Monday, October 30, 2017

What are the best suited technologies for disaster recovery security?

Technology for disaster recovery security will certainly vary from business to business and rely upon your network, layout, applications and your information system's intricacy. As we grow and new technologies emerge, our information systems have become more complex, and complexity is the key enemy of security. There are technologies away there to help make simpler things like virtualization. Various other technologies might work better for a lot of people like basic data backups or expensive continuous data protection (CDP). For some people, the technology that might work best for DR security is going to be your resilient network edge and server environments that contain an excellent failover or some sort of continuity built in. You may even rely on identity and access management technologies to manage users when something goes wrong. And even a few of the cloud-based services out there will give you something to show up back on. In this case, at least you incorporate some of your data elsewhere.


The sort of DR security technology you got it for you is based on need and risk, so you have to step back and decide what's best for the business, and that is heading to involve getting the right people in on the discussion, looking at your environment and discovering what the real hazards are.

Monday, April 3, 2017

Business Planning on Disaster Recovery

In relation to business, there's no point in having an idea A unless you then have a plan B. While plan A might be the route to profits, plan B is definitely the technique of surviving, whatever challenges you surface against.

Watch is in danger of potential natural or man-made disasters. Despite our wishful thinking, sometimes the dreaded ‘imagine' scenarios come harsh reality. Basically, we all hope to get the best, it's vital to prepare for the worst. And then there are minor interruptions which, with adequate forethought, is usually circumnavigated completely.

So, what's your plan to recover from disaster and find back on track to organize A? And, what's your policy for continuing running your company during lesser disturbances? These include your disaster recovery and business continuity plans respectively.
To clarify further, disaster recovery and business continuity plans are crucial constituents of any organization, not simply technology companies. Every one of us trusts in technology into a greater or lesser extent. Power, phones, and the internet have become a day-to-day given.

Really clean greater than this to consider. Your workforce, for example. A norovirus could mean your company can't operate effectively for several days. Without an idea, then, you're vulnerable and can easily be caught unawares, whatever your company type.

That carries a lot hinging on these two plans, it is necessary to make it right. To aid you in this gargantuan task, here are our 10 top tips.

1. Outline what's vital and also hardwearing on business running


The first thing should be to detail the things you just couldn't operate without. To put it differently, if any one of these is missing caused by circumstances beyond your control, you then have a potential grind-to-a-halt situation for your hands. Remember it is all about the basic elements: premises, power, internet, hardware, software, water, people etc.

2. Create an index of disaster types


This might sound pessimistic and defeatist, especially if you think the rarity of most disaster situations, but catering for a multitude of catastrophic eventualities is a really positive exercise. For you're in a better position to cope with a true disaster.

Looking for your essentials list, think about the reasons your critical systems and functions might stop working. Phones: could there be described as a line fault within the exchange? People: could several your staff are struck down by the herpes simplex virus or would you have obtained resignations from key members? PCs and laptops: would you be facing the likes of a ransomware attack rendering your hardware useless? And the like and thus forth.

Make a list and rank these disasters based on their likelihood and degree of impact to your business.


3. Define your plan B


Taking things a pace further, put pen to paper and know very well what your plan B might look like. For example, if you operate an in-house server which hosts your applications and stores your data, accomplishes this has got a RAID configuration of data? Do you have a UPS?

Despite the presence of seemingly fool-proof cloud systems, will still be important to establish whether you've got both main and emergency power supplies for one's computer to access the cloud environment. Backup generators etc will often feature here.

Similarly, if your phones are disconnected, have an arrangement in place to divert landline numbers straight by means of corresponding mobiles, or even a second office? Do you have a pay-as-you-go spare mobile inside the cupboard? This allows those contacting one to still touch base, although not straightaway with the intended individual.

Also, if you rely on online banking for accounting purposes, and also you lose your internet connection, what is the telephone banking option? Where's the cell number stored?

The scenarios continue; the idea is, aim to conjure the many possibilities and put into place an idea B alternative. This might necessitate involvement out of your core suppliers.


4. Set your recovery objectives


The length of time, realistically, can you manage in plan B? It becomes an oft-quoted metric called your recovery time objective. Your figure depends upon real calculations, as an illustration, what amount diesel will there be inside a tank to run the generator if there's an electrical cut? The length of time can you cope even without departing staff before carried out replaced? If the bank account's inaccessible via internet banking and you are unable to keep tabs on your financial plans, when would you like to exhaust cash?

The real difference here is usually everything from sixty minutes to a few days. Knowing the way in which long you may last in plan B will let you prioritize the importance of putting new systems in place to preserve plan A or continue in a robust plan B mode.


5. Assign roles and responsibilities


Should disaster strike, which of one's key personnel will initiate the program task-by-task and who will need their place should they not be around at the time?

Similar in a lot of approaches to a military operation, your plan requires each participant to understand their job, who they need to communicate with and the appropriate chain of command.

Calm, confident, quick-thinking individuals are best placed to deal with the ensuing chaos. This would largely consist of one's senior managers and compliance officers.


6. Include a directory of emergency contacts


Write a set of contact names and telephone numbers to be accessed instantly. Wasting time searching for this basic information during the catastrophe itself causes unnecessary delay and stress.

It is additionally vital to cover organisations such as your bank's fraud report line, police national fraud and cybercrime centre, Solicitors Regulation Authority (and other regulators), professional indemnity insurer, localised emergency services, utility providers, IT suppliers, building management team (if you rent office space), regional and legal press, and your PR agency, should you choose to issue a statement.

 

7. Outline your preventative measures and phases of recovery


Prevention is always a lot better than cure. Your business continuity plan should cover a range of preventative and detective measures, from SSL encryption and anti-virus software to CCTV surveillance and fire alarms.

In your disaster recovery plan, map out the various contingency phases – response, resumption, recovery, and restoration. This is a coordinated effort between all parties involved that may ultimately put down how exactly you'll resume mission-critical operations in as short a time period as possible.

8. Test the plans


The only way to genuinely know if your plans are fit for purpose is to test them in as close to realistic conditions as possible. Regularly! An under-tested plan can, in fact, be more of a hindrance than no plan at all. Rigorous testing enables you to want to stand up to the absolute most disruptive events.

Obviously, it's a major operational undertaking each time you execute a test, but the up-side is that your employees are thoroughly trained on the function in executing the plan. Afterwards, you can address any shortcomings or failures.

The important points concerning tests must be well documented. You will need to record the dates, scenarios, and outcomes. This will allow you to analyze properly and modify your plan accordingly.


9. Keep your plans up-to-date


They're living and breathing documents, to ensure they're current. Maintain and update them every time an element within your working environment or infrastructure changes and people who have assigned responsibilities leave or join your business.


10. Hire an outsourcing service and managed services provider


Large organizations with big teams of in-house IT expertise can leverage their own technical professionals to facilitate effective planning. Those operating on an inferior scale simply don't have exactly the same luxury and it can be cost-prohibitive to implement an effective plan because they lack the internal technical resources to accomplish this.

In exactly the same vein, bigger companies recruit teams of individuals nicely formed into departments ready-and-willing to cover for others'work when the going gets tough. Conversely, SMEs often employ individuals performing core functions single-handedly. In the lack of that specific individual, the task simply doesn't get done.


The answer is to instruct a third-party managed services provider whereby you automatically inherit your provider's business continuity and disaster recovery plans.

Monday, March 13, 2017

Disaster Management Cycle

Disaster is a sudden adverse or unfortunate extreme event which causes great damage to human beings as well as plants and animals. Disasters occur rapidly, instantaneously and indiscriminately. These extreme events either natural or man-induced exceed the tolerable magnitude within or beyond certain time limits, make adjustment difficult, result in catastrophic losses of property and income and life is paralyzed. These events which occur aggravate natural environmental processes to cause disasters to human society such as sudden tectonic movements leading to earthquake and volcanic eruptions, continued dry conditions leading to prolonged droughts, floods, atmospheric disturbances, collision of celestial bodies, etc. (Joshi, 2008). 

Disasters have always co-existed with civilizations. With technological advancement, development initiatives resulted in the creation of a lot of infrastructure and permanent assets. Gradually material development detached man from nature on one hand, and increased vulnerability of the human population, on the other. The progressive increase in loss of life, property and deleterious effect on environment due to disasters moved the international community to look at disaster management in a new perspective, which transcends international barriers, anticipates possible threats and enables tackling of disasters from the pre-stage. The last decade (990-1999) was observed by the International Community as the “International Decade for natural disaster reduction“, a decade dedicated to promoting solutions to reduce risks from natural hazards.

 The international dimension of disasters was realized and a protocol sought to be established so that when it comes to suffering of humanity, help from the International community flow in right earnest. Almost everyday, newspapers, radio and television channels carry reports on disaster striking several parts of the world. But what is a disaster? The term disaster owes its origin to the French word “Desastre” which is a combination of two words ‘des’ meaning bad and ‘aster’ meaning star. Thus the term refers to ‘Bad or Evil star’. The United Nations defined Disasters as ‘A serious disruption of the functioning of a community or a society causing widespread human, material, economic and environmental losses which exceed the ability of the affected community/society to cope using its own resources’ (UNDP, nd). 

A disaster is a result from the combination of hazard, vulnerability and insufficient capacity or measures to reduce the potential chances of risk. A disaster happens when a hazard impacts on the vulnerable population and causes damage, casualties and disruption. Figure 1 gives a better illustration of what a disaster is. Figure 1. What is a disaster? Any hazard – flood, earthquake or cyclone which is a triggering event along with greater vulnerability (inadequate access to resources, sick and old people, lack of awareness etc) would lead to disaster causing greater loss to life and property. For example; an earthquake in an uninhabited desert cannot be considered a disaster, no matter how strong the intensities produced. An earthquake is disastrous only when it affects people, their properties and activities.

 Thus, disaster occurs only when hazards and vulnerability meet. But it is also to be noted that with greater capacity of the individual/community and environment to face these disasters, the impact of a hazard reduces. Therefore, we need to understand the three major components namely hazard, vulnerability and capacity with suitable examples to have a basic understanding of disaster management. Vulnerability Hazard Disaster Underlying Dynamic Unsafe Causes Pressure Conditions Limited access Lack of: Dangerous to resources Institutions location Illness and Education Dangerous Disabilities Training buildings Age/Sex Skills Low Income level Poverty Population Others explosion Urbanization Uncontrolled development Environmental degradation Trigger Events Earthquake Tsunamis Floods Cyclones Volcanic eruptions Drought Landslide War Technological accident Environmental pollution 45 Main components of disaster management What is a Hazard? Hazard may be defined as “a dangerous condition or event, that threat or have the potential for causing injury to life or damage to property or the environment.” Hazards can be grouped into two broad categories namely natural and manmade.

 Natural hazards are hazards which are caused because of natural phenomena (hazards with meteorological, geological or even biological origin). Examples of natural hazards are cyclones, tsunamis, earthquake and volcanic eruptions which are exclusively of natural origin. Landslides, floods, drought, fires are socio-natural hazards since their causes are both natural and man made. For example flooding may be caused because of heavy rains, landslide or blocking of drains with human waste. Manmade hazards are hazards which are due to human negligence. Manmade hazards are associated with industries or energy generation facilities and include explosions, leakage of toxic waste, pollution, dam failure, wars or civil strife, etc. 

The list of hazards is very long. Many occur frequently while others take place occasionally. However, on the basis of their genesis, they can be categorized as follows: Table 1 Various Types of Hazards Type Hazards Geological Hazards 1. Earthquake 2. Tsunami 3. Volcanic eruption 4. Landslide 5. Dam burst 6. Mine Fire Water & Climatic Hazards 1. Tropical Cyclone 2. Tornado and Hurricane 3. Floods 4. Drought 5. Hailstorm 6. Cloudburst 7. Landslide 8. Heat & Cold wave 9. Snow Avalanche 10.Sea erosion Environmental Hazards Biological 1. Environmental pollutions 2. Deforestation 1. Human / Animal Epidemics 2. Pest attacks 3. Desertification 4. Pest Infection 3. Food poisoning 4. Weapons of Mass Destruction Chemical, Industrial and Nuclear Accidents 1. Chemical disasters 2. Industrial disasters 3. Oil spills/Fires 4. Nuclear Accident related 1. Boat / Road / Train accidents / air crash Rural / Urban fires Bomb /serial bomb disasters blasts 2. Forest fires 3. Building collapse 4. Electric Accidents 5. Festival related 6. Mine flooding Source: CBSE (2006) What is Vulnerability? Vulnerability may be defined as “The extent to which a community, structure, services or geographic area is likely to be damaged or disrupted by the impact of particular hazard, on account of their nature, construction and proximity to hazardous terrains or a disaster prone area.” Vulnerabilities can be categorized into physical and socio-economic vulnerability. Physical Vulnerability: It 46 includes notions of whom and what may be damaged or destroyed by natural hazard such as earthquakes or floods. It is based on the physical condition of people and elements at risk, such as buildings, infrastructure etc; and their proximity, location and nature of the hazard. It also relates to the technical capability of building and structures to resist the forces acting upon them during a hazard event. Socio-economic Vulnerability The degree to which a population is affected by a hazard will not merely lie in the physical components of vulnerability but also on the socioeconomic conditions. 

The socioeconomic conditions of the people also determine the intensity of the impact. For example, people who are poor and living in the sea coast don’t have the money to construct strong concrete houses. They are generally at risk and loose their shelters when ever there is strong wind or cyclone. Because of their poverty they too are not able to rebuild their houses. What is Capacity? Capacity can be defined as “resources, means and strengths which exist in households and communities and which enable them to cope with, withstand, prepare for, prevent, mitigate or quickly recover from a disaster”. People’s capacity can also be taken into account. Capacities could be classified into physical and socio-economic capacities. Physical Capacity: People whose houses have been destroyed by the cyclone or crops have been destroyed by the flood can salvage things from their homes and from their farms. Some family members have skills, which enable them to find employment if they migrate, either temporarily or permanently. Socio-economic Capacity: In most of the disasters, people suffer their greatest losses in the physical and material realm. Rich people have the capacity to recover soon because of their wealth. In fact, they are seldom hit by disasters because they live in safe areas and their houses are built with stronger materials. 

However, even when everything is destroyed they have the capacity to cope up with it. Hazards are always prevalent, but the hazard becomes a disaster only when the frequency or likelihood of a hazard and the vulnerability of the community increases the risk of being severely affected. What is Risk? Risk is a “measure of the expected losses due to a hazard event occurring in a given area over a specific time period. Risk is a function of the probability of particular hazardous event and the losses it would cause.” The level of risk depends upon: • Nature of the hazard; • Vulnerability of the elements which are affected; • Economic value of those elements. A community/locality is said to be at ‘risk’ when it is exposed to hazards and is likely to be adversely affected by its impact. Whenever we discuss ‘disaster management’ it is basically ‘disaster risk management’.

 Disaster risk management includes all measures which reduce disaster related losses of life, property or assets by either reducing the hazard or vulnerability of the elements at risk. Disaster Management Cycle Disaster Risk Management includes sum total of all activities, programmes and measures which can be taken up before, during and after a disaster with the purpose to avoid a disaster, reduce its impact or recover from its losses. The three key stages of activities that are taken up within disaster risk management are as follows (See Figure 2): Figure 2. Disaster Management 1. Before a disaster (pre-disaster). Pre-disaster activities those which are taken to reduce human and property losses caused by a potential hazard. For example, carrying out awareness campaigns, strengthening the existing weak structures, preparation of the disaster management plans at household and community level, etc. Such risk reduction measures taken under this stage are termed as mitigation and preparedness activities. 2. During a disaster (disaster occurrence). These include initiatives taken to ensure that the needs and provisions of victims are met and suffering is minimized. Activities taken under this stage are called emergency response activities. 3. After a disaster (post-disaster). There are initiatives taken in response to a disaster with a purpose to achieve early recovery and rehabilitation of affected communities, immediately after a disaster strikes. These are called as response and recovery activities. The Disaster risk management cycle diagram (DRMC) highlights the range of initiatives which normally occur during both the Emergency response and Recovery stages of a disaster. Some of these cut across both stages (such things as coordination and the provision of ongoing assistance); whilst other activities are unique to each stage (e.g. Early Warning and Evacuation during Emergency Response; and Reconstruction and Economic and 48 Social Recovery as part of Recovery). 

The DRMC also highlights the role of the media, where there is a strong relationship between this and funding opportunities. This diagram works best for relatively sudden-onset disasters, such as floods, earthquakes, bushfires, tsunamis, cyclones etc, but is less reflective of slow-onset disasters, such as drought, where there is no obviously recognizable single event which triggers the movement into the Emergency Response stage. According to Warfield (2008) disaster management aims to reduce, or avoid the potential losses from hazards, assure prompt and appropriate assistance to victims of disaster, and achieve rapid and effective recovery. The disaster management cycle illustrates the ongoing process by which governments, businesses, and civil society plan for and reduce the impact of disasters, react during and immediately following a disaster, and take steps to recover after a disaster has occurred. Appropriate actions at all points in the cycle lead to greater preparedness, better warnings, reduced vulnerability or the prevention of disasters during the next iteration of the cycle. 

The complete disaster management cycle includes the shaping of public policies and plans that either modify the causes of disasters or mitigate their effects on people, property, and infrastructure. The mitigation and preparedness phases occur as disaster management improvements are made in anticipation of a disaster event. Developmental considerations play a key role in contributing to the mitigation and preparation of a community to effectively confront a disaster. As a disaster occurs, disaster management actors, in particular humanitarian organizations become involved in the immediate response and long-term recovery phases. The four disaster management phases illustrated here do not always, or even generally, occur in isolation or in this precise order. Often phases of the cycle overlap and the length of each phase greatly depends on the severity of the disaster. • Mitigation - Minimizing the effects of disaster. Examples: building codes and zoning; vulnerability analyses; public education. • Preparedness - Planning how to respond. Examples: preparedness plans; emergency exercises/training; warning systems. • Response - Efforts to minimize the hazards created by a disaster. Examples: search and rescue; emergency relief. • Recovery - Returning the community to normal. Examples: temporary housing; grants; medical care. To analyze the scope of disaster management in the revised context, it should be studied the cycle of the phenomenon .


Disasters are as old as human history but the dramatic increase and the damage caused by them in the recent past have become a cause of national and international concern. Over the past decade, the number of natural and manmade disasters has climbed inexorably. From 1994 to 1998, reported disasters average was 428 per year but from 1999 to 2003, this figure went up to an average of 707 disaster events per year. Figure 4 presents the deadliest disasters of the decade (1992 – 2001). 49 Figure 3. Disaster Management Cycle . Drought and famine have proved to be the deadliest disasters globally (45%), followed by floods (16%), technological disaster (14%), earthquake (12%), windstorm (10%), extreme temperature and others (3%). Global economic loss related to disaster events average around US $880 billion per year (CBSE, 2006). 45% 16% 14% 12% 10% 3% DroughtFamine Floods Technological Earthquake Windstorm Miscellaneous R I S K M A N A G E M E N T Figure 4. Reported Deaths from all Disasters: World Scenario (1992-2001) 50 Conclusions There has been a dramatic increase in disasters and the damages caused by them in the recent past. Over the past decade, the number of natural and manmade disasters has climbed inexorably.


 Accordingly to the statistics, the number of disasters per year increased with 60% in the period 1999- 2001 in comparison with the previous period, 1994 -1998. The highest increase was in the countries of low human development, which registered an increase of 142%. In these countries, the responsible institutions should play an important role but, in general, the disaster management policy responses are influenced by methods and tools for cost-effective and sustainable interventions. There are no long-term, inclusive and coherent institutional arrangements to address disaster issues with a longterm vision. Disasters are viewed in isolation from the processes of mainstream development and poverty alleviation planning. For example, disaster management, development planning and environmental management institutions operate in isolation and integrated planning between these sectors is almost lacking. Absence of a central authority for integrated disaster management and lack of coordination within and between disaster related organizations is responsible for effective and efficient disaster management. State-level disaster preparedness and mitigation measures are heavily tilted towards structural aspects and undermine nonstructural elements such as the knowledge and capacities of local people, and the related livelihood protection issues. In conclusion, with a greater capacity of the individual/community and environment to face the disasters, the impact of a hazard would be reduced