What Is a Comprehensive Disaster Recovery Plan Checklist?

With more unpredictable and extreme weather events as a direct result of climate change; the need for a comprehensive disaster recovery plan (DRP) cannot be overstated. Be it earthquakes, flash floods, tornado outbreaks, hurricanes, arctic blasts, severe droughts, or widespread wildfires; they can all lead to days-long power blackouts, blocks in the supply chain, significant infrastructure repairs, and months-long insurance battles.

Specially created to minimize damages in case of such unpredictable scenarios, disaster recovery plans will help ensure the long-term operability of a business. Such disasters are not a common occurrence, but when they do happen, corporations, big and small, can and will fall by the wayside. One in four companies struck by a natural disaster will never reopen its doors - and the main reason being that they don't have a comprehensive DRP put in place.

And like a seasoned wilderness trekker who's always prepared for things to turn south at a moment's notice, so should you have a contingency plan put in place for the unexpected. Below is a comprehensive checklist of a disaster recovery plan.

Risk Assessment

The first step is to assess and identify and assess all possible threats as well as their likelihood of impacting your business. You can do this by using a risk matrix. It allows you to classify your risk factors and establish priorities. Once you've analyzed the potential risks, it's time to create a business impact analysis (BIA). It helps you predict the consequences of disruption and gathers data needed to develop various recovery strategies.

Inventory

Your DRP should include a complete list of all hardware, software, IT infrastructure, and all other assets. Your disaster recovery plan needs to identify how you will reproduce your inventory after a disaster, as well as ensure a smaller list of mission-critical equipment. Every piece of hardware and software needs to have the vendor's technical support contact information so that you can get back up running quickly.

Assign Responsibilities

In case of emergencies, decisions need to be made on the spot, so your DRP needs to spell out who is in charge of what as well as how they should approach the issues. So, you will need to know who will manage the relocation, who will monitor sales and cash flow, who is in charge of secure systems and grants authorization to others, etc. You need to identify all the tasks in every department that will restore your operations as soon as possible and assign someone to them.

Data Recovery

Data is generally a company's most valuable asset. That said, it's also the most vulnerable to disasters and is a major component that will affect an organization's downtime. It's for this reason why you need to have a reliable data backup solution that will safeguard that information in the event of a disaster.

The Backup Office

Having a backup brick and mortar office available on-hand is not always an option and, in some cases, it's unnecessary. Nevertheless, you need to analyze what options are available to you if your office will not be usable. In some cases, employees could work remotely, or you could make use of a virtual office. But if these are not viable options for you, like for instance, if you have a medical practice, you need to have an up-to-date checklist of available real estate that you can relocate to immediately.

Communications

In the event of a natural disaster, common communication methods such as phones, emails, etc., may be unavailable. You need to figure out how your staff members can communicate with each other in this scenario, as well as to know who is in charge of what responsibilities.

Testing and Improving 

Having a disaster recovery plan is one thing, but making sure that it works as it should, is another. It is why you should regularly test it out and improve on the parts that don't work as they should.

If you are unsure where to begin with your DPR, Managed Solution is here to help. You can call us today 800-208-3617 to talk through your current plan, or you can fill out our FREE, no-obligation assessment of your current backup solution.

backup-and-disaster-relief-faq

Why is the Business Continuity Plan So Important?

No company owner is looking forward to a business disaster, but these do happen now and again. What's more, they come in various shapes and sizes, and it's not always easy to anticipate them. For this reason alone is why company owners need to be prepared and take the necessary steps so they can give themselves the chance to rebound as fast as possible.

However, companies need to have a business continuity plan. Statistics indicate that over 25% of businesses that are forced to close down because of a disaster, never reopen. Given this number, one would be forgiven for thinking that most companies would have a plan B put in place.

But the sad reality of the matter is that the majority don't.

The most common excuse given is that people don't think that a big enough disaster would ever happen to them so that they'll be forced to close down, in the first place.

Other excuses and misconceptions owners have about business continuity plans include things like the idea that such plans waste too much time and money to formulate. Others believe that their business has no inherent risks, their company is too small to need a plan, or that they can deal with the problem when it happens. There are also some that think a data backup is the same as a business continuity plan, or that their Internet technology could withstand anything that can be thrown at it.

What Is the Purpose of a Business Continuity Plan?

Such a plan will outline all the necessary steps a company needs to take to operate in the event of a disaster, security breach, an abrupt change in the market, or any other such scenarios that will disrupt the day-to-day processes.

When a comprehensive plan is in place, business leaders will have the opportunity to review any weaknesses or potential threats that their organization is facing. As a consequence, even the process of creating such a plan has its benefits as it can highlight any current risks which you can fix before they turn into a crisis.

Putting together a business continuity plan often involves the assessment of staff and leadership members, available resources, as well as the strategies that the company employs. These, in turn, will help you in dealing with issues such as employee development, labor disputes, patent lawsuits, real estate selection, distribution bottlenecks, or intellectual property security, among others.

What Most Successful Business Continuity Plans Contain?

The more comprehensive plans go beyond disaster recovery and also focus on any risks that may emerge from within the organization, itself. So, for instance, if a company decides to use cloud computing as a means of safeguarding their data from natural disasters, they should also consider what to do if someone from the inside, say, a disgruntled employee, would leak sensitive information. It is a particularly important aspect, especially for those in healthcare or financial industries where data privacy is of the utmost importance.

Successful continuity plans regularly make use of outsourced services regarding technology, space, and workforce in the event of a natural disaster or internal process failure. Outside experts can be a great and cost-effective resource in a crisis by ensuring continuity based on sound strategy.

To that end, Managed Solution is at your service by helping you assess your current situation and help safeguard your business in the future.

backup-and-disaster-relief-faq

Hacking Vulnerability in All WiFi Networks

[vc_row][vc_column][vc_column_text]The security protocol that isvused to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.

Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.

“Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,” Vanhoef’s report said. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.

Vanhoef emphasised that the attack works against all modern protected wifi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”

The vulnerability affects a number of operating systems and devices, the report said, including Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys and others.

“If your device supports wifi, it is most likely affected,” Vanhoef wrote. “In general, any data or information that the victim transmits can be decrypted … Additionally, depending on the device being used and the network setup, it is also possible to decrypt data sent towards the victim (e.g. the content of a website).”

Vanhoef gave the weakness the codename Krack, short for Key Reinstallation AttaCK.

Britain’s National Cyber Security Centre said in a statement it was examining the vulnerability. “Research has been published today into potential global weaknesses to wifi systems. The attacker would have to be physically close to the target and the potential weaknesses would not compromise connections to secure websites, such as banking services or online shopping.

“We are examining the research and will be providing guidance if required. Internet security is a key NCSC priority and we continuously update our advice on issues such as wifi safety, device management and browser security.”

The United States Computer Emergency Readiness Team (Cert) issued a warning on Sunday in response to the vulnerability.

“The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection and others,” the alert says, detailing a number of potential attacks. It adds that, since the vulnerability is in the protocol itself, rather than any specific device or software, “most or all correct implementations of the standard will be affected”.

The development is significant because the compromised security protocol is the most secure in general use to encrypt wifi connections. Older security standards have been broken in the past, but on those occasions a successor was available and in widespread use.

Crucially, the attack is unlikely to affect the security of information sent over the network that is protected in addition to the standard WPA2 encryption. This means connections to secure websites are still safe, as are other encrypted connections such as virtual private networks (VPN) and SSH communications.

However, insecure connections to websites – those which do not display a padlock icon in the address bar, indicating their support for HTTPS – should be considered public, and viewable to any other user on the network, until the vulnerability is fixed.

Equally, home internet connections will remain difficult to fully secure for quite some time. Many wireless routers are infrequently if ever updated, meaning that they will continue to communicate in an insecure manner. However, Vanhoef says, if the fix is installed on a phone or computer, that device will still be able to communicate with an insecure router. That means even users with an unpatched router should still fix as many devices as they can, to ensure security on other networks.

Alex Hudson, the chief technical officer of subscription service Iron, said that it is important to “keep calm”.

“There is a limited amount of physical security already on offer by wifi: an attack needs to be in proximity,” Hudson wrote. “So, you’re not suddenly vulnerable to everyone on the internet. It’s very weak protection, but this is important when reviewing your threat level.

“Additionally, it’s likely that you don’t have too many protocols relying on WPA2 security. Every time you access an HTTPS site … your browser is negotiating a separate layer of encryption. Accessing secure websites over wifi is still totally safe. Hopefully – but there is no guarantee – you don’t have much information going over your network that requires the encryption WPA2 provides.”

There’s likely to be a delay before the vulnerability is used to actually attack networks in the wild, says Symantec researcher Candid Wuest. “It’s quite a complex attack to carry out in practice, but we’ve seen similar before, so we know it’s possible to automate.

“Small businesses and people at home should be concerned, but not too worried,” Wuest added, advising most users to simply apply the updates to their software as and when it becomes available.

The most important lesson from the weakness, he said, was that relying on any one security feature is risky. “You shouldn’t be trusting one single point of failure for all your security. Don’t rely on just your wifi, use a VPN or secure connection for anything important.”

Different devices and operating systems are impacted to differing degrees based on how they implement the WPA2 protocol. Among the worst hit are Android 6.0 (Marshmallow) and Linux, due to a further bug that results in the encryption key being rewritten to all-zeros; iOS and Windows, meanwhile, are among the most secure, since they don’t fully implement the WPA2 protocol. No tested device or piece of software was fully immune to the weakness, however.

The international Cert group, based at Carnegie Mellon University, informed technology companies of the flaw on 28 August, meaning that most have had around a month and a half to implement a fix. The Guardian has asked Apple, Google, Microsoft and Linksys the status of their patches. Google said: “We’re aware of the issue, and we will be patching any affected devices in the coming weeks.” Microsoft said: “We have released a security update to address this issue. Customers who apply the update, or have automatic updates enabled, will be protected.” No other vendor has replied at press time.[/vc_column_text][/vc_column][/vc_row]

When disaster strikes, the cloud and AI play a vital role in bringing aid to communities

[vc_row][vc_column][vc_column_text]

By Barry Briggs as written on blogs.microsoft.com
When a disaster occurs, you’ve entered a “new reality,” says Lewis Curtis, director of Microsoft Services Disaster Response. It won’t be enough to simply restore your systems and applications to where they were before – disasters change everything, irrevocably and permanently.
But new computing technologies like the cloud are making it possible to quickly respond to a disaster, coordinate the response by governments and aid organizations, provide analytics to better understand and track its impact, and manage the aftermath. All of the same technologies and innovations that enable businesses to quickly respond to new opportunities and changing market conditions make the cloud an essential part of any disaster response.

Using technology to ease suffering

Disasters often wipe out the very systems that are desperately needed to cope with them.
Michael G. Manning, president and CEO of the Greater Baton Rouge Food Bank in Louisiana, understands this well. In August 2016, Baton Rouge, the state’s capital, was inundated by record rains. Four feet of flood water destroyed not only a million pounds of food held in reserve, but all of the food bank’s computer systems, the very ones that tracked the food bank’s supplies and who received them, and that ensured that hungry people were getting the food they needed.
Quickly moving their office and warehouse management applications to the cloud guaranteed that those applications would always be available, and that the loss of their systems “would never happen again,” Manning says. With cloud-based applications, the food bank could “operate anywhere, at any time, in any future disaster.”
Only months before, a magnitude 7.8 earthquake ravaged western Ecuador, and the government needed a basic software application to register those affected by the quake, and to ensure that shelter, food and medical supplies reached the 2,300 families left homeless by the disaster.
Neighboring Colombia had such an application. But how to quickly move it to Ecuador and get it running? In fact, within a week it was redeployed –  to the Azure cloud. The Ecuadorian Red Cross also used the cloud to manage volunteers and blood bank data across the country.
In other cases, disasters bring new demands on applications –  in both scale and load – that were never anticipated.
On March 22, 2014, a hillside saturated by heavy rains collapsed on the small Northwest town of Oso, Washington, flattening homes and killing 43 people. In the aftermath, nearly 200 government and aid agencies, including the Red Cross, the Federal Emergency Management Agency, the Washington National Guard and the U.S. Navy’s search and rescue team, as well as thousands of representatives of the media, descended upon Oso.
The local government’s record-keeping and coordination systems were quickly overwhelmed so Microsoft Services Disaster Response, with help from the Azure product team, migrated Oso’s records to the cloud. With its nearly limitless capacity, the cloud made it possible for everyone who needed access to the records to retrieve – and search – them quickly and efficiently. Using Office 365 they also quickly deployed an Incident Command Collaboration System that enabled incident commanders and emergency liaisons from the various agencies to connect with one another.
A year later, a massive earthquake leveled some 600,000 buildings and killed thousands of people in Nepal, leaving the remote, mountainous country faced with the massive task of rebuilding. “Disaster relief is always overwhelming,” Dan Strode, project manager for the United Nations Development Program (UNDP), said at the time. “There’s too much to do, too many people that need help, and never enough time or resources.”
The daunting task of rebuilding began with mapping where the original structures had stood. In the past, such records were maintained on paper. However, in order to expedite reconstruction, the Microsoft Innovation Center in Nepal built a mobile phone application that used a device’s GPS to help workers record the outline of a damaged home and store it in the cloud before clearing the debris. And to help restart the economy, the app also managed daily cash payments to the workers. Cloud applications like Office 365 and the data visualization tool Power BI helped them to coordinate and track progress.

Using artificial intelligence and the cloud to provide early warning

We can use modern technologies to respond to disasters, but could we someday use them to predict, or even prevent, these natural catastrophes?
Perhaps! A statistical algorithm known as M8 attempts to predict larger earthquakes from the appearance of smaller ones. A number of efforts in different regions around the world are applying neural networks (an artificial intelligence approach that simulates the activity of the human brain) in attempts to predict the occurrence and the magnitude. (Here’s an example from India.)
In Texas, Project “SHEM” (streamflow hydrology estimate using machine learning) uses artificial intelligence to predict floods even when the physical gauges that measure water levels fail; a computer model is “trained” using historical data to look for patterns that signify the water is rising.
And the cloud may well give new hope to solving the age-old problem of predicting the weather. One prototype application (written, by the way, by your own intrepid author) uses several hundred processors in the cloud to load and analyze a century’s worth of weather data from reporting stations around the world. The hope is that the capacious data set can be analyzed to identify long-term trends and answer some of our most troubling “what ifs” about weather events.

Rely on the cloud for scale, resilience and rapid response

Aside from the wonderful humanitarian nature of these stories, what is it that is so compelling and relevant about using technology for disaster recovery?
What aid agencies and governments are finding so useful about the cloud, machine learning and other emerging technologies – resilience, time to market, scale, agility – are all qualities that are essential in today’s rapidly changing business world.
Need to get the word out? You might take a page from the government of Alberta, Canada. To keep its citizens informed during the great wildfires of 2016, the government partnered with Microsoft and geographical information systems (GIS) partner ESRI to create a cloud-based mapping application of the fires.
Need new capabilities but don’t want to add IT overhead? The same lessons learned by the governments in Baton Rouge and Nepal can be applied to public and private companies. A sudden imperative to scale? Use the cloud, as they did for the Oso landslide.
New technologies are often proven in the crucible of disasters, and they drive new innovations that promise to keep us safer, long after the crisis has ended.
A 40-year veteran of the software industry, Barry Briggs previously served as CTO for Microsoft’s own IT organization, where he helped lead the company’s transition to the cloud. The Microsoft Services Disaster Response team in the last few years has operated more than 154 missions in over 30 countries, at no cost to the agencies or communities who ask for help.

[/vc_column_text][/vc_column][/vc_row]

Enjoy the fireworks instead of putting out fires at work

Add volumes to Modern Backup Storage and configure Workload Aware Storage

Begin backing up by creating Protection Group with Modern Backup Storage

With these simple steps, you can efficiently store your backups using Modern Backup Storage technology.

To Learn More about Professional Services, contact us at 800-208-3617


[/vc_column_text][/vc_column][/vc_row]

Protect Windows Server System State to cloud with Azure Backup!

[vc_row][vc_column][vc_column_text]

Protect Windows Server System State to cloud with Azure Backup!

By Saurabh Sensharma as written on azure.microsoft.com
One of the key endeavors of the cloud-first approach of Azure Backup is to empower enterprises to recover from security attacks, corruptions, disasters, or data loss situations quickly, securely, and reliably.  Restoring servers efficiently in the wake of evolving IT threats involves going beyond recovering data alone from backups. Our customers have expressed varying degrees of complexity in how their operating systems and applications are configured. Restoring this dynamic configuration captured in the form of the Windows Server System State, in addition to data, with minimum infrastructure, forms a critical component of disaster recovery.
Today we are extending the data backup capabilities of the Azure Backup agent to enable customers to perform comprehensive, secure, and reliable Windows Server recoveries. We are excited to preview the support for backing up Windows Server System State directly to Azure with Azure Backup.
Azure Backup will now integrate with the Windows Server Backup feature that is available natively on every Windows Server and provide seamless and secure backups of your Windows Server System State directly to Azure without the need to provision any on-premises infrastructure.

System State Backup to Cloud final

Value proposition

Availability for Windows Server (Preview)

The support for backing up System State with Azure Backup agent is available in preview for all Windows Server versions from Windows Server 2016 all the way down to Windows Server 2008 R2!

Getting started

Follow the four simple steps below to start protecting your Windows Servers using Azure Backup!
  1. Create an Azure Recovery Services Vault.
  2. Download the latest version of the Azure Backup Agent from the Azure Portal.
  3. Install and Register the Agent.
  4. Start protecting Windows Server System State and other Files and Folders directly to Azure!

Network Assessment & Technology Roadmap


To Learn More about Professional Services, contact us at 800-208-3617

[/vc_column_text][/vc_column][/vc_row]

British Airways: Thousands disrupted as flights axed amid IT crash

[vc_row][vc_column][vc_column_text]

British Airways: Thousands disrupted as flights axed amid IT crash

As written on bbc.com
Serious problems with British Airways' IT systems have led to thousands of passengers having their plans disrupted, after all flights from Heathrow and Gatwick were cancelled.
Passengers described "chaotic" scenes at the airports, with some criticising BA for a lack of information.
The airline has apologised, and told passengers not to come to the airport.
BA chief executive Alex Cruz said: "We believe the root cause was a power supply issue."
In a video statement released via Twitter, he added: "I am really sorry we don't have better news as yet, but I can assure you our teams are working as hard as they can to resolve these issues."
Mr Cruz said there was no evidence the computer problems were the result of a cyber attack.
The airline hoped to be able to operate some long haul inbound flights on Saturday, landing in London on Sunday, Mr Cruz added.
The GMB union has suggested the failure could have been avoided, had the airline not outsourced its IT work.
BA denied the claim, saying: "We would never compromise the integrity and security of our IT systems".
All passengers affected by the failure - which coincides with the first weekend of the half-term holiday for many in the UK - will be offered the option of rescheduling or a refund.
The airline, which had previously said flights would be cancelled until 18:00 BST, has now cancelled all flights for Saturday and asked passengers not to come to Gatwick or Heathrow airports.
Other airlines flying in and out of the two airports are unaffected.
Architect and TV presenter George Clarke was stuck in Heathrow. He told the BBC it was one of the "most turbulent, badly organised days, that I've ever experienced in Britain".
"The lack of communication all day was woeful. There wasn't a single Tannoy announcement all day in the terminal, not a single member of staff came up to us," he said.
"The only time I found out my flight was cancelled was from the BBC News website."
Piles of checked luggage on the floor in the HeathrowImage copyright@ANNAONTHEWEB

Piles of checked luggage could be seen on the floor in the Heathrow

baggage handlers load luggage onto a plane
Some passengers have reported having to leave Heathrow without their luggage
The problems have affected BA call centres, the website and the mobile app.
Aviation expert Julian Bray said: "It's frozen the whole system so no British Airways plane can actually take off, they can't move the baggage, they can't issue passenger credentials, in fact they can't do anything at all.
"This is a very serious problem, they should have been able to switch to an alternative system - surely British Airways should be able to do this."
Malcolm Ginsberg, editor in chief at Business Travel News, expects the disruption to last for "three or four days".
BA aircraft landing at Heathrow are unable to park as outbound aircraft cannot vacate the gates, which has resulted in passengers being stuck on aircraft.
Journalist Martyn Kent said he had been sitting on a plane at Heathrow for 90 minutes. He said the captain told passengers the IT problems were "catastrophic".

'Catastrophic'

Mick Rix, GMB's national officer for aviation said: "This could have all been avoided.
"BA in 2016 made hundreds of dedicated and loyal IT staff redundant and outsourced the work to India... many viewed the company's actions as just plain greedy."
grounded planes at Heathrow
BA staff in Heathrow's Terminal 5 were resorting to using white boards, according to passenger Gareth Wharton.
Delays have been reported in Rome, Prague, Milan, Stockholm and Malaga due to the system failure.
Philip Bloom said he had been waiting on board a Heathrow-bound flight at Belfast for two hours.
He added: "We haven't been told very much just that there is a worldwide computer system failure.
"We were told that we couldn't even get on other flights because they are unable to see what flights we can be moved to."

Analysis - By Richard Westcott, BBC transport correspondent

a member of British Airways staff writing gate information on a white board at Heathrow AirportImage copyright@THEBOYG
With a lack of technology, staff were using whiteboards in Heathrow
As ever, it is a lack of information that is really making BA passengers angry… we're still awaiting an explanation from the airline and a timescale for how long the problems might last.
The GMB union says this meltdown could have been avoided if BA had not made hundreds of IT staff redundant and outsourced their jobs to India at the end of last year.
Yes, the union has a big axe to grind, but people will want to know if the airline made its IT systems more vulnerable by scaling back computer support to save money - although BA has just flatly denied it to me.
IT problems ripple through an airline. If planes cannot take off, they cannot leave gaps at the gate for others to land.
If flights are delayed by more than around five hours, the airline must swap crews because shift lengths are strictly limited for safety reasons.
Telling customers to stay away is a drastic measure, but it is the only chance BA has of clearing the backlog of flights.

Philip Bloom tweetImage copyrightTWITTER
The BBC's Phillip Norton was at Rome international airport, waiting to fly to London.
He said BA staff were unable to say how long delays would be, telling him "all flights are grounded around the world".
Alma Saffari was in Marseille waiting to get her flight back to Heathrow.
She said: "When we finally boarded the captain came out and told us their computer systems were down worldwide.
"Eventually after sitting on the tarmac for one and a half hours we disembarked the plane.
"Now we are sitting in the departure area outside the gate."
Ms Saffari, who is with her 13-month-old baby, said she had been given a voucher for food and drink.

EU flight delay rights

Heathrow Terminal 5 disruptionImage copyright@TIMREIDCE
Passengers have experienced large queues and disruption at Heathrow Terminal 5, British Airways' main London terminal

 

Looking for a technology partner to assist with a specific project? Call Managed Solution at 800-208-3617  or contact us to schedule a full analysis on the performance of your network.

 


[/vc_column_text][/vc_column][/vc_row]