SlideShare una empresa de Scribd logo

Building Critical Infrastructure For Business Recovery

Seccuris Inc.
Seccuris Inc.

This document discusses building critical infrastructure for business recovery during a pandemic. It outlines key components of a business continuity plan, including staffing and skill issues, communication and technology issues. It also discusses supporting technologies that can help, such as VOIP services, web applications, and remote connectivity options. Finally, it provides considerations for implementing technologies, such as performing a needs analysis and security impact assessment.

TecnologíaEmpresariales
1 de 46
Building Critical Infrastructure for Business Recovery
Not a physical disaster • An Influenza Pandemic impacts our people • Proprietary knowledge is at high risk • Our businesses are reliant on relationships • Supporting vendors, industry & governments also impacted
Recovery vs Continuity Disaster Recovery • Restart operations after a disaster (Specifically IT) Business Continuity • Resume partially or completely interrupted critical functions
“Business Recovery” • An effective response plan considers • A simplified combination of DRP & BCP elements • Leveraging of communications • Enhancement of technical infrastructure • Mitigating loss of access to knowledge and skill sets is critical to on-going success of business
Building Critical Infrastructure • Mitigating loss of access to knowledge and skill sets is critical to on-going success of business • We need to build and enhance technology solutions to maintain access to this knowledge • Discuss issues that can be mitigated through technology • Highlight technologies available • Detail areas of review to ensure effective implementation
Pandemic Issues in our business Where are our concerns?
Pandemic Issues in our business • Staffing & Skill Issues • Exposure to infection • Propagation of infection • Availability of required skill sets • Increased security risks
Pandemic Issues in our business • Communication & Technology Issues • Changes & Loss of Client contact • Loss & Reduced availability of vendor technology • Internal Technology changes increase risk • Availability of required skill sets • Business Continuity Support • Central Communications Support
Pandemic Issues in our business • Weak BCP plans assume: • Access to key personnel • Proprietary business knowledge • Specialized technology knowledge • Access to key technology • Internet Availability • Connectivity • Applications • Vendor Support
Key Components of the BCP How do we identify our concerns?
Key Components of the BCP • Staffing & Skill Issues • Exposure to infection • Propagation of infection • Availability of required skill sets • Increased security risks
Staffing & Skill Issues • Exposure to infection • Employees exposed to through: • Travel to infected clients & sites • Usage of shared company vehicles • Usage of Public transport • Impacts employees such as: • Sales people • On-site support • Executives
Staffing & Skill Issues • Mitigation - Exposure to infection • Reduce • Face-to-face meetings • Travel & Commuting • Enabling Technologies • Telecommuting • Video Conferencing
Staffing & Skill Issues • Propagation of infection • Employees can spread infection • Potential external exposures are high • Symptoms may not arise immediately • Contamination of workplace has strong impact • Impacts employees such as: • Critical Internal Support • Technology Staff • Management
Staffing & Skill Issues • Mitigation - Propagation of infection • Separate critical staff • Create Work area quarantines • Restrict employee travel where possible • “Clean Team” • Enabling Technologies • Remote access to workplace • Wireless access work areas • Point-to-Point Video Walls
Staffing & Skill Issues • Availability of required skill sets • Key skill sets may be unavailable Management • Care for others • Illness • Prior commitments to other clients • Unwillingness to assist during pandemic • Impacts business operations: $ $ • Key functions halted Information Systems Manufacturing Purchasing • Undocumented process fails • Unique relationships breakdown Customer Service Mail Room
Staffing & Skill Issues • Mitigation - Availability of required skill sets • Training of additional support Management • Documentation of current environment • Prioritization of critical systems • Increase review & training of required technologies • Contract or acquire additional staff support $ $ • Enabling Technology Information Systems Manufacturing Purchasing • On-line training materials • Network Mapping tools Customer Service Mail Room
Staffing & Skill Issues • Increased security risks • Reduced availability of Police service • Delayed response to after-hours break-in • Delay for on-site incidents • Potential Emergency service delays • Delayed response to non-life threatening situations • Fire Fighting Services may be reduced • Specialty response units may be unavailable
Staffing & Skill Issues • Mitigation - Increased security risks • Monitor your workplace • Physical security • Personal security • Environment health • Enabling Technology • Install Digital Video Recording solutions • Enhance Alarm monitoring solutions
Key Components of the BCP • Communication & Technology Issues • Changes & Loss of Client contact • Status & Availability of Staff • Loss & Reduced availability of vendor technology • Internal Technology changes increase risk
Communication & Technology Issues • Changes & Loss of Client contact • Client availability may change • Personal issues • Hours of operation / Staggered starts • Change in staffing levels / Responsibilities • Suspension or discontinuation of business • Impacts business by: • Loss of sales Management • Poor delivery of goods & services • Poor customer service Marketing • Loss of client relationships $ $
Communication & Technology Issues • Mitigation - Changes & Loss of Client contact • Enhance client communications • Actively probe changes in client PBX contact Phone System VOIP Phone System • Enabling Technologies • Maintain longer hours of availability • Establish web enabled client contact • Implement PBX / VOIP phone solutions Customer Service • Implement toll-free line(s)
Communication & Technology Issues • Status & Availability of Staff • Internal staff availability will change • Staggered starts • Requirements to care for others • Unforeseen personal delays • Absenteeism due to fear / uncertainty • Impacts business by: • Reducing productivity • Delaying internal decision making • Preventing innovations
Communication & Technology Issues • Mitigation - Status & Availability of Staff • Create accountability for employee status • Employees update status regularly • Use accepted company methods • Create maintainable skills inventory • Enabling Technology • Implement central “SharePoint” for staff
Communication & Technology Issues • Lost availability of vendor technology • Changes in services will occur • Vendor staff levels and support may lower • Availability of provided services may lower (Supplies, Internet / Tech or BCP) • Vendor may suspend or stop business Management • Impacts business by: Marketing • Slowing or stopping Supply Chain $ $ • Potentially lowers output quality • Causes internal delays
Communication & Technology Issues • Mitigation – Lost availability of vendor technology • Review current SLAs • Implement redundant services where possible • Create “worst-case scenario” technology plans Vendor Vendor • Enabling Technology • Implement backup point-to- point wireless • Create “sneakernet” solutions where possible
Communication & Technology Issues • Internal Technology changes Database increase risk • “On-the-fly” changes may Financial cause harm • New staff may create unknown security risks • Maintenance of current environment Applications may reduce • Potentially Impacts Business: VOIP Phone System • Confidentiality PBX Phone System • Availability • Integrity
Communication & Technology Issues • Mitigation - Internal Technology Database changes increase risk Financial • Review the following • Systems & Facility Access Policy • Audit procedures • System Maintenance Polices Applications • Enabling Technology VOIP Phone System • Implement maintainable security PBX Phone System policies • Increase environment logging & monitoring
Key Components of the BCP • Business Continuity Support • Central Communications Support • “Virtual War Room” • Combination of all technologies • Requires additional security measures
Supporting Technologies How do we implementing these solutions?
Supporting Technologies • Supporting technologies available • Communication • Web Applications • Extended Access (Network & Desktop) • Network Enhancements • Physical Security • Policy & Training
Supporting Technologies • VOIP Services • Phone Service • Video Conferencing • Pros • Use almost anywhere with internet • Flexibility in installation (Phone or Computer) • Cons • Needs power & internet • Hardware / software to maintain
Supporting Technologies • PBX Services • Toll Free Access • Dial-out Services • Pros • Standard technology • Multiple Vendors • Cons • Unique skills required • Costly
Supporting Technologies • Redundant Communications • Satellite • Radio • Pros • “Last Chance” access • Low failure rates • Cons • Transmission speed issues • Cost
Supporting Technologies • Web Applications • Web enabled contact • Sharepoint • Pros • Client access at any time • Real-time information updates • Cons • Security & maintenance concerns • Privacy limitations
Supporting Technologies • Remote Connectivity • VPN • SSL • Pros • Secure Access • Site-to-site access • Cons • Additional equipment • Additional monitoring of network required
Supporting Technologies • Remote Access • RDP • Citrix • Pros • Access to desktop • Lower requirement for new hardware • Cons • Security concerns • Licensing costs
Supporting Technologies • Wireless Networking • Wireless LAN (WLAN) • Wireless Point-to-Point • Pros • Expanded network reach • Provide flexible office areas • Cons • Security concerns • Hardware issues
Supporting Technologies • Physical Security • Digital Video Recording • Alarm Monitoring • Pros • Additional layer of security • Expandable technology • Cons • Obsolescence • Installation
Supporting Technologies • Policies & Training • On-line Training Tools • Security Policies • Pros • Cheap • Prove due diligence • Cons • Implementation • Enforcement
Technology Considerations What to look for during implementation
Technology Considerations • Before implementing any technology… • Perform needs analysis • Load & capability analysis • Security impact analysis • Conduct pilot rollout
Technology Considerations • After implementing a technology… • Complete security validation • Create awareness of installed technologies • Document Service Level Agreements (SLAs)
“Business Recovery” • Mitigating loss of access to knowledge and skill sets is critical to on-going success of business • Good plans will: • Facilitate & maintain access to key personnel • Proprietary business knowledge • Specialized technology knowledge • Facilitate & Maintain access to key technology • Internet Availability • Connectivity • Applications • Vendor Support
“Business Recovery” • An effective plan considers • A simplified combination of DRP & BCP elements • Leveraging of communications • Enhancement of technical infrastructure
Thank You Michael Legary, CSA, CISSP, CISM, CISA, CCSA, CPP, GCIH, PCI-QSA Founder, Chief Innovation Officer Seccuris Inc. Direct: 204-255-4490 Main: 204-255-4136 Fax: 204-942-6705

Recomendados

veterans resume rev.
veterans resume rev.veterans resume rev.
veterans resume rev.Rodney Embry
 
Dipendra Singh
Dipendra SinghDipendra Singh
Dipendra SinghDipendra Singh
 
Telecom Services Provider Assessment
Telecom Services Provider AssessmentTelecom Services Provider Assessment
Telecom Services Provider AssessmentSourcing Sage
 
Telecom Process Assessment Example
Telecom Process Assessment ExampleTelecom Process Assessment Example
Telecom Process Assessment ExampleSourcing Sage
 
Process Assessment Example
Process Assessment ExampleProcess Assessment Example
Process Assessment ExampleSourcing Sage
 
Maximizing the use of video communications by AVI-SPL
Maximizing the use of video communications by AVI-SPLMaximizing the use of video communications by AVI-SPL
Maximizing the use of video communications by AVI-SPLguest14baeca
 
Cloud Service Provider
Cloud Service ProviderCloud Service Provider
Cloud Service ProviderBill Winkler
 
Offshore Cost Relief
Offshore Cost ReliefOffshore Cost Relief
Offshore Cost Reliefrpboulan53
 

Recomendados

veterans resume rev.
veterans resume rev.veterans resume rev.
veterans resume rev.Rodney Embry
 
Dipendra Singh
Dipendra SinghDipendra Singh
Dipendra SinghDipendra Singh
 
Telecom Services Provider Assessment
Telecom Services Provider AssessmentTelecom Services Provider Assessment
Telecom Services Provider AssessmentSourcing Sage
 
Telecom Process Assessment Example
Telecom Process Assessment ExampleTelecom Process Assessment Example
Telecom Process Assessment ExampleSourcing Sage
 
Process Assessment Example
Process Assessment ExampleProcess Assessment Example
Process Assessment ExampleSourcing Sage
 
Maximizing the use of video communications by AVI-SPL
Maximizing the use of video communications by AVI-SPLMaximizing the use of video communications by AVI-SPL
Maximizing the use of video communications by AVI-SPLguest14baeca
 
Cloud Service Provider
Cloud Service ProviderCloud Service Provider
Cloud Service ProviderBill Winkler
 
Offshore Cost Relief
Offshore Cost ReliefOffshore Cost Relief
Offshore Cost Reliefrpboulan53
 
Nemi_ ProjectManager 16192016
Nemi_ ProjectManager 16192016Nemi_ ProjectManager 16192016
Nemi_ ProjectManager 16192016Neminathan Bhuvaneswaran
 
Trevor Day v3
Trevor Day v3Trevor Day v3
Trevor Day v3Trevor Day
 
Block Imaging Intro
Block Imaging IntroBlock Imaging Intro
Block Imaging IntroBlock Imaging
 
Introduction to Block Imaging Solutions
Introduction to Block Imaging SolutionsIntroduction to Block Imaging Solutions
Introduction to Block Imaging SolutionsAnaheimCA
 
Brian Shorey
Brian ShoreyBrian Shorey
Brian ShoreyBrian Shorey
 
Interactive Voice Response and Agent Performance Measurement
Interactive Voice Response and Agent Performance MeasurementInteractive Voice Response and Agent Performance Measurement
Interactive Voice Response and Agent Performance MeasurementKevin L
 
Cloud meets contact center 022013
Cloud meets contact center 022013Cloud meets contact center 022013
Cloud meets contact center 022013hdicapitalarea
 
Dell Nycdoe Pcs Presentation
Dell Nycdoe Pcs PresentationDell Nycdoe Pcs Presentation
Dell Nycdoe Pcs Presentationragogli
 
DSi white paper: Leveraging technology for improved field service operat…
DSi white paper: Leveraging technology for improved field service operat…DSi white paper: Leveraging technology for improved field service operat…
DSi white paper: Leveraging technology for improved field service operat…Dispatching Solutions, Inc.
 
Jesse A Moon Resume
Jesse A Moon ResumeJesse A Moon Resume
Jesse A Moon ResumeJesse Moon
 
Arame Vartani - Resume 3
Arame Vartani - Resume 3Arame Vartani - Resume 3
Arame Vartani - Resume 3Arame Vartanimasihi
 
Call centre
Call centreCall centre
Call centreContact Centre Management Group
 
Avon Material Handling Preventative Maintenance Case Study
Avon Material Handling Preventative Maintenance Case StudyAvon Material Handling Preventative Maintenance Case Study
Avon Material Handling Preventative Maintenance Case Studyintelligrated
 
Swarup 7.0 cv
Swarup 7.0 cvSwarup 7.0 cv
Swarup 7.0 cvSwarup Das
 
Naya Med Commercialplatform Orderlow
Naya Med Commercialplatform OrderlowNaya Med Commercialplatform Orderlow
Naya Med Commercialplatform Orderlowchrisrogers
 
Leadsintec Prensentation
Leadsintec PrensentationLeadsintec Prensentation
Leadsintec PrensentationAmy He
 
About TOA TECH
About TOA TECHAbout TOA TECH
About TOA TECHJennifer Harn
 
CNDSP Assessment Template
CNDSP Assessment TemplateCNDSP Assessment Template
CNDSP Assessment TemplateJames W. De Rienzo
 
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...James W. De Rienzo
 
Critical Incident Example 1
Critical Incident Example 1 Critical Incident Example 1
Critical Incident Example 1 NorthTec
 
Critical incident method_hrm_appraisal
Critical incident method_hrm_appraisalCritical incident method_hrm_appraisal
Critical incident method_hrm_appraisalSaravanan Murugan
 
Technical Escalations Best Practices
Technical Escalations Best PracticesTechnical Escalations Best Practices
Technical Escalations Best Practicesmagalong
 

Más contenido relacionado

La actualidad más candente

Introduction to Block Imaging Solutions
Introduction to Block Imaging SolutionsIntroduction to Block Imaging Solutions
Introduction to Block Imaging SolutionsAnaheimCA
 
Interactive Voice Response and Agent Performance Measurement
Interactive Voice Response and Agent Performance MeasurementInteractive Voice Response and Agent Performance Measurement
Interactive Voice Response and Agent Performance MeasurementKevin L
 
Cloud meets contact center 022013
Cloud meets contact center 022013Cloud meets contact center 022013
Cloud meets contact center 022013hdicapitalarea
 
Dell Nycdoe Pcs Presentation
Dell Nycdoe Pcs PresentationDell Nycdoe Pcs Presentation
Dell Nycdoe Pcs Presentationragogli
 
DSi white paper: Leveraging technology for improved field service operat…
DSi white paper: Leveraging technology for improved field service operat…DSi white paper: Leveraging technology for improved field service operat…
DSi white paper: Leveraging technology for improved field service operat…Dispatching Solutions, Inc.
 
Jesse A Moon Resume
Jesse A Moon ResumeJesse A Moon Resume
Jesse A Moon ResumeJesse Moon
 
Avon Material Handling Preventative Maintenance Case Study
Avon Material Handling Preventative Maintenance Case StudyAvon Material Handling Preventative Maintenance Case Study
Avon Material Handling Preventative Maintenance Case Studyintelligrated
 
Naya Med Commercialplatform Orderlow
Naya Med Commercialplatform OrderlowNaya Med Commercialplatform Orderlow
Naya Med Commercialplatform Orderlowchrisrogers
 
Leadsintec Prensentation
Leadsintec PrensentationLeadsintec Prensentation
Leadsintec PrensentationAmy He
 

La actualidad más candente (17)

Nemi_ ProjectManager 16192016
Nemi_ ProjectManager 16192016Nemi_ ProjectManager 16192016
Nemi_ ProjectManager 16192016
 
Trevor Day v3
Trevor Day v3Trevor Day v3
Trevor Day v3
 
Block Imaging Intro
Block Imaging IntroBlock Imaging Intro
Block Imaging Intro
 
Introduction to Block Imaging Solutions
Introduction to Block Imaging SolutionsIntroduction to Block Imaging Solutions
Introduction to Block Imaging Solutions
 
Brian Shorey
Brian ShoreyBrian Shorey
Brian Shorey
 
Interactive Voice Response and Agent Performance Measurement
Interactive Voice Response and Agent Performance MeasurementInteractive Voice Response and Agent Performance Measurement
Interactive Voice Response and Agent Performance Measurement
 
Cloud meets contact center 022013
Cloud meets contact center 022013Cloud meets contact center 022013
Cloud meets contact center 022013
 
Dell Nycdoe Pcs Presentation
Dell Nycdoe Pcs PresentationDell Nycdoe Pcs Presentation
Dell Nycdoe Pcs Presentation
 
DSi white paper: Leveraging technology for improved field service operat…
DSi white paper: Leveraging technology for improved field service operat…DSi white paper: Leveraging technology for improved field service operat…
DSi white paper: Leveraging technology for improved field service operat…
 
Jesse A Moon Resume
Jesse A Moon ResumeJesse A Moon Resume
Jesse A Moon Resume
 
Arame Vartani - Resume 3
Arame Vartani - Resume 3Arame Vartani - Resume 3
Arame Vartani - Resume 3
 
Call centre
Call centreCall centre
Call centre
 
Avon Material Handling Preventative Maintenance Case Study
Avon Material Handling Preventative Maintenance Case StudyAvon Material Handling Preventative Maintenance Case Study
Avon Material Handling Preventative Maintenance Case Study
 
Swarup 7.0 cv
Swarup 7.0 cvSwarup 7.0 cv
Swarup 7.0 cv
 
Naya Med Commercialplatform Orderlow
Naya Med Commercialplatform OrderlowNaya Med Commercialplatform Orderlow
Naya Med Commercialplatform Orderlow
 
Leadsintec Prensentation
Leadsintec PrensentationLeadsintec Prensentation
Leadsintec Prensentation
 
About TOA TECH
About TOA TECHAbout TOA TECH
About TOA TECH
 

Destacado

(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...James W. De Rienzo
 
Critical Incident Example 1
Critical Incident Example 1 Critical Incident Example 1
Critical Incident Example 1 NorthTec
 
Critical incident method_hrm_appraisal
Critical incident method_hrm_appraisalCritical incident method_hrm_appraisal
Critical incident method_hrm_appraisalSaravanan Murugan
 
Technical Escalations Best Practices
Technical Escalations Best PracticesTechnical Escalations Best Practices
Technical Escalations Best Practicesmagalong
 
Application support requirements & processes
Application support requirements & processesApplication support requirements & processes
Application support requirements & processesNandeep Nagarkar
 
Deal With Production Issues - The ITIL Way
Deal With Production Issues - The ITIL WayDeal With Production Issues - The ITIL Way
Deal With Production Issues - The ITIL WayLinpei Zhang
 
ITIL v3 Problem Management
ITIL v3 Problem ManagementITIL v3 Problem Management
ITIL v3 Problem ManagementJosep Bardallo
 

Destacado (10)

CNDSP Assessment Template
CNDSP Assessment TemplateCNDSP Assessment Template
CNDSP Assessment Template
 
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
(1b) Map CSC v5.0 to NIST SP 800 53 Revision 4 (security control table landsc...
 
Critical Incident Example 1
Critical Incident Example 1 Critical Incident Example 1
Critical Incident Example 1
 
Critical incident method_hrm_appraisal
Critical incident method_hrm_appraisalCritical incident method_hrm_appraisal
Critical incident method_hrm_appraisal
 
Technical Escalations Best Practices
Technical Escalations Best PracticesTechnical Escalations Best Practices
Technical Escalations Best Practices
 
Application support requirements & processes
Application support requirements & processesApplication support requirements & processes
Application support requirements & processes
 
Escalation lets do it right
Escalation lets do it rightEscalation lets do it right
Escalation lets do it right
 
Incident Management
Incident ManagementIncident Management
Incident Management
 
Deal With Production Issues - The ITIL Way
Deal With Production Issues - The ITIL WayDeal With Production Issues - The ITIL Way
Deal With Production Issues - The ITIL Way
 
ITIL v3 Problem Management
ITIL v3 Problem ManagementITIL v3 Problem Management
ITIL v3 Problem Management
 

Similar a Building Critical Infrastructure For Business Recovery

Preparing Your Business For A Disaster
Preparing Your Business For A DisasterPreparing Your Business For A Disaster
Preparing Your Business For A DisasterCIOOffice
 
Anand Patel Visual Career Profile
Anand Patel Visual Career ProfileAnand Patel Visual Career Profile
Anand Patel Visual Career ProfileAnand Patel
 
Randstad Catalog Of Services
Randstad Catalog Of ServicesRandstad Catalog Of Services
Randstad Catalog Of ServicesBertAI
 
Challenges In Managing Embedded Product Development
Challenges In Managing Embedded Product DevelopmentChallenges In Managing Embedded Product Development
Challenges In Managing Embedded Product DevelopmentAtul Nene
 
Three Uses Of JIRA Beyond Bug Tracking
Three Uses Of JIRA Beyond Bug TrackingThree Uses Of JIRA Beyond Bug Tracking
Three Uses Of JIRA Beyond Bug TrackingAtlassian
 
Linkedin Prentation Pdf2
Linkedin Prentation Pdf2Linkedin Prentation Pdf2
Linkedin Prentation Pdf2guest0f7a5ee
 
CFITS Disaster Recovery 2009
CFITS Disaster Recovery 2009CFITS Disaster Recovery 2009
CFITS Disaster Recovery 2009cfits
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
 
Kriya Consulting
Kriya ConsultingKriya Consulting
Kriya Consultingharidoss
 
Next Generation Datacenter Oracle - Alan Hartwell
Next Generation Datacenter Oracle - Alan HartwellNext Generation Datacenter Oracle - Alan Hartwell
Next Generation Datacenter Oracle - Alan HartwellHPDutchWorld
 
Oracle - Next Generation Datacenter - Alan Hartwell
Oracle - Next Generation Datacenter - Alan HartwellOracle - Next Generation Datacenter - Alan Hartwell
Oracle - Next Generation Datacenter - Alan HartwellHPDutchWorld
 
SAI Telecom Call Accounting for Global Enterprise
SAI Telecom Call Accounting for Global EnterpriseSAI Telecom Call Accounting for Global Enterprise
SAI Telecom Call Accounting for Global EnterpriseDebra Basaldua
 
Joe Honan Virtualization Trends
Joe Honan Virtualization TrendsJoe Honan Virtualization Trends
Joe Honan Virtualization Trends1velocity
 
GCS One Pager
GCS One PagerGCS One Pager
GCS One Pagerjasper68
 
Vira Manufacturing Overview
Vira Manufacturing OverviewVira Manufacturing Overview
Vira Manufacturing OverviewPatKirk
 
Introduction to OCTI
Introduction to OCTIIntroduction to OCTI
Introduction to OCTIStephen Bates
 
Alp Management Consultants Presenation
Alp Management Consultants PresenationAlp Management Consultants Presenation
Alp Management Consultants Presenationkameswari.p
 

Similar a Building Critical Infrastructure For Business Recovery (20)

Preparing Your Business For A Disaster
Preparing Your Business For A DisasterPreparing Your Business For A Disaster
Preparing Your Business For A Disaster
 
Anand Patel Visual Career Profile
Anand Patel Visual Career ProfileAnand Patel Visual Career Profile
Anand Patel Visual Career Profile
 
Randstad Catalog Of Services
Randstad Catalog Of ServicesRandstad Catalog Of Services
Randstad Catalog Of Services
 
Challenges In Managing Embedded Product Development
Challenges In Managing Embedded Product DevelopmentChallenges In Managing Embedded Product Development
Challenges In Managing Embedded Product Development
 
Why CDW
Why CDWWhy CDW
Why CDW
 
Si Presentation
Si PresentationSi Presentation
Si Presentation
 
SI Presentation
SI PresentationSI Presentation
SI Presentation
 
Three Uses Of JIRA Beyond Bug Tracking
Three Uses Of JIRA Beyond Bug TrackingThree Uses Of JIRA Beyond Bug Tracking
Three Uses Of JIRA Beyond Bug Tracking
 
Linkedin Prentation Pdf2
Linkedin Prentation Pdf2Linkedin Prentation Pdf2
Linkedin Prentation Pdf2
 
CFITS Disaster Recovery 2009
CFITS Disaster Recovery 2009CFITS Disaster Recovery 2009
CFITS Disaster Recovery 2009
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Group
 
Kriya Consulting
Kriya ConsultingKriya Consulting
Kriya Consulting
 
Next Generation Datacenter Oracle - Alan Hartwell
Next Generation Datacenter Oracle - Alan HartwellNext Generation Datacenter Oracle - Alan Hartwell
Next Generation Datacenter Oracle - Alan Hartwell
 
Oracle - Next Generation Datacenter - Alan Hartwell
Oracle - Next Generation Datacenter - Alan HartwellOracle - Next Generation Datacenter - Alan Hartwell
Oracle - Next Generation Datacenter - Alan Hartwell
 
SAI Telecom Call Accounting for Global Enterprise
SAI Telecom Call Accounting for Global EnterpriseSAI Telecom Call Accounting for Global Enterprise
SAI Telecom Call Accounting for Global Enterprise
 
Joe Honan Virtualization Trends
Joe Honan Virtualization TrendsJoe Honan Virtualization Trends
Joe Honan Virtualization Trends
 
GCS One Pager
GCS One PagerGCS One Pager
GCS One Pager
 
Vira Manufacturing Overview
Vira Manufacturing OverviewVira Manufacturing Overview
Vira Manufacturing Overview
 
Introduction to OCTI
Introduction to OCTIIntroduction to OCTI
Introduction to OCTI
 
Alp Management Consultants Presenation
Alp Management Consultants PresenationAlp Management Consultants Presenation
Alp Management Consultants Presenation
 

Más de Seccuris Inc.

Building an enterprise forensics response service
Building an enterprise forensics response serviceBuilding an enterprise forensics response service
Building an enterprise forensics response serviceSeccuris Inc.
 
Digital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniquesDigital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniquesSeccuris Inc.
 
Compliance in Virtualized Environments
Compliance in Virtualized EnvironmentsCompliance in Virtualized Environments
Compliance in Virtualized EnvironmentsSeccuris Inc.
 
Outsourcing: A Security Perspective
Outsourcing: A Security PerspectiveOutsourcing: A Security Perspective
Outsourcing: A Security PerspectiveSeccuris Inc.
 
Security Information Management: An introduction
Security Information Management: An introductionSecurity Information Management: An introduction
Security Information Management: An introductionSeccuris Inc.
 
Anti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and preventionAnti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and preventionSeccuris Inc.
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationInformation Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationSeccuris Inc.
 
Virtually Secure: Uncovering the risks of virtualization
Virtually Secure: Uncovering the risks of virtualizationVirtually Secure: Uncovering the risks of virtualization
Virtually Secure: Uncovering the risks of virtualizationSeccuris Inc.
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT SecuritySeccuris Inc.
 
Improving Your Information Security Program
Improving Your Information Security ProgramImproving Your Information Security Program
Improving Your Information Security ProgramSeccuris Inc.
 

Más de Seccuris Inc. (11)

Building an enterprise forensics response service
Building an enterprise forensics response serviceBuilding an enterprise forensics response service
Building an enterprise forensics response service
 
Digital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniquesDigital Anti-Forensics: Emerging trends in data transformation techniques
Digital Anti-Forensics: Emerging trends in data transformation techniques
 
Compliance in Virtualized Environments
Compliance in Virtualized EnvironmentsCompliance in Virtualized Environments
Compliance in Virtualized Environments
 
Outsourcing: A Security Perspective
Outsourcing: A Security PerspectiveOutsourcing: A Security Perspective
Outsourcing: A Security Perspective
 
Security Information Management: An introduction
Security Information Management: An introductionSecurity Information Management: An introduction
Security Information Management: An introduction
 
Anti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and preventionAnti-Forensics: Real world identification, analysis and prevention
Anti-Forensics: Real world identification, analysis and prevention
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Information Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your OrganziationInformation Security Architecture: Building Security Into Your Organziation
Information Security Architecture: Building Security Into Your Organziation
 
Virtually Secure: Uncovering the risks of virtualization
Virtually Secure: Uncovering the risks of virtualizationVirtually Secure: Uncovering the risks of virtualization
Virtually Secure: Uncovering the risks of virtualization
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT Security
 
Improving Your Information Security Program
Improving Your Information Security ProgramImproving Your Information Security Program
Improving Your Information Security Program
 

Último

Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 

Último (20)

Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 

Building Critical Infrastructure For Business Recovery

  • 1. Building Critical Infrastructure for Business Recovery
  • 2. Not a physical disaster • An Influenza Pandemic impacts our people • Proprietary knowledge is at high risk • Our businesses are reliant on relationships • Supporting vendors, industry & governments also impacted
  • 3. Recovery vs Continuity Disaster Recovery • Restart operations after a disaster (Specifically IT) Business Continuity • Resume partially or completely interrupted critical functions
  • 4. “Business Recovery” • An effective response plan considers • A simplified combination of DRP & BCP elements • Leveraging of communications • Enhancement of technical infrastructure • Mitigating loss of access to knowledge and skill sets is critical to on-going success of business
  • 5. Building Critical Infrastructure • Mitigating loss of access to knowledge and skill sets is critical to on-going success of business • We need to build and enhance technology solutions to maintain access to this knowledge • Discuss issues that can be mitigated through technology • Highlight technologies available • Detail areas of review to ensure effective implementation
  • 6. Pandemic Issues in our business Where are our concerns?
  • 7. Pandemic Issues in our business • Staffing & Skill Issues • Exposure to infection • Propagation of infection • Availability of required skill sets • Increased security risks
  • 8. Pandemic Issues in our business • Communication & Technology Issues • Changes & Loss of Client contact • Loss & Reduced availability of vendor technology • Internal Technology changes increase risk • Availability of required skill sets • Business Continuity Support • Central Communications Support
  • 9. Pandemic Issues in our business • Weak BCP plans assume: • Access to key personnel • Proprietary business knowledge • Specialized technology knowledge • Access to key technology • Internet Availability • Connectivity • Applications • Vendor Support
  • 10. Key Components of the BCP How do we identify our concerns?
  • 11. Key Components of the BCP • Staffing & Skill Issues • Exposure to infection • Propagation of infection • Availability of required skill sets • Increased security risks
  • 12. Staffing & Skill Issues • Exposure to infection • Employees exposed to through: • Travel to infected clients & sites • Usage of shared company vehicles • Usage of Public transport • Impacts employees such as: • Sales people • On-site support • Executives
  • 13. Staffing & Skill Issues • Mitigation - Exposure to infection • Reduce • Face-to-face meetings • Travel & Commuting • Enabling Technologies • Telecommuting • Video Conferencing
  • 14. Staffing & Skill Issues • Propagation of infection • Employees can spread infection • Potential external exposures are high • Symptoms may not arise immediately • Contamination of workplace has strong impact • Impacts employees such as: • Critical Internal Support • Technology Staff • Management
  • 15. Staffing & Skill Issues • Mitigation - Propagation of infection • Separate critical staff • Create Work area quarantines • Restrict employee travel where possible • “Clean Team” • Enabling Technologies • Remote access to workplace • Wireless access work areas • Point-to-Point Video Walls
  • 16. Staffing & Skill Issues • Availability of required skill sets • Key skill sets may be unavailable Management • Care for others • Illness • Prior commitments to other clients • Unwillingness to assist during pandemic • Impacts business operations: $ $ • Key functions halted Information Systems Manufacturing Purchasing • Undocumented process fails • Unique relationships breakdown Customer Service Mail Room
  • 17. Staffing & Skill Issues • Mitigation - Availability of required skill sets • Training of additional support Management • Documentation of current environment • Prioritization of critical systems • Increase review & training of required technologies • Contract or acquire additional staff support $ $ • Enabling Technology Information Systems Manufacturing Purchasing • On-line training materials • Network Mapping tools Customer Service Mail Room
  • 18. Staffing & Skill Issues • Increased security risks • Reduced availability of Police service • Delayed response to after-hours break-in • Delay for on-site incidents • Potential Emergency service delays • Delayed response to non-life threatening situations • Fire Fighting Services may be reduced • Specialty response units may be unavailable
  • 19. Staffing & Skill Issues • Mitigation - Increased security risks • Monitor your workplace • Physical security • Personal security • Environment health • Enabling Technology • Install Digital Video Recording solutions • Enhance Alarm monitoring solutions
  • 20. Key Components of the BCP • Communication & Technology Issues • Changes & Loss of Client contact • Status & Availability of Staff • Loss & Reduced availability of vendor technology • Internal Technology changes increase risk
  • 21. Communication & Technology Issues • Changes & Loss of Client contact • Client availability may change • Personal issues • Hours of operation / Staggered starts • Change in staffing levels / Responsibilities • Suspension or discontinuation of business • Impacts business by: • Loss of sales Management • Poor delivery of goods & services • Poor customer service Marketing • Loss of client relationships $ $
  • 22. Communication & Technology Issues • Mitigation - Changes & Loss of Client contact • Enhance client communications • Actively probe changes in client PBX contact Phone System VOIP Phone System • Enabling Technologies • Maintain longer hours of availability • Establish web enabled client contact • Implement PBX / VOIP phone solutions Customer Service • Implement toll-free line(s)
  • 23. Communication & Technology Issues • Status & Availability of Staff • Internal staff availability will change • Staggered starts • Requirements to care for others • Unforeseen personal delays • Absenteeism due to fear / uncertainty • Impacts business by: • Reducing productivity • Delaying internal decision making • Preventing innovations
  • 24. Communication & Technology Issues • Mitigation - Status & Availability of Staff • Create accountability for employee status • Employees update status regularly • Use accepted company methods • Create maintainable skills inventory • Enabling Technology • Implement central “SharePoint” for staff
  • 25. Communication & Technology Issues • Lost availability of vendor technology • Changes in services will occur • Vendor staff levels and support may lower • Availability of provided services may lower (Supplies, Internet / Tech or BCP) • Vendor may suspend or stop business Management • Impacts business by: Marketing • Slowing or stopping Supply Chain $ $ • Potentially lowers output quality • Causes internal delays
  • 26. Communication & Technology Issues • Mitigation – Lost availability of vendor technology • Review current SLAs • Implement redundant services where possible • Create “worst-case scenario” technology plans Vendor Vendor • Enabling Technology • Implement backup point-to- point wireless • Create “sneakernet” solutions where possible
  • 27. Communication & Technology Issues • Internal Technology changes Database increase risk • “On-the-fly” changes may Financial cause harm • New staff may create unknown security risks • Maintenance of current environment Applications may reduce • Potentially Impacts Business: VOIP Phone System • Confidentiality PBX Phone System • Availability • Integrity
  • 28. Communication & Technology Issues • Mitigation - Internal Technology Database changes increase risk Financial • Review the following • Systems & Facility Access Policy • Audit procedures • System Maintenance Polices Applications • Enabling Technology VOIP Phone System • Implement maintainable security PBX Phone System policies • Increase environment logging & monitoring
  • 29. Key Components of the BCP • Business Continuity Support • Central Communications Support • “Virtual War Room” • Combination of all technologies • Requires additional security measures
  • 30. Supporting Technologies How do we implementing these solutions?
  • 31. Supporting Technologies • Supporting technologies available • Communication • Web Applications • Extended Access (Network & Desktop) • Network Enhancements • Physical Security • Policy & Training
  • 32. Supporting Technologies • VOIP Services • Phone Service • Video Conferencing • Pros • Use almost anywhere with internet • Flexibility in installation (Phone or Computer) • Cons • Needs power & internet • Hardware / software to maintain
  • 33. Supporting Technologies • PBX Services • Toll Free Access • Dial-out Services • Pros • Standard technology • Multiple Vendors • Cons • Unique skills required • Costly
  • 34. Supporting Technologies • Redundant Communications • Satellite • Radio • Pros • “Last Chance” access • Low failure rates • Cons • Transmission speed issues • Cost
  • 35. Supporting Technologies • Web Applications • Web enabled contact • Sharepoint • Pros • Client access at any time • Real-time information updates • Cons • Security & maintenance concerns • Privacy limitations
  • 36. Supporting Technologies • Remote Connectivity • VPN • SSL • Pros • Secure Access • Site-to-site access • Cons • Additional equipment • Additional monitoring of network required
  • 37. Supporting Technologies • Remote Access • RDP • Citrix • Pros • Access to desktop • Lower requirement for new hardware • Cons • Security concerns • Licensing costs
  • 38. Supporting Technologies • Wireless Networking • Wireless LAN (WLAN) • Wireless Point-to-Point • Pros • Expanded network reach • Provide flexible office areas • Cons • Security concerns • Hardware issues
  • 39. Supporting Technologies • Physical Security • Digital Video Recording • Alarm Monitoring • Pros • Additional layer of security • Expandable technology • Cons • Obsolescence • Installation
  • 40. Supporting Technologies • Policies & Training • On-line Training Tools • Security Policies • Pros • Cheap • Prove due diligence • Cons • Implementation • Enforcement
  • 41. Technology Considerations What to look for during implementation
  • 42. Technology Considerations • Before implementing any technology… • Perform needs analysis • Load & capability analysis • Security impact analysis • Conduct pilot rollout
  • 43. Technology Considerations • After implementing a technology… • Complete security validation • Create awareness of installed technologies • Document Service Level Agreements (SLAs)
  • 44. “Business Recovery” • Mitigating loss of access to knowledge and skill sets is critical to on-going success of business • Good plans will: • Facilitate & maintain access to key personnel • Proprietary business knowledge • Specialized technology knowledge • Facilitate & Maintain access to key technology • Internet Availability • Connectivity • Applications • Vendor Support
  • 45. “Business Recovery” • An effective plan considers • A simplified combination of DRP & BCP elements • Leveraging of communications • Enhancement of technical infrastructure
  • 46. Thank You Michael Legary, CSA, CISSP, CISM, CISA, CCSA, CPP, GCIH, PCI-QSA Founder, Chief Innovation Officer Seccuris Inc. Direct: 204-255-4490 Main: 204-255-4136 Fax: 204-942-6705