Feed Description

IT Productivity, ITSM, IT Job Descriptions, Sarbanes Oxley, IT Salary Survey, and Disaster Planning News Portal

The Enterprise Strategy Group (ESG) released a white paper in June which states that there is an increase in the number of companies and organizations requiring 24 x 365 days of IT uptime. In fact, ESG research indicates that 36% of enterprises indicate they will incur significant revenue loss or other adverse business impact if they have even an hour or less of downtime on their mission-critical applications.

Almost 15% indicate they cannot tolerate any downtime.1 In the past, this type of business demand was only consigned to a relatively small group. However, many more organizations of all sizes, in all industries and located across the globe, now require applications to be running and data to be always available. The needs of these organizations go far beyond simply recovery, requiring an environment that maintains business continuity during and immediately after a disaster. To make it more interesting, the number and types of applications that require this level of protection is very diverse.

Data-backup software tools create copies of data for safekeeping and store them on different media such as disks or tape, while replication refers to the act of keeping a separate, active copy of data in a separate physical location that can be accessed and used immediately in a disaster-recovery scenario.

Available as software, a hardware and software combination, or a service where a company transmits its data across the Internet to the provider's data vaults, these tools are designed to store data in a compliant manner while providing quick, accurate copies in case of emergency. Many of these backup tools monitor and report on backups across multiple vendors' backup products, therefore easing the auditing process. Encryption plays a big role in these tools, as many industry and federal regulations mandate safeguarding data. Compression and incremental back-up features are designed to save on storage space.

 Active Directory is the gatekeeper to the network resources your employees depend on, so Active Directory is critical to your business. Accordingly, having a reliable and practiced set of recovery strategies is vital. Preparing for a catastrophic event - for example, a hardware failure or physical disaster – is necessary, but so is preparing for "everyday disasters." Problems can arise in the normal course of day-to-day operations from a variety of causes, including:

• Human error -  an administrator might delete an entire organizational unit (OU) instead of a particular user, or accidentally delete a service account, which could affect hundreds of users.
• Unexpected consequences -  an administrator might use a script to set one of the Extension Attributes in Active Directory only to find out that Extension Attribute contained data for another mission critical application that wonÂ’t work anymore because of the changes. The data must be restored as soon as possible.
• Malicious activity - both current and recently-terminated employees, as well as external service providers, might find ways to access your sensitive systems and data, and their knowledge can enable them to cause significant damage.  According to Entrepreneur, "four out of five IT-related crimes are committed from within an organization".  Moreover, CSO Online reports that "inside security breaches affect 49% of companies". Once your network is under attack, it's too late to plan - you need to have your diagnostic and recovery tools in place.
• Viruses -  Viruses can damage Active Directory data, and the replication process propagates those unwanted changes. Anti-virus software, of course, provides protection, but it is critical to be able to respond quickly to viruses that get through.

 
There are seven steps that can be followed according to the Disaster Recovery / Business Continuity Template published by Janco Associates.  They are:

1.       Acknowledge that at disaster can occur

2.       List and prioritize the risks your enterprise faces  from each disaster threat

3.       Inventory your enterpriseÂ’s technology and operational structure

4.       Inventory your enterpriseÂ’s technology assets

5.       Define the necessary service levels your enterprise and its customers need

6.       Develop a plan to operate during and after the disaster

7.       Test the plan that you have created

Colleges and universities across the United States are moving quickly to adopt text messaging as their first line of emergency notification, experts said.

The rush to find ways to send tens of thousands of SMS messages to student cell phones has been intensified becasue all of the recent on campus incidents.

However, these incidents are not the only recent incentive for schools to look for ways to reach their students in an emergency. Other reasons include weather emergencies, especially in the South where hurricane evacuations are almost an annual event.

And, of course, there's the fact that the U.S. Department of Education requires colleges and universities to have the means to reach their students in a timely manner in times of crisis. The question for university administrators has always been what is the best way to notify students, and in many cases, that boils down to e-mail, since virtually every student has a school e-mail account. The problem is, as Virginia Tech found to its sorrow, that e-mail is rarely an adequate solution.

(Computerworld) - As historic floodwaters start to receded along the Mississippi and other Midwestern rivers, local businesses in affected communities like Cedar Falls, Iowa, were busy assessing the impact on IT equipment and whether disaster recovery plans stood the test.

A maker of computer games in Cedar Falls, may be permanently displaced after Cedar River floodwaters reached 6 feet in its administrative offices and 5.5 feet in an adjoining warehouse. The company sustained about $250,000 in damage to inventory.

The firm's president said all 65 employees are now working temporarily in borrowed offices in three facilities.

As the floodwaters approached on June 9, employees scurried to save 120 PCs, 80 monitors and eight servers. Three high-end printers could not be removed in time.

The company plans to revise his disaster recovery plan. "When a river comes up 6 feet higher than it ever has before, it's tough to have that foresight," they said. "But it is probably going to happen again."

A software development company has plans to deal with tornados and electrical outages, but executives never dreamed they would have to contend with the Cedar River surpassing 500-year-flood levels. "Going through this experience [will] make those plans [more] than just part of an IT checklist," he said.

A key lesson learned was that companies must prepare for employees to miss work to help families and communities after natural disasters.

BBC: Environmental groups are campaigning against planning laws they claim will lead to "faceless bureaucrats" taking decisions on major projects. Opponents of the government's Planning Bill say it sweeps away local accountability for developments such as motorways and airports. Instead, they want people to have more say on the decisions that affect them.

The government says planning laws need reform to meet long-term challenges, such as those posed by climate change. The bill, currently going through Parliament, aims to replace the current system of holding a sometimes lengthy and expensive public inquiry each time a major infrastructure project is proposed, such as an airport or a power station.

Â…People living near the proposed projects would have limited opportunities to object. The government argues that the reform is needed to ensure the planning system can "meet the long-term challenges we face as a society."

Â…But the Planning Disaster Coalition, which include Friends of the Earth, the National Trust and the Campaign to Protect Rural England says the change will make a "mockery" of democracy, by taking away the rights of people to have their say on developments in their local areaÂ….

Threre a a number of ways in which an enterpriser can add value in their disaster recovery capabilities. For example, storage vendors are enhancing their replication capabilities, tools for rapid recovery for databases and core applications like Exchange are finding their way into organizations of all sizes, and virtualization has opened new disaster recovery opportunities to a wide range of organizations.

However, before placing the technology cart before the horse, a critical phase in any form of disaster recovery planning and design is to establish a solid understanding of applications and their interdependencies. A good initial step in this process is the establishment of a disaster recovery application inventory.

What should such an inventory include? While requirements can vary depending on the organization, a basic listing should include the following items:

• Application name and description
• Business function -- the business unit or functional area the application supports
• Business process -- the specific business process supported
• Recovery objectives -- stated recovery time objective (RTO) and recovery point objective (RPO) targets for the application
• Known related applications -- this includes both applications that act as sources and targets in the business process
• Server details -- a list of the actual servers, both physical and virtual, on which the application resides, along with configuration details
• Storage details -- the actual storage devices and logical unit numbers (LUN) allocated to the servers
• Software requirements -- specific information about the software
  

Disk-based vs. Tape Backup: The Pros and Cons All organizations use tape to back up data nightly. Tape is fairly inexpensive and low-tech, but managing and administering tape, backing up to tape and restoring files from it can be time consuming, unreliable and complex. Disk has always been an easier, more reliable alternative, but until recently its high acquisition cost has made it untouchable for many organizations. Fortunately, new disk and data reduction technologies have recently converged to make disk-based backup available at about the same price of tape backup systems.

Consider the Herculean efforts today to protect the network from threats: Intrusion prevention systems scan packets for potentially damaging content; email security systems check for viruses in email content and firewalls block unsolicited connections. To stop the onslaught of threats to corporate and government networks, a host of software and appliances are being deployed daily . In general, these border police applications are doing a fairly decent job of stopping unauthorized intrusion at the door to your network.

But what about organizational insiders? Which applications or appliances are scrutinizing the information being passed out of the network? Intrusion prevention systems and firewalls aren’t looking for intellectual property sliding out the door right under their virtual noses. Specifically in healthcare organizations, what about patient information sent unprotected over the Internet to another provider? Add in the always-changing regulatory environment, and security is a unique challenge. All it takes is one misstep to compromise sensitive information. These are legitimate, authorized users communicating in an above-board way – but potentially exposing sensitive data in the process. This is the core of the immensely complex problem of data loss.

To address the data loss problem, organizations need to focus now on content filtering and blocking of electronic communications leaving the network – and not just email, but instant messaging (IM), webmail, HTTP and FTP communications as well . All avenues of electronic communication need to be policed to prevent intellectual property, financial information, patient information, personal credit card data, and a variety of sensitive information (depending on the business and the industry) from falling into the wrong hands.

The global enterprise has a voracious appetite for data, and little patience for downtime. According to a recent Forrester report, 82 percent of larger IT organizations rated improving recovery time as a “critical” or “very critical” business priority. The need for continued focus and investment is clear, especially when you consider that data-at-rest in enterprises is growing at a compounded rate of 55 percent a year. Moving all that data is a mounting challenge, and business simply cannot wait.

To meet these growing demands at a reasonable cost, organizations are moving to IP-based networks; 70 percent of North American and 79 percent of European organizations use some combination of the Internet, MPLS or Ethernet to connect to their primary backup datacenter. Bandwidth prices may be in decline, but that doesnÂ’t mean it comes cheap. Bandwidth, on average, is 29 percent of the total cost of replication, backup and recovery solutions, and is often constrained by the effects of latency.

End-to-end plans for turning disaster recovery into full business continuity are very complex, but from an IP-network perspective it can be reduced to three main challenges.

Disaster plan need to take into account mainframes, blade servers as well as distributed file servers.  The problem is more complex as enterprises slowly move away from IT and Business alignment towards IT and Business convergence.  For example, 3mMainframes continue to hold their own against the onslaught of distributed server architectures, not because they are considered superior to newer technologies but because they still have a unique role to play in the enterprise. Recent market research indicates that 90 percent of mainframe users see the devices as long-term data hub and transaction server solutions fully suited to expected future workloads, particularly in SOA and Web services endeavors. Distributed servers, meanwhile, are likely to appeal to specialized shops with low MIPS requirements.

 (Computerworld) The deadly shootings of 32 people by a lone gunman at Virginia Tech one year ago on Wednesday galvanized college campuses nationwide, leading to a surge in new mass emergency communications purchases -- especially wireless text messaging technologies.

University police and IT and communications professionals from around the nation said in recent interviews that the killings of Virginia Tech students and faculty on the Blacksburg, Va., campus by gunman Seung-Hui Cho led to a buying spree of new communications technologies and services. The goal was to bolster the capabilities of existing e-mail and voice-mail systems, as well as outdoor sirens.

The Virginia Tech shootings heightened our awareness of additional ways to disseminate crucial information -- including the use of text messaging because of its popularity with college students, said the president-elect of The Association for Communications Technology Professionals in Higher Education (ACUTA) and an IT professional at Columbia University in New York. a flurry of activity has ensued in the past year, she added, with both large and small colleges evaluating their emergency communications needs.

One of the best ways an IT professional can ensure effective data protection for his company is to first understand the trends and best practices of his peers. The pressures driving organizations to develop specific data protection strategies are unrelenting.

Consider that the majority of your data, between 80 to 90 percent, resides on file servers. Now think about how you are controlling access to those shares. Most organizations find themselves with overly permissive access controls. Employees join and leave the organization frequently, and roles, responsibilities and project teams change quickly as well. All this leads to more access permission granted than revoked, since it is nearly impossible to manually keep up with the changes. The result is that most folders on file shares are oversubscribed in terms of access by well over 70%. By fixing broken access control to your file servers, you can significantly reduce the probability of data misuse in your environment.

Any program to reduce the probability of data loss and misuse has to start with rightful and warranted access controls. Ensuring that only the right people can get to the right data at all times not only reduces the odds of misuse, it also makes any subsequent safeguards and loss prevention techniques more cost effective and pragmatic to deploy. Consider a folder containing confidential data. If it is open to everyone or to a large number of individuals then (1) anyone can access and misuse the data, and (2) access by everyone must be monitored and audited – which is not a realistic undertaking. Alternatively, limiting access to those who actually need the data, and reporting on their access patterns, is realistic and a practical way to ensure that data access permissions are not abused. more info

Most organizations use tape to back up data nightly. Tape is fairly inexpensive and low-tech, but managing and administering tape, backing up to tape and restoring files from it can be time consuming, unreliable and complex. Disk has always been an easier, more reliable alternative, but until recently its high acquisition cost has made it untouchable for many organizations. Fortunately, new disk and data reduction technologies have recently converged to make disk-based backup available at about the same price of tape backup systems. more info

Business and market changes of the new global economy coupled with the explosion of digital media have made obsolete the traditional methods of tape backup/restore for corporate disaster recovery (DR). Advances in business continuity technologies, heavier reliance on information technology (IT) systems to meet competitive e-commerce needs, and regulatory legislation are forcing top executives to reformulate their DR solutions. DR planning is not insurmountable, however. Organizations can utilize new standards, methodologies, services, and technologies to create viable DR and business continuity solutions at marginal cost.

Vista SP1 is already available to subscribers to the Microsoft Developer Network (MSDN) but will not receive a formal public release until mid-March. Two weeks ago, Microsoft published a list of programs that would experience reduced functionality, or not work at all, after the installation of SP1. Microsoft customers have also been complaining that the update has upset the functionality on their machines.

The programs SP1 has been breaking are mostly from security vendors. The incompatabilities will add additional layers of complexity on enterprises that have Vista along with machines that were ourcahsed wtihout Vista.

Successful Disk-to-Disk (D2D) Backup of an organizations data is its lifeblood, and protecting that data is a strategic activity for information technology professionals.

Backup is no longer a tactical housekeeping issue; it has become the focus of risk-management strategies that encompass data availability, data retention, compliance, data discovery, and data security. Assessing the wide array of D2D options can be daunting.

(eWeek)  Disaster recovery, security, business application services and hosted infrastructure topped CIOs' most-wanted lists. Disaster recovery and business continuity topped the list of CIOs' must-haves, while business application services and hosted/outsourced infrastructure rounded out the top of the list, compiled from Channel Insider research.

Backup, disaster recovery and business continuity are the services CIOs most want from solution providers, up 4 percent over last year to 21 percent, the research showed.

The CEO of Connecting Point, said from his perspective the increase was driven from the SMB (small and midsize business) side by new technology advances and increasing concerns about natural disasters as well as internal security threats. Especially from an SMB perspective, a total solution that protects all their assets hasn't been available until now. Some statistics show that as much as 80 percent of an SMBs assets are data, and that if that data were lost, breached or compromised it could mean the loss of the entire business.  Technology overall has just evolved in leaps and bounds. It's almost like a hungry monster that needs to be fed. But with technology evolving so quickly and data assets accruing at an alarming rate, security products and strategies were often left playing catch-up.

He added many SMB owners are not tech savvy enough to understand the technology needed for a total security solution. While many SMBs had auditors and staff responsible for monitoring financial and accounting records, that type of security service wasn't performed on the technology side. Who is auditing the data security, the technology portion of their company?

Business application services were second on the CIOs must-have list, at 18 percent, research showed.  Services that develop, install and maintain business applications, including software packages, software systems and even SAAS (software as a service), continue to be hot.  Many companies lack the resources to implement and maintain complex software packages, and prefer to save money and energy by finding a solution provider to handle that aspect of their business. The increased security and availability are an added bonus a solution provider can offer.

The president of the Utility Company, an outsourced IT provider, said business applications, especially hosted or outsourced applications, are a big growth area. For SMBs this is already happening with emerging models like software as a service and managed IT services. 

Though IT as a service dropped 2 percent from last year, it's still close to many CIOs' hearts, with 18 percent of the respondents saying they are looking for these services from their solution providers.  Unlike most other technology trends, this one started with SMBs and will "trickle up" into the enterprise. At the enterprise level this trend will evolve more slowly because companies have invested money and resources in on-site data centers and infrastructure that they find tough to get rid of, he said.

Some predict a hybrid model will evolve, whereby enterprises may choose services such as network management and slowly transition to a fully outsourced IT.  The fact is, the Internet is a high-powered, ubiquitous computing grid that can deliver the most complex technologies as a utility. This movement is inevitable and unstoppable.

RSS News Feeds

- IT Productivity Center

- Janco

- ejobdescription

- psrinc

- IT-Toolkits

Other News Links

CTO Toolkits.com
e-janco.com
IT Productivity.org
IT-Toolkits.com
ejobdescription.com
psrinc.com
psrorders.com
newsgroupworld.com
ntcity.com
disaster-planning-template.com
disaster-recovey-planning.org
disaster-recovery-planning.com
disaster-recovey-planning-template.com

©  2001 - 2008 Janco Associates, Inc. - ALL RIGHTS RESERVED --  Revised: 06/10/08.