smAlbany 2013 gn bdr pp

“Irene, Sandy, Tornadoes, Oh My!

How to make sure your business can survive!”

Meet Lauren

• Needed a “Real” Job• 3 ‘Down-sizes’ in a 5 year span• 2005 Groff NetWorks was born• 8 years later: 8 employees and

dedicated to 35 companies.

Introductions

• Tell us who you are and where you are from.

• What is the one thing you would like to learn during today’s seminar?

Partnerships

What are we talking about?

“Irene, Sandy, Tornadoes, Oh My! How to make sure your business can

survive!”

What you will learn today

• The differences between Backup, Disaster Recovery and Business Continuity

• Types of disasters, their frequency and severity• Why you should be afraid…very afraid• The easiest way to insure your data isn’t lost• How to put your backup on autopilot with complete

confidence that it works

SANDY

What’s the goal?

• Make sure you never lose critical data• Minimize downtime• Recover as quickly as possible in the

event of a disaster

Why is this important?

• Of companies experiencing a major loss of data• 25% to 43% never

reopen• 51% close within two

years of the loss• A mere 6% survived over

the long term

Why is this important?

• Small businesses account for • More than 99% of companies with employees• 50% of all private sector workers• Nearly 45% of the nation’s payroll

• Commitment to planning today will help support employees, customers, the community, the local economy and the country

Business Continuity

. . . An ongoing process to ensure that the necessary steps are taken to identify the impact of potential losses and maintain viable recovery strategies, recovery plans, and continuity of services.

Special Guest

• Geoff Turner, Tech Valley Continuity

What is Business Continuity Planning?

Ongoing process designed to eliminate or mitigate the negative impact of events that disrupt normal business activities.

NYS Disaster Declarations Since 2002

Disaster Type Count

Earthquake 1

Ice Storm 1

Power Outage 1

Severe Storms and Flooding 12

Severe Winter Storm 8

Tropical Storm / Hurricane 5

Tornadoes / High Winds 3

Grand Total 31

Most Disasters Are Not “DISASTERS”

• Power Outages• Computer Failure• Telephone Outages• Water Pipe Leakage• Facility Fire• Information Breach• Supply Chain Issues

NYS Information Breaches 2005-2012

• NYS = 11.4% of U.S. Breaches20% Lost or Stolen Laptops12% Unintentional Disclosure 12% Lost or Stolen Paper Documents10% Stolen PCs or Hard Drives10% Hacking8% Insider Release of Information

Symphony of Multiple Plans

• Emergency Response Plan• Incident Management Plan• Mutual Aid / Assistance• Business Recovery Plan• Business Reconstitution

Plan• Communications Plan• Logistics Plan• Training / TESTING /

Evaluation PlanSource: Microsoft

General Continuity Planning Process

• Form a Senior Management Team• Form a Business Continuity Planning Team• Assess Risks / Impacts• Design Solutions• Implement Solutions• Document Recovery Strategies• Train Recovery Teams• TEST – TEST - TEST

Areas of Focus

• Information Technology• Primary Mission Essential Functions• Key Staff and Vendors• Vital Records and Resources• Alternate Facilities:

– People– Computer Systems

• Telecommunications: Data and Voice• Notification to clients, employees, stakeholders

Business Continuity Planning

• Most Companies Start With:• Protecting their data and technology

infrastructure

Not Just About IT Issues

• Plan for immediate disaster response – including safety of employees

• Identification of critical processes• Review insurance coverage• Disaster prevention• Key suppliers/service providers.

Where to Begin?

• Vulnerability Assessment• Probability• Potential Impact

• List potential threats considering• History• Geography• Technology• Building Characteristics

Human Errors

• Unintentional actions taken by managers and employees acting in good faith

• Most common causes• Inadequate user training• Fatigue• Carelessness

Equipment Failures

• Malfunction or complete failure of office machinery• Servers• Desktops or laptops• Fax machines• Phone systems• Network components

• Expect this type of failure at some time

Third-Party Failures

• Service delivery failures• Electrical power• Phone service• Internet service

• Financial disasters• Default of large customer• FDIC bank closure

Environmental Hazards

• Denial of access due to• Smoke from nearby fire• Hazardous substances in building• Irritants such as

• Fresh paint• Radioactive, biological or chemical

substances

Fires and Other Disasters

• Natural events• Earthquakes• Tornados, floods

and storms• Man-made disasters

• Gas leaks• Water pipe leaks

Joplin

Albany

Other Natural Disasters

• A close call for a lot of people

• What if this one hit?

Terrorism and Sabotage

• Intentional, systematic, planned and organized

• Based on malicious intent• Possibility of very concentrated damage with

relatively little effort• Perpetrated by

• Terrorists• Computer hackers• Disgruntled employees

Understand Your Risks

Groff NetWorks-11 State Street, Troy NY

Evaluate Each Disaster Based on -

• Probability of occurrence• Impact

• Human - possibility of death or injury• Property – cost of repair/replacement• Business – potential interruption of

operation• Ability to respond

• Internal resources• External resources

Vulnerability Assessment

0

1

2

3

4

5

6

7

8

9

10

ProbabilityImpact

Key Concepts

• Recovery Time Objective – RTO• How long can your business survive before

you have to be operational to remain in business?

• Recovery Point Objective – RPO• How old can your data be and still have value?

Disaster Timeline

14 days 7 days 2 days 1 hour 1 day 2 days

Disaster Recovery

. . . Is the process, policies and procedures of restoring operations

critical to the resumption of business after a disaster.

Backup

• Copying your data to a safe medium for recovery in the event of data loss due to disaster

• Protection from some disasters, like fire or flood, requires two-step backup• Backup (locally)• Transfer (off-site)

Traditional Backup Methodology

• Backup is performed nightly• Someone must remove the media and

replace it with tonight’s media• Two-step backup accomplished by

‘sneakernet’• Relies on your staff to make sure that

backup is working• Single snapshot per day

Backup to Tape

• Slow• Media degrades over time and is greatly

affected by the environment• Tape drive is expensive• Additional capacity is difficult to add• Formats are typically proprietary – must

have same type of drive and same software to restore

Move to Disk Based BackupRemovable Hard Drives

• Backup and restore times are much faster

• Capacity is easily increased• Solutions may use standard Windows

file systems• Still requires user interaction• Not as convenient to carry offsite

Offsite Backup

• Does not require user interaction• Capacity easily increased• Automated

BUT…• Data only• Slow recovery times

Here’s the problem…

We think a good backup is good enough.

Criteria For A Solid Backup System

• Take the human element out of the equation• Make sure ALL files are backed up• Automated and easy• Intra-day backups• No impact on day-to-day operations• Fast restores – and to dissimilar hardware

Criteria For Off-Site Backup

• Secure data transfer• Secure data storage• Ability to receive data overnight• Ability to send initial backup on hard drive• Geographically separate from you• Low cost off-site storage• Regulatory compliance – HIPAA, SOX, GLBA

Questions to ask

• How much revenue, gross AND net, do you generate?

• How many employees do you have, what is their cost?

• How much of that is facilitated, or even dependent, on your IT infrastructure?

Questions to ask

• How will a failure – even a short lived failure – be perceived by your customers and your employees?

• How quickly can you recover lost files?• If a server fails, how long will it be before

you are back up and running…how much opportunity cost would this represent?

Could you survive . . . ?

Could you survive . . . ?

• I think she may be getting fired for this!

Does your backup do this?

• Meets multiple regulatory requirements• Addresses the BC, DR and B• Utilizes Server hardware

8 Reasons Why You Need To Replace Your Current Backup

1. Near Real-Time Backups– – As frequently as every 15 minutes

2. Complete Image – – Backs up your entire server including

open files3. Restores that are Intuitive, Flexible

and Fast

8 Reasons Why You Need To Replace Your Current Backup

4. Secure Bandwidth Throttling Transfer

5. Secure Remote Storage6. Monitored and Verified 24x7

8 Reasons Why You Need To Replace Your Current Backup

7. Virtualization• Server Fails• NAS Virtualizes Server

• One hour or less• No reconfiguration necessary

• Backups Continue

8 Reasons Why You Need To Replace Your Current Backup

8. Overnight Disaster Recovery

• Replacement appliance delivered with most recent off-site image(s) of your server(s)

• Business can be back up and running within 24 hours

• And, now with Cloud server failover, you could be running in the matter of hours if you were to lose your facility!

How it works

Our Clients. . .

• “The Arsenal Partnership is very pleased with Groff NetWorks. Groff NetWorks’ staff is very helpful and the technicians are extremely knowledgeable. Their quick response to address our various IT requests has been refreshing.” – Doreen Dean, Administrative Assistant, Arsenal Business & Technology Partnership

Our Clients. . .

“Groff NetWorks is prompt, friendly, and most importantly, honest. They really do a great job.” - Donna Gutzwiller, Office Manager, Audio Visual Sales & Service

Questions?