SlideShare una empresa de Scribd logo

DR luncheon presentation

S
seishi1

Disaster Recovery Planning..a 9/11 CIO story with lessons learned

1 de 24
Disaster Recovery White Feather Solutions Disaster Recovery Planning
Summary  First Six Months As CIO of organization in close proximity to twin towers  What occurred during and after 9/11  Post Mortem  Planning for a Disaster  BCP recommendations  RIO proposed roadmap of DR facilities and services
First Six Months As CIO with Boutique Financial Firm left three ominous letters from the previous CIO 1. Evaluate departmental requirements and assess overhead 2. Cut Unnecessary Overhead 3. Cut Extraneous Servers and Systems 4. Cut Personnel
First Six Months As CIO At Financial Firm  Discovered report from the previous CIO who was in place during the 1993 bombing of the World Trade Center  Enterprise was shutdown for 10 days  Losses totaled over 100M  No insurance  No Business Continuity Plan
New Mission  Developed disaster recovery plan  Had expertise with this type of firm prior to becoming CIO and wrote several BCP’s for similar firms engaged in Y2K projects  Utilized a BCP I developed which was accepted by Deloitte auditors for Y2K and updated it to reflect the present IT procedures
New Mission  Interviewed all the departments in order to add their segments of the enterprise to the BCP with the latest business practices  Queried department heads as to what were their most critical functions and what needed to be protected and running during a disaster  Ascertained what functional interdependencies currently existed between the departments and if they needed to be protected and running
Presentation of the DR Plan to Management  Reviewed the outcome of the 1993 bombing and the significant financial impact it had on the organization which, like many in NYC, had been caught unprepared on many levels.  Outlined the Business Continuity Plan  Reviewed what was needed in terms of resources for BCP  Demonstrated graphically how each process would be addressed during an actual disaster  Reviewed SLAs negotiated with the vendors  Proposed new processes to be incorporated in the Enterprise  Reviewed the costs involved in the implementation of the plan, approximated $100,000.
Results  Management balked at the business processes and their associated costs.  A common roadblock to BCP success: management did not buy into the ongoing cost for backup servers that, as they saw it, were not being used.  BCP presentation took place on February 9th, 2001  With zero budget, over the next 5 months I created, implemented and tested a DR plan in my own department. I shared the plan with all department heads.  A few of the back office departments implemented the plan.  THEN CAME 9/11...
Workday visuals  This is what many NYC residents who walked to work everyday routinely saw
September 11, 2001  reports came into the office that a small plane was off course and had hit one of the twin towers.  Office talk was buzzing as to whether business should close  15 minutes later the second plane hit . A call came in from management asking for direction. As CIO, every facet of the business touched the data network whose operation was my responsibility. My response was clear. The business had to shut down.  Background as Marine fighter pilot post Viet Nam served myself and my company well.
September 11 2001  About an hour or so after that the collapse:
September 11 2001  And finally the aftermath:
September 11 2001
Spring in to action  Our communications plan was immediately implemented.  Emailed a standard evacuation list to department heads and instructed them to vacate. For those departments who had the plan invoke it and vacate.  SMT (Survival Management Teams – 5 two person teams) went through 5 floors of offices making sure everyone was leaving and giving instruction on where to meet, well away from the disaster, which had been predetermined.  Ordered a shutdown of all systems and the evacuation of all personnel, and collection of all software backups.  Attempted to call vendors, however land and wireless lines were all tied up. I sent emails ordering lines, systems, software to be brought to a second facility we had in Queens, some 6 miles away.  Once all the employees were evacuated and the doors locked, we proceeded to walk to the United Nations Building, the predetermined meet place. We took a head count, everyone had made it.
Spring into action Management request “PICK 5 MEN AND GO IN AND RETRIEVE FINANCIAL SERVERS” Response I WILL GO IN IF PROVIDED WITH OXYGEN, PROTECTIVE SUITS AND CASH TO GET PAST THE SECURITY ROADBLOCKS. THESE MEN HAVE FAMILIES AND HAVE NOT EXPERIENCED WAR . Management CASH ONLY
Aftermath  set up a hotline using voice mail. The city was completely shutdown. I experienced difficulty updating the voice mail  Receive call from management. They attempted to perform a rescue mission of the servers and the financial data. Men that went in, are still receiving mental health therapy.  The following day, along with a NYC police officer, two of my people and myself, a cart, dressed in fire retardant suits, with oxygen masks, axes, crowbars, we go get the servers  We had to strap them on our backs and take them, one by one, down 5 flights of stairs.
POST MORTEM  Proposed DR plan -$100K  Cost to get basic functionality back - $500k+  Replacement of lost equipment - $1.2M  Insurance picked up around 25%  It took around 21 days to get back on line at a loss of approximately $160M  Risk to employees, having to recover the servers
PLANNING FOR A DISASTER Types Of Disasters  Fire / Explosions  Natural Disasters - Tropical Storms and Hurricanes - Tornado and Thunderstorms - Earthquakes - Floods  Utilities Disruption - Electric - Gas - Water - Phone - Heat / Air Conditioning - Loss Of Elevators - Computer System Failure
PLANNING FOR A DISASTER Types Of Disasters  Security Emergency - Bomb Threats - Criminal Acts on Individuals - Civil Disturbance  Hazardous Materials Spills/Releases  Food Borne Illness  Visitors Incidents  Employee Incidents - Employee Serious Injury/Death - Workplace Violence  Media Inquiries  Evacuation - Site Evacuation Planning Factors - Community Wide Evacuation  Shelter-In-Place
PLANNING FOR A DISASTER Components of a Disaster Recovery Plan  Human Continuity Plan  Create Survival Management Teams  Define a scope of what the plan will cover  Business Continuity Plan  Define each departments role in the enterprise and determine how critical their functions are to the business  Develop contingencies to critical business processes  Facility Response Plan  Create Facility Response Teams  Describe Facilities & Locations  Define a scope of what the plan will cover
PLANNING FOR A DISASTER Components of a Disaster Recovery Plan  Event Management  Create Crisis Management Teams  Detection of events  Incident Detection  Incident Assessment and  Classification  Automatic Detection of Events  Fire Alarms  Intrusion Alarms  Event Response  Notification of proper authorities
PLANNING FOR A DISASTER Components of a Disaster Recovery Plan  Crisis Communication Plan  Determine how the enterprise communicates with it’s employees  Post Disaster Review  Disaster Testing Plan  Frequency
PLANNING FOR A DISASTER Examples of Components in a Disaster Recovery Plan Human Continuity Plan  Survival Management Team Member  Company will send volunteers for EMT training  Volunteers will be trained in light extrication
PLANNING FOR A DISASTER Examples of Components in a Disaster Recovery Plan Business Continuity Plan

Recomendados

Project Management and ICS article
Project Management and ICS articleProject Management and ICS article
Project Management and ICS article
David Rudawitz
 
Incident Command System
Incident Command SystemIncident Command System
Incident Command System
Ryann Castro
 
ICS and you
ICS and youICS and you
ICS and you
Sarah K Miller
 
Crisis communication
Crisis communicationCrisis communication
Crisis communication
Dr.Arivalan Ramaiyah
 
Chapter 12
Chapter 12Chapter 12
Chapter 12
detjen
 
03 hics training first receiver
03 hics training first receiver03 hics training first receiver
03 hics training first receiver
ucsfmc_em
 
Diapositivas tita grupo 4
Diapositivas tita grupo 4Diapositivas tita grupo 4
Diapositivas tita grupo 4
Marta Lucia Escobar
 
Sales
SalesSales
Sales
Merrymary Tom
 

Recomendados

Project Management and ICS article
Project Management and ICS articleProject Management and ICS article
Project Management and ICS article
David Rudawitz
 
Incident Command System
Incident Command SystemIncident Command System
Incident Command System
Ryann Castro
 
ICS and you
ICS and youICS and you
ICS and you
Sarah K Miller
 
Crisis communication
Crisis communicationCrisis communication
Crisis communication
Dr.Arivalan Ramaiyah
 
Chapter 12
Chapter 12Chapter 12
Chapter 12
detjen
 
03 hics training first receiver
03 hics training first receiver03 hics training first receiver
03 hics training first receiver
ucsfmc_em
 
Diapositivas tita grupo 4
Diapositivas tita grupo 4Diapositivas tita grupo 4
Diapositivas tita grupo 4
Marta Lucia Escobar
 
Sales
SalesSales
Sales
Merrymary Tom
 
Diapositivas tita grupo 4
Diapositivas tita grupo 4 Diapositivas tita grupo 4
Diapositivas tita grupo 4
Adiela Martinez
 
Test thinking
Test thinkingTest thinking
Test thinking
Luana Hohmann
 
Coralys
CoralysCoralys
Coralys
Rosa Zayas
 
New microsForensicsoft office power point presentation
New microsForensicsoft office power point presentationNew microsForensicsoft office power point presentation
New microsForensicsoft office power point presentation
nisartiwana
 
What You Need to Know Before Upgrading to SharePoint 2013
What You Need to Know Before Upgrading to SharePoint 2013What You Need to Know Before Upgrading to SharePoint 2013
What You Need to Know Before Upgrading to SharePoint 2013
Perficient, Inc.
 
Learn how to debug
Learn how to debugLearn how to debug
Learn how to debug
Fabrício Catae
 
MADUSE Report Summary
MADUSE Report SummaryMADUSE Report Summary
MADUSE Report Summary
Rui Santos
 
The effects of gay parents
The effects of gay parentsThe effects of gay parents
The effects of gay parents
corawood
 
Oeufs brouillés
Oeufs brouillésOeufs brouillés
Oeufs brouillés
Oscar Chu
 
Trias Trail 2016 special in Papillio magazine
Trias Trail 2016 special in Papillio magazine Trias Trail 2016 special in Papillio magazine
Trias Trail 2016 special in Papillio magazine
Trias ngo
 
3 way handshake
3 way handshake3 way handshake
3 way handshake
Yode Arliando
 
Yoga arise roby
Yoga arise robyYoga arise roby
Yoga arise roby
Arise Roby
 
F:\el estudio de casos como técnica didáctica
F:\el estudio de casos como técnica didácticaF:\el estudio de casos como técnica didáctica
F:\el estudio de casos como técnica didáctica
mencarmando
 
Kitchen Renovation
Kitchen RenovationKitchen Renovation
Kitchen Renovation
Mel Fee
 
High School Multiple Exposure/Sequence Photography Lesson
High School Multiple Exposure/Sequence Photography LessonHigh School Multiple Exposure/Sequence Photography Lesson
High School Multiple Exposure/Sequence Photography Lesson
Meredith Hudson
 
Узагальнення знань учнів про іменник. 2 клас
Узагальнення знань учнів про іменник. 2 класУзагальнення знань учнів про іменник. 2 клас
Узагальнення знань учнів про іменник. 2 клас
Ковпитська ЗОШ
 
Business continuity at_northrop_grumman
Business continuity at_northrop_grummanBusiness continuity at_northrop_grumman
Business continuity at_northrop_grumman
Anshuman Jaiswal
 
Introductory PresentationGoals of .docx
Introductory PresentationGoals of .docxIntroductory PresentationGoals of .docx
Introductory PresentationGoals of .docx
bagotjesusa
 
Harry Regan - It's Never So Bad That It Can't Get Worse
Harry Regan - It's Never So Bad That It Can't Get WorseHarry Regan - It's Never So Bad That It Can't Get Worse
Harry Regan - It's Never So Bad That It Can't Get Worse
centralohioissa
 
Day Two - Code and Its Role in Emergency Response
Day Two - Code and Its Role in Emergency ResponseDay Two - Code and Its Role in Emergency Response
Day Two - Code and Its Role in Emergency Response
Code Communications
 
Apdip disaster mgmt
Apdip disaster mgmtApdip disaster mgmt
Apdip disaster mgmt
srinivasan gopalan
 
Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010
Nathan Winters
 

Más contenido relacionado

Destacado

New microsForensicsoft office power point presentation
New microsForensicsoft office power point presentationNew microsForensicsoft office power point presentation
New microsForensicsoft office power point presentation
nisartiwana
 
What You Need to Know Before Upgrading to SharePoint 2013
What You Need to Know Before Upgrading to SharePoint 2013What You Need to Know Before Upgrading to SharePoint 2013
What You Need to Know Before Upgrading to SharePoint 2013
Perficient, Inc.
 
MADUSE Report Summary
MADUSE Report SummaryMADUSE Report Summary
MADUSE Report Summary
Rui Santos
 
The effects of gay parents
The effects of gay parentsThe effects of gay parents
The effects of gay parents
corawood
 
Oeufs brouillés
Oeufs brouillésOeufs brouillés
Oeufs brouillés
Oscar Chu
 
F:\el estudio de casos como técnica didáctica
F:\el estudio de casos como técnica didácticaF:\el estudio de casos como técnica didáctica
F:\el estudio de casos como técnica didáctica
mencarmando
 

Destacado (16)

Diapositivas tita grupo 4
Diapositivas tita grupo 4 Diapositivas tita grupo 4
Diapositivas tita grupo 4
 
Test thinking
Test thinkingTest thinking
Test thinking
 
Coralys
CoralysCoralys
Coralys
 
New microsForensicsoft office power point presentation
New microsForensicsoft office power point presentationNew microsForensicsoft office power point presentation
New microsForensicsoft office power point presentation
 
What You Need to Know Before Upgrading to SharePoint 2013
What You Need to Know Before Upgrading to SharePoint 2013What You Need to Know Before Upgrading to SharePoint 2013
What You Need to Know Before Upgrading to SharePoint 2013
 
Learn how to debug
Learn how to debugLearn how to debug
Learn how to debug
 
MADUSE Report Summary
MADUSE Report SummaryMADUSE Report Summary
MADUSE Report Summary
 
The effects of gay parents
The effects of gay parentsThe effects of gay parents
The effects of gay parents
 
Oeufs brouillés
Oeufs brouillésOeufs brouillés
Oeufs brouillés
 
Trias Trail 2016 special in Papillio magazine
Trias Trail 2016 special in Papillio magazine Trias Trail 2016 special in Papillio magazine
Trias Trail 2016 special in Papillio magazine
 
3 way handshake
3 way handshake3 way handshake
3 way handshake
 
Yoga arise roby
Yoga arise robyYoga arise roby
Yoga arise roby
 
F:\el estudio de casos como técnica didáctica
F:\el estudio de casos como técnica didácticaF:\el estudio de casos como técnica didáctica
F:\el estudio de casos como técnica didáctica
 
Kitchen Renovation
Kitchen RenovationKitchen Renovation
Kitchen Renovation
 
High School Multiple Exposure/Sequence Photography Lesson
High School Multiple Exposure/Sequence Photography LessonHigh School Multiple Exposure/Sequence Photography Lesson
High School Multiple Exposure/Sequence Photography Lesson
 
Узагальнення знань учнів про іменник. 2 клас
Узагальнення знань учнів про іменник. 2 класУзагальнення знань учнів про іменник. 2 клас
Узагальнення знань учнів про іменник. 2 клас
 

Similar a DR luncheon presentation

Business continuity at_northrop_grumman
Business continuity at_northrop_grummanBusiness continuity at_northrop_grumman
Business continuity at_northrop_grumman
Anshuman Jaiswal
 
Introductory PresentationGoals of .docx
Introductory PresentationGoals of .docxIntroductory PresentationGoals of .docx
Introductory PresentationGoals of .docx
bagotjesusa
 
Harry Regan - It's Never So Bad That It Can't Get Worse
Harry Regan - It's Never So Bad That It Can't Get WorseHarry Regan - It's Never So Bad That It Can't Get Worse
Harry Regan - It's Never So Bad That It Can't Get Worse
centralohioissa
 
Bcp coop training taxpayer services 1-15-09
Bcp coop training taxpayer services 1-15-09Bcp coop training taxpayer services 1-15-09
Bcp coop training taxpayer services 1-15-09
Richard Turner
 
Contingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMContingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATM
Wajahat Ali Khan
 
Disaster Recovery Planning Powerpoint Presentation Slides
Disaster Recovery Planning Powerpoint Presentation SlidesDisaster Recovery Planning Powerpoint Presentation Slides
Disaster Recovery Planning Powerpoint Presentation Slides
SlideTeam
 
Disaster Recovery Planning PowerPoint Presentation Slides
Disaster Recovery Planning PowerPoint Presentation SlidesDisaster Recovery Planning PowerPoint Presentation Slides
Disaster Recovery Planning PowerPoint Presentation Slides
SlideTeam
 
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
centralohioissa
 
ISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docxISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docx
vrickens
 

Similar a DR luncheon presentation (20)

Business continuity at_northrop_grumman
Business continuity at_northrop_grummanBusiness continuity at_northrop_grumman
Business continuity at_northrop_grumman
 
Introductory PresentationGoals of .docx
Introductory PresentationGoals of .docxIntroductory PresentationGoals of .docx
Introductory PresentationGoals of .docx
 
Harry Regan - It's Never So Bad That It Can't Get Worse
Harry Regan - It's Never So Bad That It Can't Get WorseHarry Regan - It's Never So Bad That It Can't Get Worse
Harry Regan - It's Never So Bad That It Can't Get Worse
 
Day Two - Code and Its Role in Emergency Response
Day Two - Code and Its Role in Emergency ResponseDay Two - Code and Its Role in Emergency Response
Day Two - Code and Its Role in Emergency Response
 
Apdip disaster mgmt
Apdip disaster mgmtApdip disaster mgmt
Apdip disaster mgmt
 
Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010Ultan kinahan dr - minasi 2010
Ultan kinahan dr - minasi 2010
 
Bcp coop training taxpayer services 1-15-09
Bcp coop training taxpayer services 1-15-09Bcp coop training taxpayer services 1-15-09
Bcp coop training taxpayer services 1-15-09
 
Contingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATMContingency Plan WAK BANKS ATM
Contingency Plan WAK BANKS ATM
 
Incident managment plan
Incident managment planIncident managment plan
Incident managment plan
 
BCP Awareness
BCP Awareness BCP Awareness
BCP Awareness
 
Disaster Recovery Planning Powerpoint Presentation Slides
Disaster Recovery Planning Powerpoint Presentation SlidesDisaster Recovery Planning Powerpoint Presentation Slides
Disaster Recovery Planning Powerpoint Presentation Slides
 
Disaster Recovery Planning PowerPoint Presentation Slides
Disaster Recovery Planning PowerPoint Presentation SlidesDisaster Recovery Planning PowerPoint Presentation Slides
Disaster Recovery Planning PowerPoint Presentation Slides
 
Continuity Planning 101
Continuity Planning 101Continuity Planning 101
Continuity Planning 101
 
Business continuity plan
Business continuity planBusiness continuity plan
Business continuity plan
 
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
Harry Regan - Disaster Recovery and Business Continuity - "It's never so bad ...
 
Business Recovery Planning
Business Recovery PlanningBusiness Recovery Planning
Business Recovery Planning
 
Pertemuan 15 disaster recovery plan
Pertemuan 15 disaster recovery planPertemuan 15 disaster recovery plan
Pertemuan 15 disaster recovery plan
 
Varrow Madness 2014 DR Presentation
Varrow Madness 2014 DR PresentationVarrow Madness 2014 DR Presentation
Varrow Madness 2014 DR Presentation
 
ISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docxISOL 533 - Information Security and Risk Management DIS.docx
ISOL 533 - Information Security and Risk Management DIS.docx
 
Drp
DrpDrp
Drp
 

DR luncheon presentation

  • 1. Disaster Recovery White Feather Solutions Disaster Recovery Planning
  • 2. Summary  First Six Months As CIO of organization in close proximity to twin towers  What occurred during and after 9/11  Post Mortem  Planning for a Disaster  BCP recommendations  RIO proposed roadmap of DR facilities and services
  • 3. First Six Months As CIO with Boutique Financial Firm left three ominous letters from the previous CIO 1. Evaluate departmental requirements and assess overhead 2. Cut Unnecessary Overhead 3. Cut Extraneous Servers and Systems 4. Cut Personnel
  • 4. First Six Months As CIO At Financial Firm  Discovered report from the previous CIO who was in place during the 1993 bombing of the World Trade Center  Enterprise was shutdown for 10 days  Losses totaled over 100M  No insurance  No Business Continuity Plan
  • 5. New Mission  Developed disaster recovery plan  Had expertise with this type of firm prior to becoming CIO and wrote several BCP’s for similar firms engaged in Y2K projects  Utilized a BCP I developed which was accepted by Deloitte auditors for Y2K and updated it to reflect the present IT procedures
  • 6. New Mission  Interviewed all the departments in order to add their segments of the enterprise to the BCP with the latest business practices  Queried department heads as to what were their most critical functions and what needed to be protected and running during a disaster  Ascertained what functional interdependencies currently existed between the departments and if they needed to be protected and running
  • 7. Presentation of the DR Plan to Management  Reviewed the outcome of the 1993 bombing and the significant financial impact it had on the organization which, like many in NYC, had been caught unprepared on many levels.  Outlined the Business Continuity Plan  Reviewed what was needed in terms of resources for BCP  Demonstrated graphically how each process would be addressed during an actual disaster  Reviewed SLAs negotiated with the vendors  Proposed new processes to be incorporated in the Enterprise  Reviewed the costs involved in the implementation of the plan, approximated $100,000.
  • 8. Results  Management balked at the business processes and their associated costs.  A common roadblock to BCP success: management did not buy into the ongoing cost for backup servers that, as they saw it, were not being used.  BCP presentation took place on February 9th, 2001  With zero budget, over the next 5 months I created, implemented and tested a DR plan in my own department. I shared the plan with all department heads.  A few of the back office departments implemented the plan.  THEN CAME 9/11...
  • 9. Workday visuals  This is what many NYC residents who walked to work everyday routinely saw
  • 10. September 11, 2001  reports came into the office that a small plane was off course and had hit one of the twin towers.  Office talk was buzzing as to whether business should close  15 minutes later the second plane hit . A call came in from management asking for direction. As CIO, every facet of the business touched the data network whose operation was my responsibility. My response was clear. The business had to shut down.  Background as Marine fighter pilot post Viet Nam served myself and my company well.
  • 11. September 11 2001  About an hour or so after that the collapse:
  • 12. September 11 2001  And finally the aftermath:
  • 14. Spring in to action  Our communications plan was immediately implemented.  Emailed a standard evacuation list to department heads and instructed them to vacate. For those departments who had the plan invoke it and vacate.  SMT (Survival Management Teams – 5 two person teams) went through 5 floors of offices making sure everyone was leaving and giving instruction on where to meet, well away from the disaster, which had been predetermined.  Ordered a shutdown of all systems and the evacuation of all personnel, and collection of all software backups.  Attempted to call vendors, however land and wireless lines were all tied up. I sent emails ordering lines, systems, software to be brought to a second facility we had in Queens, some 6 miles away.  Once all the employees were evacuated and the doors locked, we proceeded to walk to the United Nations Building, the predetermined meet place. We took a head count, everyone had made it.
  • 15. Spring into action Management request “PICK 5 MEN AND GO IN AND RETRIEVE FINANCIAL SERVERS” Response I WILL GO IN IF PROVIDED WITH OXYGEN, PROTECTIVE SUITS AND CASH TO GET PAST THE SECURITY ROADBLOCKS. THESE MEN HAVE FAMILIES AND HAVE NOT EXPERIENCED WAR . Management CASH ONLY
  • 16. Aftermath  set up a hotline using voice mail. The city was completely shutdown. I experienced difficulty updating the voice mail  Receive call from management. They attempted to perform a rescue mission of the servers and the financial data. Men that went in, are still receiving mental health therapy.  The following day, along with a NYC police officer, two of my people and myself, a cart, dressed in fire retardant suits, with oxygen masks, axes, crowbars, we go get the servers  We had to strap them on our backs and take them, one by one, down 5 flights of stairs.
  • 17. POST MORTEM  Proposed DR plan -$100K  Cost to get basic functionality back - $500k+  Replacement of lost equipment - $1.2M  Insurance picked up around 25%  It took around 21 days to get back on line at a loss of approximately $160M  Risk to employees, having to recover the servers
  • 18. PLANNING FOR A DISASTER Types Of Disasters  Fire / Explosions  Natural Disasters - Tropical Storms and Hurricanes - Tornado and Thunderstorms - Earthquakes - Floods  Utilities Disruption - Electric - Gas - Water - Phone - Heat / Air Conditioning - Loss Of Elevators - Computer System Failure
  • 19. PLANNING FOR A DISASTER Types Of Disasters  Security Emergency - Bomb Threats - Criminal Acts on Individuals - Civil Disturbance  Hazardous Materials Spills/Releases  Food Borne Illness  Visitors Incidents  Employee Incidents - Employee Serious Injury/Death - Workplace Violence  Media Inquiries  Evacuation - Site Evacuation Planning Factors - Community Wide Evacuation  Shelter-In-Place
  • 20. PLANNING FOR A DISASTER Components of a Disaster Recovery Plan  Human Continuity Plan  Create Survival Management Teams  Define a scope of what the plan will cover  Business Continuity Plan  Define each departments role in the enterprise and determine how critical their functions are to the business  Develop contingencies to critical business processes  Facility Response Plan  Create Facility Response Teams  Describe Facilities & Locations  Define a scope of what the plan will cover
  • 21. PLANNING FOR A DISASTER Components of a Disaster Recovery Plan  Event Management  Create Crisis Management Teams  Detection of events  Incident Detection  Incident Assessment and  Classification  Automatic Detection of Events  Fire Alarms  Intrusion Alarms  Event Response  Notification of proper authorities
  • 22. PLANNING FOR A DISASTER Components of a Disaster Recovery Plan  Crisis Communication Plan  Determine how the enterprise communicates with it’s employees  Post Disaster Review  Disaster Testing Plan  Frequency
  • 23. PLANNING FOR A DISASTER Examples of Components in a Disaster Recovery Plan Human Continuity Plan  Survival Management Team Member  Company will send volunteers for EMT training  Volunteers will be trained in light extrication
  • 24. PLANNING FOR A DISASTER Examples of Components in a Disaster Recovery Plan Business Continuity Plan