1 / 28

What to do “After” your IT guy gets hit by a truck! April 1, 2005

What to do “After” your IT guy gets hit by a truck! April 1, 2005. Step 1 - Send flowers Step 2 - Invoke the detailed plan that you already had in place to ensure continuance after just such an occurrence Step 3 - Business as usual.

breanna
Download Presentation

What to do “After” your IT guy gets hit by a truck! April 1, 2005

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What to do “After” your IT guy gets hit by a truck! April 1, 2005

  2. Step 1 - Send flowers Step 2 - Invoke the detailed plan that you already had in place to ensure continuance after just such an occurrence Step 3 - Business as usual 2

  3. Or….., if you DIDN’Thave a Disaster Recovery plan in place… Start the arduous task of putting a puzzle back together with many of the pieces missing …and accept the fact that you’re going to lose time, money, reputation and clients. 3

  4. Agenda for today… • FACTS about lack of Disaster Recovery Planning • Understanding theimpact to your business • TYPES of Disaster • STEPS to protect our business • Questions 4

  5. After the incident of the World Trade Center, 40% of the companies without disaster recovery capability were out of business within 6 weeks [Forbes Magazine] In fact, 40% of enterprises that experience any disaster go out of business within five years. [Gartner] Enterprises can improve those odds – but only if they take the necessary measures before and after the disaster. FACTS about lack of DR Planning: 5

  6. FACTS about lack of DR Planning: • File corruption and data loss are becoming much more common • It costs the average company between $100,000 and $1,000,000per year for desktop oriented disasters (both hard and soft costs) 7th Annual ICSA Lab's Virus Prevalence Survey, March 2002 6

  7. Disaster recovery is a series of actions to be taken in the event of major unplanned outages to minimize their adverse effects. Power failure Underground cable cuts or failures Fire, flood, earthquake, and other natural disasters Mistakes in system administration Sabotage (intentional, virus, hacking, internal/external) Loss of employee What is Disaster Recovery?

  8. We typically think of: How to backup and restore data to computer systems How to restore network connections How to replace computers and where to put them Where employees can work if the building is damaged When talking about Disaster Recovery… 8

  9. Disaster Recovery Planning • A plan to restore all of these components must be in place. • The system must be able to put them back together if your business is to survive a disaster. • The efficiency with which this is done may make the difference in surviving or not! 9

  10. Potential pitfall - Disaster Recovery focusing only on the technical components. Consider the impact of the following: Lost productivity and idle employees Missed service level agreements Diminished reputation for customer service Increased technical support costs for onsite repair Loss of customer confidence Legal liabilities Regulatory fines Downward stock prices … and more Do you know your COST for downtime? 10

  11. Business Continuance Planning • Instead of Computer Disaster Recovery, think in terms of Business Continuance Planning! • BCP is more comprehensive. It addresses: • Risk of lost revenue and productivity • Plan of action for continuing the business, NOT computers 11

  12. Business Continuance Planning Example of items that typical planning might leave out: • Business processes and procedures • Roles and responsibilities • What happens at the absence of key individuals • Sources and consumers of data • Recovery time-frame requirements • Order of recovery • Documented procedures • Reconstitution 12

  13. Business Processes and Procedures Business Processes and Procedures are: • Rarely documented • Typically defined only in the combined knowledge of key employees (This is true of the “big picture” as well as for the details of each departmental process) • One of the most difficult things to put back the if key employees are not available

  14. Business Roles and Responsibilities Critical time is lost without pre-defined roles and responsibilities for: • Making the decision to invoke the plan • The second in charge • Being responsible for each element of the plan • Exception handling • Decisions of priorities • Signature authority 14

  15. Business Key Individuals Absence of key individuals • A more difficult thing to consider • Mental notes • Revenge (sabotage or withholding of information) 15

  16. Business Data Flow Sources and Consumers of Information • Detailed data flow • Detailed process flow • Updated documentation 16

  17. Business Recovery Time Frames Recovery Time-frames and Order • Set expectations up-front • Help to design budgets • Assign priorities for recovery 17

  18. Business Documentation Documentation • Create documentation so that a contractor can restart your business • Create policies and procedures for updating 18

  19. Business Reconstitution Reconstitution • When is disaster over? • How to go back to business as usual? • What steps need to be taken? 19

  20. Business Continuance Planning • We’ve talked about things that are commonly left out... • Now the things that typical planning “almost always” leaves out • Mental notes • Periodic testing • Updating procedures and plan content • Moving DR Planning to the DR Site • Details, Details, Details! 20

  21. Business Mental Notes Mental Notes “Steve knows how to do that”But what if Steve isn’t here? • Most common obstruction • Can involve relationships, passwords, technical understanding, history, contractual obligations… • Documentation will never be perfect 21

  22. Business Testing and Documentation Testing and Updating • 32% of all data lost is due to human error • We’re all busy, so why take the time to work on something that we can put off and we probably won’t use anyway? • “I’ll have time to do it tomorrow” • “It’s someone else’s responsibility” • We’ve seen too many people that have lost data that they “wish they would have taken the time” to safeguard! 22

  23. Business Continuance Moving Planning to the DR Site • The same disciplines must be put into practice at the DR site. 23

  24. A method is needed that will: Bring knowledge together Document it Enable processes to be reconstructed (possibly without the help of key employees) Enforce periodic testing and updating of the plan Business Continuance Planning 24

  25. Business Continuance Planning Summary Continuance Planning defines and documents • Departmental processes • Sources of data • Consumers of data • Relationships • Cost ramifications • Budget justifications • Recovery criteria • Solution design • Documentation • Assistance with testing and updating

  26. Business Continuance Planning Summary Planning is approached in phases • Process Analysis • Data flows • Risk Analysis • Costs/Effects • Disaster Recovery Planning • Traditional technical component • Implementation and Testing • Annual or after significant changes 26

  27. Business Continuance Planning Summary Continuance Planning can be implemented: • Departmentally • In phases • As a single phase • To practical extents 27

  28. Thank You! Questions? Rob Didlake 913-780-2525 rob@dataedge.net Mary Linse 913-971-6863 mlinse@olatheks.org

More Related