT Hiring Guide

TOP 9 TECH CHALLENGES FOR NONPROFITS + SMALL BUSINESSES

Disaster Recovery Planning

Yale University Business Continuity Planning Quick Start Guide

Costpoint 7 Employee Instructions Vighter Medical Group, LLC

FREE REPORT: 5 Critical Facts Every Business Owner Must Know Before Moving Their Network to the Cloud

Part IV: Developing an Extended Network Enterprise Part V: Obtaining Value beyond the Basic Enterprise

How Your Business Survival Depends On Disaster Recovery.

How to Choose a Managed Services Provider

SAIT TDC ORIENTATION PACKAGE

Loyola University Maryland Business Continuity Planning - FAQ

NTT DATA Service Description

This topic focuses on how to prepare a customer for support, and how to use the SAP support processes to solve your customer s problems.

How to disasterproof critical. business data. 5 steps for keeping systems online and accessible in any scenario.

INTRODUCTION BENEFITS. Cathye Pendley, Vlamis Software Solutions, Inc. EMPLOYEE COMPANY

Cloud Failover Appliance

Negative Branch Reservation Template

LS Nav 2018 and the road ahead Webinar Q&A

Proven Strategies for Overcoming Business Continuity Challenges for Healthcare Organizations

PDSA Special Report. Why Move to the Cloud

GUIDE TO CONTINUITY PLANNING

1/8/2015. Learning Objectives. Why have a plan? Emergency Preparedness, Business Continuity, and Disaster Recovery. Can you anticipate the unexpected?

Abraham E. Binder MA, ABCP York University Disaster & Emergency Management Program

Business Continuity and Disaster Recovery Overview

Session 608 Tuesday, October 22, 2:45 PM - 3:45 PM Track: Industry Insights

RELIABLEIT. How to Choose a Managed Services Provider. Finding Peace of Mind

Our Solution: BizNet Total Network Care System Overview

5 BEST PRACTICES FOR ONBOARDING NEW CUSTOMERS ENTER EBOOK

Pulling up the Roots: a Guide to Corporate Relocation

EMERGENCY OPERATIONS PLANNING AND CONTINUITY OF OPERATIONS

Microsoft Dynamics GP. Personal Data Keeper

Cloud Adoption: An Office 365 Case Study. How Our IT Department helped a leading Recruitment Company make the successful switch to Office 365

HOW YOUR CAREER BACKGROUND CAN HELP YOU BECOME A BUSINESS ANALYST

Support Services Policy for Access Education including Success Plans

Table of Contents. Autotask Metrics That Matter 2

Continuity of Operations (COOP) For EMS Agencies

Business Continuity Training and Testing: Narrowing the Gaps

New Technology: Mission Impossible?

Essential Records Webinar

Bucks County Free Library Job Description

THE ART OF DELEGATION

Basic IT Bundle Service Level Expectation

The Evolved Call Center

Your Complete ERP Solution

Mark Hance, IBM Lynn Coke, IBM Technical Solution Architect

Creating an Actionable Disaster Recovery Plan

The Disaster Experience: Putting Business Continuity to the Test

Dynamic IT Disaster Recovery Plan

1 P a g e. IT Tailored to Your Needs

Operational Level Agreement: SQL Server Database Incidents and Requests

IT Service Catalog College of Arts & Sciences

Playbook: Leadership Communications

OFFICE 365 MIGRATION.

Modernizing your Investment Running Oracle Hyperion Enterprise on the Cloud

Disaster Recovery Service Guide

Drive Your Business. Four Ways to Improve Your Vendor Risk Program

Trade and Logistics II. Microsoft Dynamics AX 2012

Top 10 Mistakes Made During a Disaster

USING FREVVO S CLOUD FOR SECURE APPROVAL WORKFLOWS

ShakeOut Drill Scripts For Businesses and Organizations

Paying Lip Service to Business Continuity. Paul Koufalis, White Star Software

Capacity Management - Telling the story

An Engineering Firm s Guide to IT Support Services and Fees

Carahsoft End-User Computing Solutions Services

Make the most of the cloud with Microsoft System Center and Azure

The Incident Management process consists of seven procedures for handling support requests.

How Configuration Management Systems Deliver Change and Compliance

UNIVERSITY OF HOUSTON

Campus Service Level Agreement

THE DEFINITIVE GUIDE TO DISASTER PLANNING

Staying Alive: The Definitive Guide to Business Continuity and Disaster Recovery for Small Businesses

SUCCESSFUL CRISIS MANAGEMENT FOR YOUR ORGANIZATION. by Regina Phelps, Founder, EMSS Solutions

Staying Alive: The Definitive Guide to Business Continuity and Disaster Recovery for Small Businesses

Questions and Answers. For. NETWORK Services RFP #

Information Technology Division Service Level Agreement (SLA) Description and Process

Transcription:

Preparing for

Preparing for We will use the term disaster very loosely during this session. Immediate, short-term displacement Building evacuation. On-Site event. Immediate, long-term displacement Building fire, Train derailment Upcoming, long-term displacement Flood, Zombie Infestation, Building Construction Each category has different expectations, different preparations, different responses.

Preparing for Planning rarely is a plan that is only put in place by executive or leadership. All levels of employees will be involved in a disaster, so they should know what to expect. Think about the forest, not the trees Don t put extremely specific procedures or items in your plans. Many of these items often change and won t be updated before your disaster happens.

Preparing for Preparedness Business Continuity Avoidance Recovery

Define the stage Preparedness Business Continuity Avoidance Recovery Preparedness is where you help define all the things you need to know to avoid or recover from a disaster. Who knows what Who has access to what Who can make decisions Who can execute decisions or procedures How do you prioritize How do you go back to business as usual?

Define the stage Preparedness Business Continuity Avoidance Recovery Business Continuity is where you keep your business open while a disaster is or recently has happened Communication to customers Communication to employees Communication to other constituents Internal processes and activities

Define the stage Preparedness Business Continuity Avoidance Recovery Avoidance is the plan to avoid a disaster to begin with. Not always possible, but there are ways to help mitigate the effects of a disaster.

Define the stage Preparedness Business Continuity Avoidance Recovery Recovery is the process of picking up the pieces and re-building after a disaster has happened. THIS is where you would think of server logins, passwords, connections, and $$ to recover.

Preparedness The initial step of any DR/BC Plan is to build a catalog of who knows what, and who can do what in your department. May seem obvious, but may not always be. You cannot base this on assumptions. Bob does all of our Microsoft stuff, so he must know how to re-configure our Exchange server! Involve the employees on all levels. May help to schedule a short meeting with them to dig into the process.

Preparedness Things to think about : How servers are setup. How the networking works. How the security of the network/servers/desktops is setup. How to access specific applications. How to access critical documents and reports (remotely?) How to access policies and procedures (like your DRP!) How to access a list of vendors or other employees that have knowledge of your systems.

Preparedness Access. Who has it, and who needs it? Limiting access to servers and services to a single person may make sense for PCI-DSS, but it can be a big failure in a DRP. In a SECURED document, you should document who has access to each server and service. Think of everything that requires a login. If only one person has access, it may be good to assign an auditable backup person incase that person becomes unavailable. Do these people have the resources to access the servers or services remotely, or must they always be on site? What happens if on-site is not available?

Preparedness Who can make decisions? Do you delegate decision (and/or) purchasing decisions to the employees doing the work? Do you require a two-key approach for everything? If so, can you could on two-keys being available? Documenting and making it clear to everybody who has decision making abilities during a disaster is key. Belongs in the DRP. It needs to be made clear that this person is made available to make these decisions. They would be an essential employee.

Preparedness Executing decisions and procedures is often left to the employees who are most familiar with the servers or services they usually maintain. This could also fall to a vendor. Make sure the vendor is aware that they are listed in your DRP. Make sure you don t assign too many services/servers to a single person (or group of people). Some employees are more than happy to jump to the task, but may perform poorly if they have too much on their plate. Document who is responsible for the work.

Priorities Knowing how to prioritize is key in a disaster. Having a clear priority list documented without being under duress will make transitions smoother. During a disaster you will often run into situations where one group is screaming louder than others for service to be restored. Don t fall into this trap of only serving those squeaky wheels. Have a technical review of priorities. Sure, email is most important, but it may rely on the network to be up

Transition to Normal You will need to document how to transition back to business as usual from your disaster mode. Don t wait for everything to be back to normal having a hit list of things that need to be taken care of is ok. ALWAYS have a debrief and a lessons learned. Larger disasters should include not only internal staff, but external constituents as well. Ask the question what can we do better. Modify your DRP with the responses.

Business Continuity

Business Continuity After the initial assessment of the disaster, questions should be asked: What and how do I communicate with my employees? What and how do I communicate with my customers? What and how do I communicate with my constituents? How do we continue to do the work that is expected of us? How are these groups USED to communicating with you?

Business Continuity Employee Communication Every supervisor should have a way to communicate with their employees. Every employee should have a way to communicate with their supervisor. Email may not be enough (is it up?!). Know home and cell phones. Ask during the yearly review process to update this information. Be honest and precise to what is going on. No PR needed in internal communications. Early and often. Employees should be the first to know of a disaster. It s ok to tell them to hold the info from others.

Business Continuity How do customers normally communicate with you? Email? Make sure your email is hosted in a reliable place and you have access to it. Backup mail server hosted in a secondary location? Does it work for outgoing email? Phone calls? Do you know how to answer calls from a remote location? Call forwarding, EC-500, remote agent logins, etc. are all things to think about. In Person? Do you have a way to communicate that appointments can t be meet, class canceled, or anything else? Phone / Email / Texting is key here.

Business Continuity When dealing with customers, don t assume that they always communicate with you (or your employees) the same way. Actually survey your customers and find out how they want to know about disrupted services. Every group deals with customers in a different way. This can t be a universal answer. Ask for help for pre-canned messages from CABS that you can modify on the fly.

Business Continuity Internal processes and activities Do all of your employees have access to the data they need remotely? VPN, ALG, Phones, Remote Desktop? Do you provide laptops, or is the assumption that employees use their own? Do all essential employees have internet access? Access to services remotely? Have you practiced accessing services remotely? Good idea to designate a day where employees work from home (telework). Do this on a regular basis will work out the kinks.

Business Continuity Do your employees know what they would work on while at home? Add this to your communications. CAN they accomplish this from home? What are goals and expectations when you can t see them work? How do you classify a day as productive? Have employee write a short report of what they did that day. Maybe their work speaks for itself Real-time communication is key. Phone, IM, (IRC), Email should be available to employee.

Business Continuity Telecom Business Continuity Offerings: EC-500 (Link cell phone with desk phone) One-X Communicator / Avaya Communicator (Answer personal phone remotely) One-X Agent (Answer agent calls remotely) $$ Remote Call Forwarding (Answer incoming calls to a single phone line) VDN Variables (setup a variable to do different call flows in a disaster) See these options in the booths during lunch.

Avoidance

Avoidance Won t go into this in much detail Plenty of resources and common sense Multi-data centers Don t have your data-centers below grade. Double up on power-supplies, going to multiple UPSs, going to multiple breakers RAID your drives. Use a MAS that can locate in multiple DCs Use Hyper-visors like VMWare, Zen or Hyper-V to make hardware issues less important.

Recovery So, you ve had a disaster. BC didn t work, or you need to rebuild Take a look at section 1 that should have started the template to recover. BUT you will need additional details. Take a look at NIST-800-34. Requires that you know system well and all the moving parts. Need to get into details like version numbers, port numbers, user assignments, etc. System Diagrams! Don t store these on the file-system you plan on restoring

Recovery Plan of attack. Again, set your priorities ahead of time, and execute For the managers, depend on your employees to give updates to you. Don t ask every 10 minutes. They will tell you when services are back. As your plan starts, prepare your reports for funding. Purchasing has an avenue to get emergency funding and POs released quickly to replace hardware. Keep track of hours related to recovery. Know the emergency contacts for your venders.

Recovery People to know : Your purchasing agent. Key people at IT Services (for networking related recovery). If you have an SLA, know how to execute it. Get to know Scott Bryan. He s the DRP guy at IT Services C-Store contacts for servers / desktops / licensing Contacts within CABS for communications

Scared yet?

Summary Plan, Plan, Plan Test, try, and document. Get feedback. Plan for the next incident.

Thanks! Nick Kwiatkowski nk@msu.edu Call/Text: 517-432-2528

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback