DRaaS, a real solution or just another acronym?

DRaaS borns as a concept related to Cloud services which, in a first approach seems to be very similar to the traditional backup datacenters service solutions, but however it has an important differential feature: abstraction from infrastructure.

In traditional backup datacenters, the infrastructure should be equal or very similar, so all services could be run in a proper way independently from the site in which are running. When we talk about DRaaS, and manly due to virtualization, the services are offered in an infrastructure-agnostic way, and this allows services to be recovered only coping data between datacenters. Moreover, with the dynamic capacity management feature given by virtualization, service level can be granted in most cases.

From a conceptual perspective, DRaaS has two different options:

• DR of software (SaaS), infrastructure (IaaS) or platform (PaaS) running in the Cloud. The Cloud service provider should offer the DR service and it will be completely transparent to users.
• DR as a solution for IT services running in a corporate datacenter, with cold or hot stand-by.

Is in the second options when DRaaS concept is taken to the extreme, allowing the design of different solutions depending on our infrastructure. For example, since most IT infrastructures are virtualized, a DRaaS can consist on a virtualization server that can host virtual machines conforming the whole service. Carrying out a data replication service could be recovered in an alternative site in seconds.

Advantages of DRaaS are obvious:

• Economic. In the BCM industry, wer ROI are not very cleary and is difficult to justify, economic matters are very important. In the case of DRaaS we have not to make all payment upfront, it can be done with a pay-per-use model, with a mensual fee. This is a great advantage nowadays because hardware cost of ownership has not to be done.
• Simplicity in test. Most efforts in business continuity and IT service continty is dedicated to drill and tests. With a reduction of complexity of this test we will reduce the economic cost and we can dedicate this budget to other important issues.
• Flexibility. Service can be adapted depending on business requirements established to each application. In some industries, which are very dynamics, this issue is very important in order not to have more costs than ingress for a service.

Step by step, housing providers are increasingly using DRaaS as a new product of  their portfolios,  identifying the diferent options of  this kind of  service defined above. In Spain there are not too much providers using this terminology, but we can found some examples, as the DRaaS by Ermestel.

In the same way than Cloud services, not all infrastructure can be migrated to DRaaS. It will be dependent on determining factors like specific hardware, information confidentiality, integration with other corporative services or service level required (a lot of times required service levels cannot be offered by providers because of technology conditioning). The most interesting options could be a combination of Cloud solutions with traditional backup solutions in order to take advantage of IT service continuity in a proper and economically way. This is called hybrid Cloud.

In a desaster like the one in New York, Can we be prepared?

Colaboration by Moises Lopez Business Continuity Consultant at Grupo SIA

From my point of view, except multinational companies with a global and diversificated market which don’t depend on one or two locations, in disaster like this one very few companies can resist.

When identifying resources required to business continuity, every organization can estimate the amount of resources they will need to assure their resilience for each activity. Having a deeply look into some of the main resources supporting business, can find:

• People: welfare has to be a priority and, in this case, forecast and advertising is an advantage to assure their safety. Except emergency services, nobody should be in their jobs, moreover, in this case there has been some victims.

With city paralyzed and employees only available in their houses, Will only technology support all the business? Are workforce prepared to develop their activities when their city is under emergency?

• Technology: with power outages and floods, it’s very difficult to maintain a adequate service level, even if our IT infrastructures are based in Cloud. Even more, Can we assure that our employees’ communication provider will still deliver services in this scenario?
• Providers: We can have the most restrictive service level agreement that, in this scenario will be wet paper. Moreover, we can have back up providers, but Can they will deliver the service in a proper way?  Can they deliver services even in scenarios in which we can’t?
• Locations: When city is not available, Will our facilities be available?

We can have a business continuity plan, with a communications plan properly defined, the response and emergency procedures also established,  even we could have decided to establish our backup datacenter in other city, but our budget and technology could be enough to put it in New Jersey, for example,… If despite all this measures we cannot restore our business, then we can only hope the help of the government or pay of insurance premium.

As a conclusión, if the scope of unavailability is as big as our city and around, it will be time to start from the beginning.. or  Would be realistic to consider as an scenario in our plan about “unavailability of the whole city”, if the city is our main operation center?  How many companies in Spain would be able to assure it resilience in such a big disaster situation? 

Healthcare service continuity

Blackout taken place in Fundación Jimenez Diaz hospital , last 16th of October in Madrid is a good example to realize that there is not necessary great disasters or disruption  to activate Business Continuity Plans.
Although we have not too much information about this incident, it can be clearely indenfied two tradicional continuity measures:

• Power generators activation, to support critical systems
• Redirection of new admissions to other hospitals, in this case the Hospital Clínico.

When we are talking about a hospital, such as I discuss in my previous post components supporting business, this service is so critical that  availability of all components supporting the service has to be granted, that is, facilities, suppliers, medical staff or information technology. Impact caused by lack of service is simply unaffordable because the life of patients is in play.

However, the incident occurred in Jimenez Diaz Hospital must make us think about if our health system is really prepared for emergency situation or disasters when hospitals are affected. 2004 terrorist attacks in Madrid realized that the emergency agency are prepared to deal with such a great disaster, but What would happen if the own hospitals were affected by the disaster?

In a hospital there are a lot of diverse healthcare services, with different criticalities: emergencies, maternity, hospitalization, operating rooms, doctor appointments, radiology,.... Strategies must be different depending on this criticality. For example, a pediatric appointment could be delayed or redirected to other hospital, but a serious patient that has to go through surgery or with dependation of ventilation can no be unattended and any delay can be fatal.

Having a look abroad, for example to United States, hospitals has a global framework since lasts 80s, called HICS (Hospital Incident Command System). This framework identifies different issues to be taken into account to assure healthcare service. HICS was born as a emergency specific framework (HEICS), but it nowadays is a system for use in both emergency and non-emergency situations. George W Bush govern created in 2003 a global framework to manage incidentes (NICS) and this caused a new revision or HICS which is the last version (version V).

About content, HICS identifies five management functions hat has to be defined in the hospital to manage incidentes:

• Incident Command, set by different responsibles of safety, liaison and public information officers and the global responsible
• Operations section concuct ths tactical operations.
• Logistics Section: provides required resources to achived operational objectives.
• Planning Section: Collects information about the incident, maintain resource status and infomration for reports and prepares documents, such as incident plan.
• Finance and Administration Section: Monitors costs related to the incident and provides accounting, procurement, time recording, and cost analyses

The most important advantange of HICS is provides a common terminology and position titles to enhance standardization among agencies and responders

In Spain, with healthcare service tranferred to Autonomous Comunities and with the actual economic crisis it seems that this kind of initiatives are not a priority, altough from my point of view is an interesting tasks for CNPIC. At the end of the day hospitals should be considered critical infrastructure.

Conference "CONTINUIDAD DE NEGOCIO 2012"

Contribution by Daniel Blanco Business Continuity Consultancy Solutions Coordinator at Grupo SIA.

Last 26th of september was pleased to attend the conference "CONTINUIDAD DE NEGOCIO 2012" (Bussiness Continuity 2012) in Madrid, organized by Fundación DINTEL in colaboration with continuam and INTECO
In the conference there were invited different lectures as BBVA, Banesto, Acciona, Minister of Defensa, Adif, Aena, Bankinter or EMT. The schedule can be seen in the followin link at Fundación DINTEL:
http://www.dintel.org/index.php?option=com_content&view=article&id=216&Itemid=312

Lectures were divided into two blocks, with different presentation models. In the morning, presentations about cases of success and experiences in Security and Business Continuity Management in their organizations were done by speakers speakers; in the evening took place a colloquium in which speakers answer questions done by a moderator. 

Better than describe in deep each lecture, I'd like to highlight some relevant messages and topics commented  repeatedly during the day:

1. Although there are still points of view in which business continuity is treated as a part of information security, this time there were presented as a independent discipline that complements information security and that, in conjunction with risk management, deliver resilience to organizations
2. Awareness and Management Commitment are important points not achieved in Spain nowadays and is necessary and essential. Business continuity plans or crisis management training and drills were presented as one of the most important ways to deal with the objective.
3. There is not enough with having a business continuity plan or a crisis management plan in which an organization critical business process recovery were defined, other actors like police, emergencies support, government and critical providers have to be taken into account in order to get the minimum level of operation after a disruption. Without internal and external support no organizations can recover their business.
4. The Spanish Critial Infraestructures Protecction Law were presented as an inflexion point that can bring the development of a industrie collaborative framework and allow to have sectorial strategic plans in Spain. Moreover, this can be a energizer of the three point described bellow.

As a conclusion, from my point of view, different lectures of the conference were in the right way: defining business continuity issues, resilience, economic sustainability and not only IT or Information Security. Nevertheless, we have still a long way to achieve what was defined in the second point: management has to commit and promote business continuity activities. As as sign I can point out that most of people attending the conference were chief of IT or were part of the structures of IT in companies.

Sabotage

Yesterday, talking with the chief of Business Continuity consultancy in one of the main companies of the industry in Spain, we have doubts about if the case of sabotage in the power infrastructure in Rayo Vallecano's stadium should be consider as a scenario in Business Continuity plans.

On the one hand, it could be clear that a scenario of lack of power, no matter the origin, must be included in BC plans. Measures to assure power are very common: generators, two power providers, etc.

On the other hand, the sabotage in football match between Rayo Vallecano - Real Madrid has two special considerations:

• The stadium must be available at a specific time and during a relatively short period (2 hours)  There is not possibility to play the match in other stadium - it would be impossible to move 15.000 - and it's not possible to play at other time, since the main business to be continued is the is the television retransmission.
• Internal electrical infraestructure were damaged, so there is no way to use an alternative infrastructure. It has to be repaired.

Since Business Continuity has to focus on moments after an events occurs, and the plans covers the actions to be taken on this moments, its seems to be difficult that the staff of Rayo Vallecano could done something different if they would have a Business Continuity plan. Traditional measures would be not effective in this scenario because it was damaged the internal infrastructure. So this scenario is only useful to analyze risks and define the mitigation measures.

In general terms, when business depends on somebody doing something in a certain location, business continuity plans doesn't help too much: It's not possible to change actors, location or time, so we can only make a good risk analysis and try to mitigate it as far as we can.

BYOD and Business Continuity

BYOD can be considered as a trend in the IT and is called to be developed during the following years, since this has a lot to do with mobility and telework. There has been users themselves, manly top management, who has introduced smartphones and tables into the offices when they realized that they were using their shabby professional mobiles more regularly than their brand new iphone and they began to invert this trend, forcing their CIOs to allow access to their email, agenda and other applications. This means that, instead of being the product of a marketing strategy or the conclusion of trends report by a high level consultancy company (surely they are going to include in it from now), is the result of an increasingly widespread practice.

From a technical point of view, BYOD is going to be a revolution in the workstation world that will require procedures update, new tools for manage the devices and new security policies. Security and legal issues will be probably most affected by this trend, with a lot of voices form security experts rising against it because of the violation of traditional security dogmas of access control al data loss prevention. That’s why there are a lot of comments in forums and a rising market about device protection tools to avoid happened situation like the one affected to the Spanish Homeland Security Department Minister, who loses his ipad. Most of this tool were available before and has been named with the fashion acronym (BYOD compliance…)

From Business Continuity perspective, BYOD doesn’t bring a great change, since will be very similar to remote access policies in which users usually take care of the expenses of Internet connection or even the computer they use to access to company’s intranet. In the same way they do to remote access, BC manager, usually with Human Resource department, should assure the following:

• Employee give consent to use their own resources to a professional use.
• Employee owns the required resources to carry out activities they have to do in a crisis or contingency situation. The better way to do this is involving the user when inventory of their own resources periodically.
• Employee resources comply with company security and feature politics and procedures.

Apart from that, as every BC resource, BC manager should assure the information in the inventory will be updated continuously. In order to do that, the best option is to automate the process with tools like Workforce Assessment by SunGards AS, in which inventory and update process are done with a web form and is stored in a relational database. This allows using this information later, when defining BC strategies and procedures. And of course these resources have to be included in the exercising program.

Thoughts about blackouts in India

It seems that last blackouts in India have activated a lot of Business Continuity plans and have made the different between companies with and without a BC program. Lack of power supply is a clear continuity scenario to which most companies are prepared, mainly through power generators able to support the sites demand of electricity, or at least, of the most important.

Other issue to take into account is how to assure that workforces are going to reach their workplaces, since public transport are not available. Moreover, if telework is the alternative, How can they work from their homes if there is a lack of telecommunications?

ICTs are one of the resources that will be affected most because of their dependency on power supply. Blackout in India scenario shows resiliency examples of companies which principal business is IT services, as we can read on this article about Winpro, Genpact and WNS, but is not a trivial matter.

However my thoughts go in other way: Can this scenario be really included in the BC scopes?
In a first approach it seems clear that this scenario has to be included, but thinking on it deeply, our customers will probably be affected by the same problem, so it has no sense to be able to deliver our service if our customers are not going to receive it.
In a globalized world, in which we can have customer located near us or in the most remote place of the earth perhaps this thoughts has no sense, but we have to take into account that most business are done locally, with companies and organizations very close one to the others. Resource investments on this scenarios are not justified too much.
As an example, we can think on a clothing store: It’s difficult to have our store plenty of customers in a situation of a blackout like the one taken place in India. Every street and every shopping center are in dark

As a conclusion, and as an advise as well, when defining the scope of our Business Continuity plans we must evaluate the scenario thinking on the situation of our customers because perhaps I recover my services and there is nobody use it.

Corporate identity theft in Social Networks

Colaboration by Beth Ojeda, Social Media Manager at Continuam

One of the most common and relevant problems in social networks are the company identity theft. This kind of attacks generate business chaos if they are not covered in Business Continuity Plan due to recovery from this attacks are laborious, although is not imposible. This attacks use to generate a lot of inconveniences, because one of the main reasons for a corporate identity theft is discredit and damage their reputation, generating distrust in customers, providers and general followers.

There is also present a latent threat of fraudulent actions which carry theft of followers information, controlling confidential information that could be exchanged between the Community Managers and users.

Preventive measures:

• Owning an alternative corporate account, with corporative image and not publicly available, in order to be activated only if a crisis occurs.
• In those social networks that could be possible, define a super-administrator account
• Having an email, from other domain than the corporate, to access social networks and store the initial codes that the social network gives to recover the account, deleting it from the email account.
• Establish different passwords for each social network, and further, define strong passwords.
• Send to each follower in social networks an initial message with the official customer attendance email, for more information.
• Designate a spokesman for on-line crisis situations who will use his or her own profile in this situations.
• Write down all actuation plan, password recovery methods and actors that has to participate in the recovery
• Conduct a drill to identify faults.
• Develop a template for reporting to the police, since it must be done immediately after the theft.
• Create monitoring alerts in each social network in order to receive feedback about the company reputation and to identify problems in communication.

«Remember that everything you can think of, the cyber-criminal has also thought it before»

Managing Crisis:

• Activate the crisis profile
• •Publish an online press release, advertise the corporate identity theft and announce the new social network account and the spokesman designation.
• Forward the oficial email to users communicating that the social network profile has been theft and that they can establish contact with the company in case of problems.
• Maintain a relaxed communications level and focus on the situation, without personalize the attack.
• Send the account recovery codes to the social networks administrators.
• Identify the spokesman as a VIP user (with a special character adjacently the name singing he messages)
• Create internal report about the monitoring in order to know the impact of the identity theft.

Although in a first approach could be the better response, silence is not a good option because ciber-criminals will continue casting doubts in the company followers, even creating false offers to compromise organization credibility. Even revealing internal information, although this information could be false, they are talking on behalf of the company.

Beth Ojeda

Social Media Manager at Instituto de Continuidad de Negocio.

@BethOjeda

Legionella, a real threat

As every year at this time, we face in Spain with recurring news about Legionella, which impact is very high, not only from a health point of view, but also about business continuity. This year the focal point has been in a hotel in Calpe, closed since last 3th of July and in a restaurant in Mostoles, where there is 52 people affected and a dead person.

Legionella first infection of large proportions occurred in 1977, during a congress of the American Legion in Philadelphia. In the hotel in which the congress took place there was an outbreak of an infectious disease that killed 34 people and affected more than 180. Studies determined that the source of infection was a bacterium that had been spread by the air-conditioned hotel and, due to the nature of the conference attendees, was named as Legionella

In Spain, Legionella prevention is regulated by the Real Decreto 865/2003, from 4th of July of 2003, in which are identified different health and hygiene procedures for prevention and control of legionellosis. As every health activity, the RD identifies actions to carry out in both, to prevent and to act in case of an outbreak takes place.

Leaving aside the health and hygiene aspect, from a business continuity point of view the most important chapter of whole RD is the number 12, which identifies activities to do in facilities when an outbreak is detected. This chapter describes the following:

"In the presence of cases or outbreaks, very poor facilities, contaminated by Legionella, obsolete, or poor maintenance, the health authority may order the temporary closure of the facility until the defects are corrected or decommissioning. May not be placed back on track these facilities without the express permission of the competent health authority."

If we rely on the historical cases that have product in recent years, we could say that the risk important, and therefore the scenario of facilities unavailability is more than justified. Mainly, for the facilities most likely to proliferation and spread of Legionella, identified in the RD as follows:

• Cooling towers and evaporative condensers.
• Hot water systems with storage and return circuit.
• Heated water systems with constant stirring and recirculation through high-speed jets or air injection (spas, Jacuzzis, pools, glasses or therapeutic tubs, whirlpools, jets treatments, etc.).
• Industrial humidifiers centrals.

That’s mean every installation with refrigeration systems and/or air conditioner is likely to host a Legionella outbreak,mainly if a proper maintenance is not done that grant everything is clean.
Even more, the RD also includes sanctions, classified as minor, serious or very serious, which have economic penalties from 30.000€ to 600.000€, that also should also be taken into account by business continuity responsibles.

As a conclusion we can say that the Legionella must be taken into account when identifying business continuity scenarios and carrying out the following actions:

1. Identify the level of responsibility of the company in the refrigeration system and cooling towers.
   • If the site is an owned site, the company has to make reviews and regular checks.
   • If the site is rented, company has to require the leaseholder to perform the checks
2. Perform an impact analysis, with changes over the time, in which economic sanctions will be taken into account.
3. Define actions to be performed in case of outbreak will be detected: alternative sites, communication procedures to employees and customers, media communications, etc.

5th Business Continuity International Conference

As every year, and this is the 5th, last Tuesday 22th in Madrid and Wednesday 23th in Barcelona has taken place the 5th Business Continuity International Conference by BSi, this year with the new standard ISO 22301 being launched.  Following I summarize the event with a little description of each lecture of the conference in Madrid, to which I had the pleasure of attending.
With an attendance of more than 150 people from different industries, the maximum capacity was practically cover.
 

• Introduction and welcome by Marcio Viergas (BSi general director). Provides the general definitions of an ISO standard, the different committees and how BSi, as a standard developer, has historically contributed with a lot of norms developments that has became international standards. ISO 22301 is called to be an important international reference and is predicted to be a boost for the industry and, seeing the attendees to the conference, looks set to become a reality.
• From BS25999 to ISO 22301 - Business Continuity Management by Agustín Lerma (BCM Product Manager at BSi) Agustín provides in general terms the content of the standard and the correspondence with the Demming cicle, which is mainly the following :

Plan	4. Context of the organization 5. Leadership 6. Planning 7.Support
Do	8. Operation
Check	9. Performance Evaluation
Act	10. Improvement

Agustín also define the alignment of the standard with  Guide ISO 83, about standard structure, PAS 99 about management systems and ISO 31.000 related with risk analysis.

• The new International Standard for Business Continuity: ISO 22301. Dave Austin (member or ISO committee for standard 22301 development) Dave exposed deeply the standard, in some points overlapping with Agustín lecture. Highlighting the following points:
• Standard is equivalent to BS 25999-2,  so the schema will be completed when ISO 22313 were published. Its publication is scheduled for next year.
• There are a new concept MBCO (Minimum Business Continuity Objective)
• Legal requirement specific for each country are included.
• Risk evaluation is aligned with ISO 31000
• Strategy had some shortages in BS25999, in the new standard it has a better definition, proposing the identification to reduce probability and impact, RTOs definition, resources needs and actions to protection and mitigation requirements compliance.
• Incident communication: is much more complete and gives more importance. A better integration with emergency system is proposed.
• Business Continiuty Management  end to end. Fernando Picatostes (Deloitte) The lecture was based on Deloitte business continuity methodology, focused in risk too much. Incidents in which Deloitte was involved some years ago (Windsor building and Twin Towers) were mentioned, as usual.
• Crisis management and Business Continuity. Andrés Gonzalez (Near Technologies) made a review of the main security and business continuity incidents occurred lately and lesson learned for each one: Twin Towers, Tepco in Japan, Spanair MD-82, etc. The "prezi"ntation can be viewed here
• Risk Management ISO 31000 and integration with new ISO 22301. Angel Escorial (AGERS) After a description of what Asociación Española de Gerencia de Riesgos y Seguros is, Angel make a deep review of the standard 31000 and the contrast between this standard and ISO 22301. From a personal point of view, the lecture was very interesting and I highlight a phrase: Risk management works with impact, while BC management works with time and impact. If we think on continuity as risk management, I think is not the better approach, aligned with the tittle of this blog.
• Business case of Telefónica UK in Business Continuity. David Clarke (Telefonica O2) With on of the most complex business continuity management, David expose the long way he have to walk before the certification. From the lecture I highlight the benefits of implementing the BCM, what I think is key for every BCM system:
• Increase trust from customers, partners and third parties.
• Ability to work with suppliers to build continuity strategies
• Industry recognition
• Experts colloquium- Workshop about new standard ISO 22301. Julio San Jose (Bankinter), Fernando Picatostes (Deloitte), Andrés Gonzalez (Near Tech.). Moderator: Marcio Viegas. Due to agenda problems, I cannot attend this interesting colloquium.

Conclusions

With a great attendee, the event shows the general interest in Business Continuity from the different Spanish companies and organization. Furthermore, the fact that ISO 22301 has been launched do foresee that the directors interest in BC will rise.

From an organizational point of view, once again, congratulate BSi by the professionalism with which held both the call as the event itself (Congratulations Patricia, Silvia, Beln and company)
About contents, I think that attendees general feeling was they were poor, mainly those from BC service providers.

Business Continuity and Operational Risk

After the last Argentine government's decision to nationalize YPF, followed by the Bolivian doing the same with REE subsidiary, in different business continuity forum has started  a debate about the requirement or not to include this scenario in the scope of the Business Continuity plans. Does Business Continuity manager really contemplate the possibility of an expropriation? and as a extension, May bankruptcy scenarios or extremely adverse economic situation, like the situations caused by economic crisis, be included into the scope of plans? It's not a trivial question since scope will determinate the economic requirements of the Business Continuity program and the roles which will be responsible of BC in the organization.

An answer to this question can be found in operational risk management and the integration with Business Continuity management. Operational risk management look for analyze those factors that can affect negatibly to business, defining this, as in every risk analysis, by probability and impact.

In some industries, like financial, risk operational management is a common practice. In fact, financial system regulation (Basilea iI), defines operational risk as:

“The risk of loss resulting from inadequate or failed internal processes,

people and systems or from external events.”

This is quite similar to a risk analysis from a Business Continuity point of view.
Deepening in Basilea II, it defines seven categories of risk operational:

• Internal fraud;
• External fraud;
• Employment practices and workplace safety;
• Clients, products and business practice;
• Damage to physical assets;
• Business disruption and systems failures;
• Execution, delivery and process management.

Although some of this categories seems to be quite close to Business Continuity categories and scenarios, not all of them may to be included in our business continuity plan. For example, damage to physical assets can be covered by our BC plan, including a IT service recovery plan and all the recovery procedures. However, internal and external fraud seems to be far away from Business Continuity.

As Richar Wartered, from Marsh Risk Consulting, defined in the workshop Risk, Resilience & Continuity by BCI, BC management process and operational risk management must begin at the same tieme and independently, joining resoults when definint risk mitigatin strategies.

It's necessary to take into account that objectives of BC are to recovery the service or delivery of product after a disaster or disruptive event occurs, since risk management has to be focused on the preventive actions, before the occurrence of the disaster.

In order to define the BC scope, the best practice is to follow BS25999, and hope ISO 22301 soon, in which there are defined five componenet that has to be inluced in the plans:

people (7.3)

premises (7.4)

technology (7.5)

information (7.6)

supplies (7.7)

As  I defined in my previous post (Components supporting business), depending on the characteristics of business, each component will have a specific weigh in the delivery of services or products.

BCAW webminars

This are the webminars deployed regarding the Business Continuity Awareness Week, sponsored by BCI.

Adopting Cloud In Your Backup Strategy
BCM Frameworks: From Best Practices to Standards to Overarching Models
Burst out of you own personal silo, Find out who else is interested in disasters
Business Continuity Awareness for Senior Management
Business Continuity in the Supply Chain
Business Continuity Management Systems
CM² Maturity Model
Conscientisation pour la continuité des affaires auprès de la direction
Contact Centre Continuity
Continuity as a Service (CaaS)
Corporate Business Impact Analysis-Why Bother?
Cyber Preparedness-Time is Not on Your Side
Establishing a Governance framework for an effective BCM
Getting Started with BCM
Horizon Scanning - What could Business Continuity look like in 2040
Horizon Scanning, new threats, new skills, new challenges the next 5 years
How to check your Business Continuity Management System?
How to Effectively Use Social Media Before and During Disasters
How to Successfully Implement a Business Continuity Management Program..
Identifying Key Suppliers
Infrastructure Impact Analysis
Integrating Cyber Threat Protection and Business Continuity Planning
ISO 22301 Business Continuity Management Systems
Learning from Earthquakes, Non-Structural Retrofitting and Other Mitigation Meas
Preparing for the 2012 Games- What should you do in the time left?
Preparing for the 2012 Release of ISO 22301
Preparing your Communications Strategies for London 2012
Puzzle Pieces: Are You Seeing the Entire Planning Landscape
Risk Management Strategies for Protecting Enterprise Supply Chains
Why a formal certified BCMS? “Due Diligence”-Talking the Language Management

Distance Between Datacenters

One of the most common questions when designing a IT service continuity plan is distance between datacenters. Answer is easy: a distance that would be far enough to grant that an event is not going to affect to the principal and the alternate data center, but close enough to ensure that services are going to be delivered in a proper way, specifically in those services in which people are involved.

IT industry maturity has caused that, in most companies, IT service process has a high level of automation or are remotely managed and cloud computing is a clear example of this. This fact has and caused that risk is  considered as the only aspect to take into account when selecting an alternative data center location, so let put the data center far far away.

However there are two issues that affect when determining the distance: Cost and Technology.

Technology

Telecommunications between data center are done using optical fiber in most cases, although depending on applications requirements, different protocols will be used. Basically there are three types of data centers communications:

• Level 3 interconnections: are used to connect data centers with few latency and transparency requirements. MacroLan by Telefónica, LanLink by Colt or LanExtesion by BT are the typical level 3 operators products .
• Level 2 interconnections: Are based in link protocols, for example, and over all Ethernet. This kind of connections are more transparent than the lever 3 connections and, with techniques like  FCoE, allow to cover most of connectivity scenarios if applications has not a few latency.
• Level 1 interconnections: signal transmission through optical fibber multiplexed with DWDM or CWDM that allow interconnection high capacity interconnections (nowadays 40 Gb and up to 100Gb). with a very few latency. It'll be more important the latency due to light transmission.

Most data centers are connected using this technologies, being between 10 and 80 kms the usual distances among them. For longer distances, projects are more complex, because long distance networks has to be used, with, for example, SDH protocol that allow a continuous signal regeneration, although latency are introduced.

Most multinationals have chosen an architecture that offers a lot of technical functionalities with the minimum risk, that is to have two data centers one close to the other (1 to 5 kms) operating in an active-active configuration and the alternative data center for disaster or disruptive events is located hundreds of miles away, even in another continent. For example, Santander bank has in this architecture datacenters in Madrid, Cantabria ( upcoming opening ), London, Sao Paulo (Brasil) and Querétaro (México). The following video shows a virtual tour for the Brazilian datacenter of Santander.

Cost

It's easy to conclude that the longer the distance, the higher the cost. Depending on fiber attenuation interconnections has to be implemented with more or less power lasers. For distances longer than 80kms regeneration or amplification of signal will be required, so more equipment and more cost. Talking about very long distances, like London - Cantabria of Santander bank, international lamdas will be involved and the bill could be very expensive and difficult to justify.

Another fact to take into account is that the longer the distance, the higher probability to be intercepted and confidential information to be disclosed, and thats why cipher technologies has to be used, as I explain in this post in secuirtybydefault blog.
 

Overview of SunGard CMS

As a continuation of my later post Business Continuity Management tools, I'm going to analyse deeply a tool which I've been with and I've some experience.  It's Continuity Management Solution Suite by SunGard Availability Services.

First of all is to speak about Sungard: is an Amercian company with headquarters in Wayne, Pennsylvania, born as a spin-of the IT department of a the oil company SUNOCO (Sun Oil Company), with a high presence in USA. The meaning of SunGard is Sun Guaranteed Access to Recovered Data, what shows the focus of their activity.

Sungard has four divisions: Availability Services, Financial Systems, K-12 Education and Public Sector, being the suit CMS  under SunGard AS division.

SunGard AS has its focus on Continuity, offering a huge portfolio that include workstation, recovery data centers, consultancy services, offices, mobile data centers and BC management software. In Spain the Authorized Represented of SunGard to BCM software is Sistemas Informáticos Abiertos (SIA) , offering also BC consultancy services and BC managed services.

Suite CMS by SunGard AS is on 7 modules, with the intention to include some additional module. All modules are presesented in the following picture:

Modules that are currently part of the suite are the following:

Los módulos que componen actualmente le suite son los siguiente:

• LDRPS : Living Disaster Recovery Planning System, is the core of the suite. Contain database that are the inventory of whole organization: employees, facilities, applications, technology, etc. Response procedures and plans are defined on this module.
• BIA Professional: In one of the four assessment modules. It's though to carry out impact analysis through web questionnaires that has to be responded by final users. Responses are stored in the different databases of LDRPS and are the source for plans automations. .
• Risk Assessment: Other assessment module, focused on risk. Identifys the main risks that affect to the different locations.
• Work Force Assessment: to evaluate the knowledge and preparedness of the employee.
• Vendor Assessment: to evaluate the preparedness of suppliers. 
• Incident Manager: It's a management board to manage crisis and help in the tracking of procedures defined in plans. It also provides alternative communications mechanisms, manage internal and external communications procedures, unique point of contact for coordination, etc..
• Notifind: completes the suite with communication massive communication features. Information stored in LDRPS is synchronized whit in databases located in operator Varolii in order to grant that communications are going to be carried out and any company resource are not going to be used.

Megaupload and Spanair

There have been written a lot about Megaupload shutdown, most of articles related with ethics and with piracy in Internet, however, there are some consecuences of the shutdown that can be useful from a Business Continuity perspective: the cloud service that Megaupload delivered.
There were a lot of users that stored information in Megaupload as an alternative site to backup their data and in some cases even as a primary site. In my past post Home Continuity it was described this kind of cloud services, like Youtube, Picassa or Dropbox,  were a good solution to backup data. However, Megaupload experience make us think about the election of the cloud service provider if the information that we're going to store is relevant. In the worst scenario, this information can disappear.
Carried to the business, perhaps we can think that is complicated that a cloud service provider stop delivering their services and, if this occurs, we can continue with old provider until we find a new one. But, I suggest to every company to review the agreement they have with cloud service providers to check it this agreement really give you right in circumstances like a legal shutdown or a company bankruptcy. In this line, we can see the example of Spanir, if one of this circumstances occurs, the less important are customers, because they have not to maintain a good branch,  and in a company in bankruptcy the last collective receiving compensations are customers. Customers for AirMadrid are still waiting to be payed 5 years after.

About Spanair, we can make a final thought: I don't know if the bankruptcy has been produced by business criteria, because of profit and loos balance, or perhaps the company has been extremely injured by the plane crash in 2008, but what is cleare is that there have been a deficient business management. For a lot of Spanair providers it will be a domino effect and they are going to be forced to stop their activities.
From a BC perspective the question is, Can we include a scenario in which our main customers goes bust?

Regarding Costa Concordia

The shipwreck of Costa Concordia and all different wrong actions taken in place after, can be used as an example of how NOT to manage a crisis. From this event a lot of Business Continuity lessons can be learn, depending on the different points of view analyzing the situation:

• From the perspective of the company that organize the cruise, Costa Cruceros, in this case, but all companies in the industry can be affected, as we can read in the following  post of the hosteltur community.
• From the point of view of the ship, it could be extracted lessons from both, the preventive measures and the crisis management procedures.

Company organizing the cruiseFor companies that organize cruises, they have to face to a branch damage that can harm directly to cruises business. The insecurity feeling due to this disaster can redound in a significant decrease in the number of customers that can buy a cruise this year.

• Can this scenario be considered as a BC scenario for this companies?
• It will depend on the decrease of the number of travelers, although it seems to be a simple falling in selling that can be softened by mechanisms of marketing ad advertising focused on rebuild trust.
• Has been the response of Costa Cruceros right?
• Crisis response activities has a mayor dependence from the crew than from the cruise company, whose mission is to coordinate activities and grant communications. In this way, Costa Cruceros established in both the web and in the twitter profile, a channel for continuous information. Apart from that, they offered a news conference on 16th of January.

The Ship - Costa Concordia
From the liner point of view, the situation is a little bit more complicated. At risk of judging without having all the information, taking into account only the information published until now, it seems that there were a series of unexpected events and a set of human errors that led to, being benevolent, a deficient crisis management.

• Has crisis management procedures failed?
• Unknowing this procedures, it would probably were precise and met with international standards, as Costa Cruceros argue.There are a organism, the International Maritime Organization (IMO) that is in charge of maintain up to date the International Convention for the Safety of Life at Sea, on which depend this procedures and ship evacuation.
• If this procedures are well defined, whats has been the problem?
• Company has also declared that crew have received training to grant that they have all knowledge about the emergency procedures, even passengers, as the legislation define, although everybody knows that simulations usually has nothing to do with a real incident. It seems that some errors has occurred because a lack of coordination.
• So, who is responsible for this situation?
• All indications are that the mail responsible is the coordinator of emergency procedures, captain Francesco Schettino, although this has to be said by a judge. This fact calls into the question that if the different maritime accreditations procedures are well defined and accomplished.

Lessons Learned

Apart for the legal facts about compensations, assurance and so on, the consequences that a shipwreck like this will give, from a BC point of view this is the right moment to be extracted, as has Koji Sekimizu (IMO Secretary-General) has said.

I extract the following conclusions:
In both, aircraft and liner events as this, coordination and following procedures errors are continuous. The fact that passengers are not always the same could be a factor to be taken into account and that drills were not be very useful. It seems to be required to adapt the international procedures in order to be more operative. Those scenarios in which there are a high dependence on a unique person would need to have a more rigorous and  periodic control of this people, especially when there are human lives depending on it. Communications are essential if you want to maintain the brand of a company in a crisis. In this case Costa Cruceros has used media in a proper way.