Pandemic Planning for Business Continuity
Business Continuity Planning (BCP)
Disaster Recovery Planning (DRP)
Binomial International
| HOME | Software | Seminars | Consulting | Resources | Newsletter | Bookstore | Contact Us |
|
|
Pandemic Planning for Business Continuity
Business Continuity Planning (BCP)
Disaster Recovery Planning (DRP)
Binomial International
|
|
||||||||
| ||||||||||
![[Home]](http://www.binomial.com/bookstore/b_home.jpg)
![[Catalog]](http://www.binomial.com/bookstore/b_catl.jpg)
![[Category]](http://www.binomial.com/bookstore/b_catg.jpg)
![[Previous Item]](http://www.binomial.com/bookstore/b_left.jpg)
![[Next Item]](http://www.binomial.com/bookstore/b_right.jpg)
![[Checkout]](http://www.binomial.com/bookstore/b_chkout.jpg)
![[Review Cart]](http://www.binomial.com/bookstore/b_review.jpg)
![[Button]](http://www.binomial.com/bookstore/ordrinfo.jpg)
The Binomial Bookstore
Rothstein Associates Inc.
IT Disaster Recovery
SPECIAL OFFER: SAVE $15.00!
GO.RECOVER-DATA CENTER: DATA CENTER DISASTER RECOVERY PLAN ON CD-ROM by PERSSON ASSOCIATES plus DISASTER RECOVERY PLANNING: STRATEGIES FOR PROTECTING CRITICAL INFORMATION Second Edition by Jon William Toigo ================================== ================================== GO.RECOVER-DATA CENTER: DATA CENTER DISASTER RECOVERY PLAN ON CD-ROM by PERSSON ASSOCIATES - - - - - - - - - Published by Rothstein Associates Inc. In stock for immediate shipment! - - - - - - - - - GO.RECOVER-DATA CENTER is a complete, easy-to-use and understand Data Center Disaster Recovery Plan Development Methodology and Template for the Information Technology Infrastructure. Each chapter addresses a plan development topic and provides the necessary instructions, worksheets (for data collection), plus additional hints and suggestions. - - - - - - - - - “I like your document. It is very straight forward and clear without all the fluff of some of the other offerings I have seen. We will be able to use this right out of the box.” - Terry Thornton, Principal RT Global LLC - - - - - - - - - - 10 comprehensive, plan development chapters - 40 formatted, pre-defined data collection Worksheets - A total of 114 pages - Microsoft Word format. - - - - - - - - - BENEFITS - Easy to use, - Easy to read, - Easy to understand - No special software is needed. Only a PC and MS Word (or other word processor) software are needed - Presents plan development in a logical progression following 10 specific chapters - Makes data collection easy by including worksheets that are ready to fill in - In all, 40 specific data collection Worksheets make the job of building the plan document faster and easier - Extremely low-cost alternative to plan development. - - - - - - - - - COMMENTS ABOUT GO.RECOVER-DATA CENTER “Extremely easy to use. We simply loaded the CD and started filling out the worksheets. And, we were able to add our specific information as we went through the process without a problem.” “It was laid out in a logical sequence of tasks to complete. It was like a "By the Numbers" approach.” “One chapter at a time allowed us to focus on specific tasks and to see progress sooner.” “The low price attracted us to the product and we got more than we really expected. Great value!” - - - - - - - - - GO.RECOVER-DATA CENTER is targeted for use in developing a disaster recovery plan for small, medium, and medium/large Data Centers. It addresses all of the components (i.e. Infrastructure) that need to be in place for a recovery to take place at an alternate location. Most recovery efforts (initial disaster recovery plans) must start with this plan. Without the infrastructure in place, it is difficult to implement a recovery effort that would be able to provide service to the end users of the data center technology. - - - - - - - - - INFORMATION TECHNOLOGY INFRASTRUCTURE Most data centers contain numerous technology components. For example, CPUs, Disk, Tape, Communications (LAN, WAN, Voice), data networks (lines, hubs, routers, etc), Database software, Servers, PC's, Operational software packages, Application Packages, Internet services (eCommerce), etc. All of the technology components that are needed in order to implement an operational computer service can be thought of as the “I/T Infrastructure.” - - - - - - - - - CONTENTS 1. IDENTIFY RECOVERY LEADERSHIP TEAMS Chapter 1 starts the plan development process by clearly identifying who is on each team and how they can be contacted. This helps identify responsibility as the plan development process is started. It also provides for the other teams that will be required. - Worksheet 1.1 = Recovery Leadership Team - Worksheet 1.2 = Detailed Recovery Teams 2. DOCUMENT EMERGENCY & NOTIFICATION STEPS Chapter 2 shows examples of all of the emergency documentation and notification procedures needed to insure the proper protection is in place. - Worksheet 2.1 = Immediate Emergency Tasks - Worksheet 2.2 = Local Emergency Services - Worksheet 2.3 = Company Personnel Call List - Worksheet 2.4 = Vendor Call List - Worksheet 2.5 = Escalation Procedure - Worksheet 2.6 = Damage Assessment Summary 3. IDENTIFY PLAN SCOPE AND ASSUMPTIONS Chapter 3 is required in all DR Plans. It is absolutely critical that each plan document contains a statement of scope and objectives. What the plan covers along with what is not covered must be documented. - Worksheet 3.1 = Plan Scope - Worksheet 3.2 = Plan Assumptions 4. INVENTORY COMPUTER EQUIPMENT AND SOFTWARE Chapter 4 helps collect the required documentation by providing easy-to-use worksheets. Each is formatted for immediate use and contains helpful pointers. This provides the base-point and analysis steps to identify the required recovery components. - Worksheet 4.1 = Computer Equipment - Worksheet 4.2 = Operating System Software - Worksheet 4.3 = Application Software - Worksheet 4.4 = BIA - Business Impact Analysis - Worksheet 4.5 = List of All Applications - Worksheet 4.6 = Critical Application List 5. INVENTORY NETWORK & LAN EQUIPMENT AND SOFTWARE Chapter 5 continues the data collection tasks into the network and LAN area. Once again, easy-to-use, formatted worksheets are included. - Worksheet 5.1 = Data Communications Equipment - Worksheet 5.2 = Voice Communications (Optional) - Worksheet 5.3 = PBX Documentation (Optional) - Worksheet 5.4 = Procedure to Redirect Communications Circuits - Worksheet 5.5 = Backup Network Schematic 6. DOCUMENT THE RECOVERY ENVIRONMENT Chapter 6 assists each plan developed with preformatted worksheets to document what is required at the recovery location. The included worksheets constitute the recovery environment. - Worksheet 6.1 = Recovery Equipment Requirements - Worksheet 6.2 = Production Network Schematic - Worksheet 6.3 = Recovery Network Schematic 7. DOCUMENT OFFSITE STORAGE REQUIREMENTS Chapter 7 focuses on one of the absolute critical areas in every recovery plan, off-site storage. This plan also includes a way to audit what is stored off-site. Keep in mind, recovery is difficult or impossible without the proper data, forms and procedures stored offsite. - Worksheet 7.1 = Vital Records Inventory - Worksheet 7.2 = Offsite Storage Audit Table for Data Backups - Worksheet 7.3 = Offsite Storage Facility Checklist 8. DOCUMENT ALTERNATE SITE Chapter 8 helps document where the recovery effort will be done. This is usually referred to as the alternate site. There are a number of alternatives that may be evaluated. This plan shows each one and helps define the best fit. - Worksheet 8.1 = Current Facility - Worksheet 8.2 = Site Floor Plan (Optional) - Worksheet 8.3 = Alternate Site Options - Worksheet 8.4 = Alternate Site Analysis - Vendor Evaluation Checklist 9. PLAN TESTING AND PLAN MAINTENANCE Chapter 9 includes two of the most overlooked areas, plan maintenance and plan testing. It is absolutely paramount that the plan address these in some degree of detail. This plan includes a comprehensive set of worksheets to select and implement a logical test approach and maintenance process. - Worksheet 9.1 = Activation Preparation Checklist - Worksheet 9.2 = Test Steps - Worksheet 9.3 = Draft Test Steps - Worksheet 9.4 = Test Results - Worksheet 9.5 = Maintenance Checklist 10. IMPLEMENT OPERATION RESTORATION Chapter 10 actually provides the set of steps (to be customized to fit each specific plan) to activate a recovery effort at an alternate location. It also includes an often forgotten plan element, how to return home after the primary site is restored. - Worksheet 10.1 = Basic Restoration Steps - Worksheet 10.2 = Alternate Site Operation Steps - Worksheet 10.3 = Return to Primary Site - Worksheet 10.4 = Reference Recovery Procedure List - - - - - - - - - DETAILED PROJECT WORK PLAN GO.RECOVER-DATA CENTER also includes a detailed project development Work Plan. The steps to complete the plan are laid out in a logical, orderly manner. Each step provides a brief description along with a reference to the required worksheets. It makes the task of organizing the project simpler than ever. - - - - - - - - - Many people faced with the task of developing a disaster recovery plan have a number of questions and frequently a number of fears about the project. "How do I know if I'm covering all the right tasks?" "Where do I begin and is there an order to the required project steps?" "Are there any analysis steps that could change the results of the recovery effort?" "This is all new to me and I really don't know what the end product should look like". The good news is that Disaster Recovery Planning (DRP) is a very logical, straightforward "Process". The steps, once presented, fall into a definite sequence of events, analysis points, and development tasks. This product, GO.RECOVER-Data Center,, is a step-by-step guide to developing a DRP. In terms of an overview, which is always helpful to start with, the process can be outlined as follows: " One of the first tasks is to simply identify the personnel that will be included in the DRP process. These are usually the people responsible for the computer Operations, Network, Applications, and a few more (Facilities, Security, and often key vendors). A number of these people form the Recovery Team. " Once the team is identified is it always a requirement to make sure the basic precautions and emergency procedures are known and included in the DRP. This would include emergency evacuation steps, notification procedures, escalation procedures and a process to assess the damage. These constitute the next set of tasks in defining the DRP. Safety of personnel is very important and a good plan includes the necessary procedures. " Following the personnel identification process and emergency steps documentation, the next step is to set the project scope and establish the assumptions. These are necessary to be sure the expectations about what the DRP will cover are well documented and known. This is usually a fairly quick process. Often, the initial scope is simply the computer center. Later, once this is competed, the scope can be expanded. " No DRP can be completed without a very thorough and complete inventory of the installed computer hardware, software, and applications. This inventory step serves to make sure the complete environment if known and documented. For Insurance purposes it is mandatory in order to recoup any loss. From a recovery standpoint, it is a basis on which to determine exactly what components are required to backup the mission critical applications. It is in effect a straightforward inventory step with some degree of analysis to determine which applications are critical. " The following next tasks move on to the somewhat more complex "Network" inventories. The network components are often viewed as complex and difficult to understand. In order to make the tasks easier; a set of specific worksheets is included. They can be discussed with the people that have the network experience (and/or with specific vendors) in order to document what components are in place. This includes the LAN (Local Area Network) and WAN (Wide Area Network) components. " Based on the above steps, the next logical task is to identify what the "Recovery Environment" will include. This actually is a list of all components needed to support a recovery effort for the critical business applications. " Moving along, the next task is to make sure that all of the necessary data is backed up and stored offsite (often at an Offsite Storage Vendor). It is often said that any recovery effort becomes impossible without the proper data and software to restore to. What the task involves is simply to evaluate the current backup process (daily, weekly, monthly, etc) and make sure copies (usually on tape or cartridges) are sent off for safekeeping. " Once the recovery environment is known (defined in the DRP) the next step is to fit the proper alternate site strategy. This involves evaluating how closely the alternate site strategy can provide recovery to meet the critical business applications requirements. The traditional alternate site options include a Hot Site, Cold Site, internal location, outsourcing, and more recently a mirrored location (redundant facility and equipment, ready to process quickly). The matching process simply evaluates the required recovery time (for example, 24 hours) against the alternate site solution (Hot Site). Once that is done the costing and funding process can be started. " After the decisions are made, the alternate site is selected the actual restoration tasks (Operations Restoration) can be developed. These are the specify tasks which each team member is expected to carry out at the time a recovery effort is required or during the testing of the DRP. These can be thought of as a checklist of tasks. " Finally, the process of developing a DRP must include a Maintenance Process. This is absolutely required or the DRP will fall into obsolescence due to lack of updates. If the DRP becomes out of date (a year old) the possible chance that it will be effective at a recovery event is very small. The data and contents simply change too fast. This brief DRP development description should set the stage for a smooth plan development process. In the end it is a very logical process, one containing a specific set of steps that build on each one in sequence. Once again, welcome to GO.RECOVER-Data Center. - - - - - - - - - EXCERPT FROM THE PLAN DEVELOPMENT PROJECT WORK PLAN Task Worksheets to Complete Read through entire Methodology (takes 2 hours) None Identify project team and recovery teams 1.1, 1.2 Review and customize emergency and notification steps 2.1, 2.2, 2.3, 2.4, 2.5, 2.6 Review, discuss and finalize plan scope and assumptions 3.1, 3.2 Circulate final scope and assumptions to team and project sponsor for confirmation 3.1, 3.2 Inventory computer equipment and software and applications 4.1, 4.2, 4.3 ...etc. - - - - - - - - - THE GO.RECOVER-DATA CENTER PLAN DEVELOPMENT APPROACH: Each Chapter is very structured in approach. An opening page in each chapter spells out the following: A. Objective B. Purpose C. Directions D. Comments E. Supporting Documentation Each of these sections contains easy-to-follow text instructions and comments. In addition, each data collection Worksheet is referenced and is included following page one of each chapter. A sample follows. - - - - - - - - - A SAMPLE OF HOW EACH CHAPTER IS STRUCTURED: Each chapter contains specific instructions on what must be done, what worksheets to fill out, and what must be included. The following is a sample of how each chapter is laid out. A sample of one of the data collection Worksheets is also attached. In total, there are ten Chapters and forty Data Collection Worksheets. SAMPLE - CHAPTER SEVEN "DOCUMENT OFFSITE STORAGE (VITAL RECORDS) REQUIREMENTS" Note: This step is mandatory. A. OBJECTIVE: Identify any items that should be copied and stored offsite to prevent total loss if main business site is damaged. These items are frequently referred to as "Vital Records." B. PURPOSE: List all key recovery elements to be retrieved from offsite to re-establish operations in a backup facility. C. DIRECTIONS: 1. Identify on Worksheet 7.1 all data backups that need to be stored offsite. Include Full, Mirrored, and Incremental backups and software copies, and send offsite. 2. List all key procedures, make copies, and send offsite. 3. Ask for copies of any "Special Forms / Supplies." Send a supply or copy offsite. 4. After offsite is completed, do an audit of data / software using Worksheet 7.2. D. COMMENTS: If an offsite storage facility is not available, use Worksheet 7.3 to identify appropriate location. E. SUPPORTING DOCUMENTATION: If an offsite facility is in use, include a copy of the access and retrieval procedures in this step behind Worksheet 7.1. WORKSHEET 7.1 : VITAL RECORDS Main Contact Person: ____________________ Phone: __________ ITEM .................... DESCRIPTION .................... FREQUENCY (How often sent off-site?) .................... CRITICAL (Yes / No) .................... OFFSITE STORAGE LOCATION .................... REMEMBER TO INCLUDE: Computer system tapes, PC diskettes, CD's, software copies, key operational procedures, documentation, network schematics, restore jobs, source document samples, manual processing procedures (if appropriate), etc. COMMENT: Data backup tapes are critical to any recovery effort. Be sure to include "Full System" copies, daily "Incrementals," and any file backups done by specific applications. Identify "mirrored" data as a separate line item. - - - - - - - - - AN ADDED "BONUS" WITH GO.RECOVER-DATA CENTER: A SHORT COURSE ON DISASTER RECOVERY PLANNING Often, a part of the plan development process really requires some up-front training so that the people involved in the project understand the concepts of Disaster Recovery Planning. The GO.RECOVER-DATA CENTER Product recognizes that requirement and has included training material that can be used at the start of the project. The table of contents of the training materials is as follows: A SHORT COURSE ON DISASTER RECOVERY PLANNING 1. Disaster Loss Impact 2. Disaster Recovery Definitions 3. Business Operations Impact 4. Major Recovery Planning Requirements 5. Project Elements Overview 6. Plan Development Process 7. Risk Analysis 8. Data Collection Tasks 9. Alternate Site Options 10. Alternate Site Requirements 11. Recovery Plan Development 12. Plan Maintenance and Testing 13. Helpful Hints 14. Critical Success Factors - - - - - - - - - ABOUT PERSSON ASSOCIATES Jan Persson has worked in the Information Technology arena since 1967. He began his formal disaster recovery involvement in 1979 following a major corporate data center incident that resulted in an immediate Hot Site recovery capability. For the next six years he served the role of disaster recovery coordinator helping seven operating companies and numerous remote locations establish their disaster recovery plans. In 1985 Mr. Persson established his consulting practice which specializes in assisting all size companies create disaster recovery plans. He has personally developed over 200 plans, all of which included testing as a final step. The client base includes many businesses such as manufacturing, financial, distribution, food service, legal, health care, recovery services and more. The scope of the plans that Mr. Persson has developed include mainframes, mid-range systems, client servers, business units, networks, voice systems, and most recently e-Business Web Servers. Mr. Persson has worked both for and with the three leading Business Recovery companies (Comdisco, SunGard & IBM) and has been a speaker at the Disaster Recovery Journal annual conferences. He also conducts regularly scheduled Disaster Recovery Plan Development workshops for a major business recovery vendor. He is certified (holds a CDP Title) by the Institute for the Certification of Computer Professionals. He is the author of GO.RECOVER-EUC, GO.RECOVER-MID, and, GO.RECOVER-EBIZ for small and mid-range data centers and e-businesses, respectively (all published by Rothstein Associates Inc.). - - - - - - - - - Published by Rothstein Associates Inc. In stock for immediate shipment! - - - - - - - - - 2002, CD-ROM (Microsoft Word format - compatible with Corel Wordperfect). ISBN #1-931332-14-2 Also available separately. Order #DR662. - - - - - - - - - ==================================== ==================================== DISASTER RECOVERY PLANNING: STRATEGIES FOR PROTECTING CRITICAL INFORMATION Second Edition by Jon William Toigo - “A complete guide to developing your company’s data survival strategy - Solutions for every company - PC to mainframe to the Internet - Best practices for avoiding disasters and safeguarding your business.” ==================================== “The most complete guide to data protection, disaster recovery avoidance, and disaster recovery tools, techniques, and technologies. Disaster Recovery Planning, Second Edition shows exactly how to implement world-class disaster recovery for today's distributed environments-without paying for expensive consultants or proprietary methodologies. Veteran planner and analyst Jon William Toigo delivers strategies and insight that any company can use, large or small. You'll find comprehensive coverage of disaster recovery techniques that reflect the latest technologies in data storage, networks, server systems, and the Internet: “E-business and Web based disaster planning and recovery. Recovery strategies for n-tier client/server and ERP systems-the Achilles heel of modern corporate IT Low-cost steps you can take now to dramatically reduce the risks of disaster Guidelines for leveraging current and next generation IT and network technologies to ensure maximum protection for mission-critical business processes “Disaster Recovery Planning, Second Edition is linked to an accompanying Web site that will serve as a "living appendix" - keeping IT professionals up-to-date on disaster recovery for years to come! ================================== EXCERPT FROM THE FOREWORD “Today's Internet-driven e-business economy, with its global, round-the-clock requirements, is raising a whole new set of disaster recovery challenges. Hacker intrusions, network attacks, viruses, spamming, and line failures now can pose greater risks to Information Technology (IT) operations than hurricanes, floods, power outages, and the like. And recovery can depend more on restoring applications than on fixing hardware. “Gone are the days when disaster recovery focused on protecting the data center-the heart of a company's heavily centralized IT structure. This IT model began to shift in the 1990s with the growth of distributed computing and client/server technology. At the same time, information technology became embedded in the fabric of virtually every business. Computing was no longer something done in the back room. Instead, critical business data could be found on desktop PCs and departmental LANs across the enterprise, as well as in the data center. Now this information is available around the world and around the clock at the click of a mouse-and businesses depend on it. “There is more at stake than ever before. Because electronic transactions and communications take place so quickly, the amount of work and business that can be lost in an hour far exceeds that of previous decades. Losses can be staggering, particularly for businesses conducting high numbers of transactions (i.e. brokerage operations, credit-card sales authorization systems, automated teller machines). Losses from major system outages in these industries and others can range from thousands to millions of dollars per hour. Even minor outages can result in thousands of dollars in losses. For instance, a faulty RAID drive or a software glitch that impacts a critical business function can cause the same level of loss as a cable cut or power outage. “There are more risks today as well. Distributed, Internet-based applications (customer service, EDI, Enterprise Resource Planning, supply chain management, e-mail, intra/inter company collaboration) provide increased access to corporate IT infrastructures for partners, suppliers, customers, employees-and hackers. This greatly increases the risk of malicious or unintentional acts that can cause major IT disruption. Operating a website also introduces the risks from interdependencies with organizations and systems that fall outside of a company's control. These include ISPs, telecommunications carriers and the hundreds of millions of users on the public network.” - From the Foreword to Disaster Recovery Planning: Strategies for Protecting Critical Information ================================== “Disaster Recovery Planning, 2nd Edition is a primer for business contingency planning that is useful to both novice and experienced plan coordinators. “Toigo emphasizes planning methods that are grounded in business practicality and founded upon generic project management principles in order to show how effective planning can be undertaken without expensive investments in consulting services or proprietary planning software. Successful DR planning, he demonstrates, is a straightforward application of common sense. “The methodology and techniques presented in Disaster Recovery Planning, 2nd Edition, blend both traditional and new approaches. Toigo utilizes data flow diagrams and flowcharts to explain the complexities of plan development and implementation. He also integrates the latest business automation trends and technologies, including: - remote access, - virtual private networking, - storage area networking, - multi-tier client/server architectures and middleware, - emerging Application Service Provider (ASP) models for application delivery, - the Internet and web technology. “He demonstrates how these technologies, often viewed as challenges to recovery, may actually be harnessed to expedite recovery at low cost. “Toigo's book is the first to tackle the special planning requirements of technologies such as n-tier client/server, distributed ERP, MRP and CRM applications, and e-business applications. These, he shows, represent the Achilles Heel of traditional disaster recovery planning and can only be effectively addressed by DR coordinators who are willing to adopt new, proactive roles within the IT organization. “Just as the first edition defined modern disaster recovery planning for the last decade of the 20th Century, Disaster Recovery Planning, 2E sets a new milestone in the business continuity planning field. Toigo leverages a decade's experience and a thorough knowledge of information technology trends and directions to set readers on a course that will enable them to safeguard critical business processes into the next Millenium.” ================================== EXCERPT FROM THE PREFACE “This book is scheduled for publication on the eve of a new Millennium, as described in Western calendars. Indeed, for the past five years, "Year 2000 issues" have dominated discussions at every level of business and government—at least in the world's developed countries. Building to a crescendo of nearly deafening proportions by the end of 1999, the mainstream press has allocated millions of column inches to Y2K, creating a kind of mystique around a rather arbitrary date. “January 1, 2000 has been positioned as a watershed event in human history. Somehow, it is more than just another wintery pause in the seasonal cycles that determine agricultural prosperity, more than just another New Year's Day spent recovering from the Bacchanalian excesses of the previous evening's celebration, certainly more than just another Saturday spent working in the yard or watching TV or attending religious services. “For many, the date is loaded with symbolic significance. Year 2000 conjures to mind the conclusion of ten centuries of fast-paced technological innovation that has changed forever the society and culture in which we live. In just the past 100 years, we have witnessed the harnessing of the electron, the atom, the microwave, and the photon to meet the needs of everyday existence. The Industrial Revolution has come to flower, given way to a Computer Age, and now, courtesy of the global Internet, World Wide Web, and the ubiquitous Web browser, morphed analog reality into digital reality of the Information Age. “Doubtless, there are good reasons to select a day on which to pause and reflect on the past, to consider the present, and to prepare for the future. Some psychologists argue that the human mind requires bookmarks, milestones, and "closure events" to remain centered and healthy. One supposes that, to this end, January 1, 2000 is as good a date as any other. “However, Y2K has acquired a second symbolic meaning that is much less grounded in the psychological revolution that gave us Vatican II, no-fault divorce, and the self-help books of the 1980s. To many, the millennium is a mystical event, touching on a deeply rooted superstitious stratum seemingly present in the human psyche since the dawn of man. For a variety of reasons, Y2K is viewed as a harbinger of doom, a signal that some cataclysmic event is in the offing. “Hollywood understands the phenomenon and has provided a steady fare of disaster movies as the decade of the 1990s draws to a close. Recent wildly popular films have enabled audiences to "experience, " courtesy of Industrial Light and Magic and other computer graphic effects studios, the havoc and devastation caused by natural, man-made and even extraterrestrial disasters. With apologies to Bruce Willis and others, the acting and plot of these films do not explain their success. The real draw of the films appears to be the disasters themselves: tornadoes, volcanoes, earth-asteroid collisions, viral outbreaks, nuclear terrorism, and infrastructure collapse based on computer hacking. They satisfy a need in the viewers to confront their own mortality, if only vicariously. “Some of the movies are rooted in real-life disaster events, which seem to some observers to be coalescing as the end of the century approaches. “The World Trade Center and Oklahoma City federal building bombings underscored the reality of terrorism for a heretofore-insulated North American audience. “The eruption in 1980 of Mount Saint Helens, following a 128-year dormancy, and powerful earthquakes in California, including Loma Prieta/San Francisco earthquake of October 1989 and the Northridge/San Fernando Valley earthquake of January 1994, have stimulated concerns about geological disasters and their frequency. The National Earthquake Information Center of the U.S. Geological Survey is quick to point out that "while it may seem that we are having more earthquakes, earthquakes of magnitude 7.0 or greater have remained fairly constant throughout this century and, according to our records, have actually seemed to decrease in recent years." “The 1990s also gave the North America the costliest hurricanes in its history. While 1969 Hurricane Camille was the most powerful storm to date, Hurricane Andrew in 1992 racked up $26 billion in damage—the highest costs associated with any natural disaster on record to that point. As this book goes to press, experts are still calculating the costs accrued to 1999's Hurricane Floyd, which may well top Andrew's record. Between these devastating storms have been a steady wave of less powerful but very destructive cyclone events. “Some may say that life imitates art. Following the success of the movie, Twister, Bridge Creek, Oklahoma experienced a real-life encounter in May 1999 with an F5 tornado, a so-called a "Finger of God".1 This and many other severe storms, made the 1999 tornado season the most active since 1992. In part because of the movie, these storms commanded the full attention of the media, which subtly attributed the tornadoes, hurricanes, floods, and ice storms of the last decade to humanity's destruction of the environment and nature's reprisal. In some reports, the tornadoes were incorrectly correlated with the El Niño/Southern Oscillation effect.2 According to government tornado watchers, the number of tornadoes have increased as the century draws to a close, but this phenomenon does not correlate to El Niño/El Niña weather patterns in any statistically meaningful way. “The possibility of near-earth-orbit (NEO) asteroids and comets colliding with the earth has been part of science fiction lore since the Golden Age of the genre in the 1950s. As the millennium approaches, concerns about this threat have been fueled by several events. One was the 1994 collision of Comet Shoemaker-Levy 9 with Jupiter, which was photographed in brilliant color using NASA's Hubble Space Telescope and published in magazines and newspapers worldwide. The other was the hyperbole surrounding 1997 XF11, an asteroid originally thought to be on a collision course with Earth, but later determined to be no threat when it passes the planet at a comfortable distance in 2028. The mistaken estimate sent many millennium watchers to their underground shelters and found NASA asking for authority to censor such predictions until they could be properly verified. “One man-made disaster potential that has seen a marked increase as the millennium approaches is the computer virus. Bearing such innocuous names as Melissa, Chernobyl, and ExplorZIP, 1999's crop of viruses have already resulted in greater dollar losses than has malicious programs introduced in any previous year. Experts expect this trend to continue for three basic reasons. First, the widespread use of the Internet for email and file transfers provides a perfect mechanism for spreading viruses. Second, the increased sophistication of programming tools is enabling even novices to create powerful virus programs. Third, the increased complexity of common desktop applications, such as word processors, spreadsheets, and browsers, are providing a "target-rich environment" for exploitation by hackers and other malicious code writers.3 “According to the FBI and the Computer Security Institute, virus-related costs are only a subset of a growing trend in crime directed at companies and enabled by computers and networks. Directed against critical infrastructure systems, such as the power grid, telecommunications, air traffic control systems, and so on, malicious programs and computer terrorism could potentially be as devastating as nuclear weapons. “Given the perception in many minds that disasters are coalescing as the millennium approaches, it is easy to understand how Y2K has become so closely associated with Armageddon. However, upon more sober analysis, few indicators point to a cataclysmic end to human existence on the first Saturday in January. It is a safe bet that the day will come and go without the seas boiling, dogs and cats living together, or any other apocalyptic nightmares being realized. If we are wrong in this conclusion, then this book will have a rather short shelf life. “What we may have to look forward to on January 1, 2000 (and possibly for several months after) is a set of irritating, and in some cases hazardous, interruptions in services that are supported by information systems and networks. These interruptions will have nothing to do with Nature's wrath or Judgment Day. They will be linked to simple, software-based, date calculation errors. “The Y2K bug exists in many older software programs, those written at a time when programmers did not consider how programs would behave when the calendar turned over from 99 to 00. Some of the software is compiled to execute on computer systems. In other cases, the software is embedded in microchips that are installed on computing and networking devices themselves...” ================================== CONTENTS Foreword by Todd Gordon Foreword by George Ferguson Preface Acknowledgments 1 INTRODUCTION What Is Disaster Recovery Planning? Purpose of This Book A Working Definition of Disaster The Time Factor in Disaster Recovery The Need for Disaster Recovery Planning The Auditor's View An Imperfect Legal Mandate Building Management Consensus for Disaster Recovery Planning Who Should Write the Plan? A Straightforward, Project-Oriented Approach A Note on Methodology Endnotes 2 ANALYZING THE RISK The Purpose of Risk Analysis Identifying and Prioritizing Assets and Functions Collecting Input from End Users A Criticality Spectrum Collecting Data on Outage Costs Identifying Threats to Assets and Functions The Problem with Probability A Few Compelling Statistics Developing Plan Objectives Endnotes 3 FACILITY PROTECTION Water Detection Fire Suppression Contamination Reduction Precombustion Detection Power Failure Physical Access Control Endnotes 4 DATA RECOVERY PLANNING The Primacy of Data Planning for Data Recovery Identifying the Information Asset Classifying Criticality: Inputs and Outputs Setting a Policy on Data Asset Identification, Classification, and Backup Policy-based Management of Electronic Data via Software Performance Considerations in Backup Software Selection Planning for Backup or Restoral? Electronic Vaulting Remote Mirroring Mirroring Not a Panacea Options for Records Storage Selecting an Off-site Storage Vendor Cost-Justify Off-site Storage Implementing the Data Recovery Plan Final Observations About Data Recovery Planning Endnotes 5 STRATEGIES FOR CENTRALIZED SYSTEM RECOVERY Developing Centralized System Backup Strategies Cautions and Caveats Mainframe Backup Strategies Which Strategy Is Preferred? Selecting a Hot Site The Bottom Line on Centralized System Recovery Endnotes 6 STRATEGIES FOR DECENTRALIZED SYSTEM RECOVERY Distributed Client/Server Computing: The Achilles Heel of Disaster Recovery Planning A Brief Overview of Distributed Computing Contemporary Client/Server Applications Preventive Measures Proactive Measures Planning for Recovery Endnotes 7 STRATEGIES FOR END USER RECOVERY Developing an End User Recovery Strategy Options for End User Recovery Emerging Technology: Harnessing Remote Access Capabilities Types of Remote Access Considerations Regarding the Use of Remote Access for End User Recovery Other Issues in End User Recovery Supply Logistic Final Thoughts on End User Recovery Strategies Endnotes 8 STRATEGIES FOR NETWORKING BACKUP What Is Involved in Formulating a Network Recovery Strategy? Analyzing Networks: A Layered Approach Preliminary Activities in Network Recovery Planning Formulating Strategies for Internal Network Recovery Backup Strategies for the Local Loop and Wide Area Network Services Planning for the Restoral of Wide Area Voice and Data Network Links Following a User or Systems Relocation Endnotes 9 EMERGENCY DECISION MAKING Designating Teams Common Evacuation Project Functions and Teams Common Recovery Project Functions and Teams Relocation and Reentry Project Functions Staffing Teams Developing a Notification Directory Creating the Emergency Management Flowchart Emergency Response Situation Assessment Emergency Operations Center Activation The Recovery Phase The Relocation/Reentry Phase Final Thoughts on Emergency Management Decision Making Endnotes 10 THE RECOVERY MANAGEMENT IMPROVEMENT Researching Literature Interviews and Tours Professional DR Organizations Professional Associations Other Milieu Resources Endnotes 11 PLAN MAINTENANCE AND TESTING Team Education Plan Maintenance Change Management Testing to Maintain the Plan Managing the Results 12 CONCLUSION Glossary Index ================================== ABOUT THE AUTHOR “JON WILLIAM TOIGO is author of seven books, including The Holy Grail of Data Storage Management, as well as more than 1000 articles for the business trade press. He is also a consultant providing ongoing research and writing services to a broad range of commercial clients, including AT&T, Cabletron®, Cisco®, Citrix, Compaq®, Hewlett-Packard®., Storage Technologies Corporation, and Network Systems Corporation. Over the past 15 years, he has helped numerous companies develop disaster recovery plans for their systems and networks. “ ================================== 2000, 325 pages. Also available separately; order #DR447. ================================== - - - - - - - - GO.RECOVER-DATACENTER + DISASTER RECOVERY PLANNING Order #DR734 (2 books) - - - - - - - -
Rothstein Associates Inc.
4 Arapaho Rd.
Brookfield, CT 06804-3104
1-888-ROTHSTEin
Telephone: 203.740.7444; 888.768.4783
Fax: 203.740.7401
E-Mail:
info@rothstein.com
All bookstore enquiries should be sent to Rothstein Associates at the above address.
Looking for Practical Knowledge?
© Binomial International 2008
|
![[Item Image]](http://www.binomial.com/bookstore/it050002.jpg)