IT Risk Mitigation Lewan Technology, Agility Recovery, FORTRUST & Woodruff Sawyer.

Slides:

Advertisements

Similar presentations

BCM and Security ROGSI/DMS Präsentation ROGSI/DMS Suite for Corporate Survival ROGSI/Business Impact Analysis TOP 7 Best Practices for Business Continuity.

Advertisements

Maximizing Uptime and Your Firm's Bottom Line: Understanding risk and budget when evaluating business continuity & disaster recovery protocols Michael.

DISASTER CENTER Study Case DEMIRBANK ROMANIA “Piata Financiara” ConferenceJanuary 29, 2002 C 2002.

GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.

1 Disk Based Disaster Recovery & Data Replication Solutions Gavin Cole Storage Consultant SEE.

Our Technology Comes with People Disaster Recovery Planning Glenn Lytle, Vice President Sales, Lumos Networks July 28,

Government Technology Bay Area Technology Forum November 5, 2009 Presented By: Jon Fullinwider Director, Local Government Citrix Systems, Inc. Presented.

TEL382 Greene Chapter /27/09 2 Outline What is a Disaster? Disaster Strikes Without Warning Understanding Roles and Responsibilities Preparing For.

Security Posture Assessment (SPA) Headquarters: Ofisgate Sdn Bhd ( A), 2-15 Jalan Jalil Perkasa 13 Aked Esplanad, Bukit Jalil, Kuala Lumpur,

Disaster Recovery and Business Continuity Ensuring Member Service in Times of Crisis.

1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.

1 Disaster Recovery Planning & Cross-Border Backup of Data among AMEDA Members Vipin Mahabirsingh Managing Director, CDS Mauritius For Workgroup on Cross-Border.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

John Graham – STRATEGIC Information Group Steve Lamb - QAD Disaster Recovery Planning MMUG Spring 2013 March 19, 2013 Cleveland, OH 03/19/2013MMUG Cleveland.

Business Crisis and Continuity Management (BCCM) Class Session

Services Tailored Around You® Business Contingency Planning Overview July 2013.

November 2009 Network Disaster Recovery October 2014.

Disaster Recovery as a Cloud Service Chao Liu SUNY Buffalo Computer Science.

2008© COPYRIGHT 1 1 ATHN DATA SUMMIT DISASTER PREPAREDNESS JULY 31, 2008 PANEL MEMBER - JOY MAHURIN COMPREHENSIVE BLEEDING DISORDERS CENTER CONTINUITY.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Welcome to iDOC Corp. DocHost Solution Online Document Management DocHost 14 Day Free Trial

Effectively Explaining the Cloud to Your Colleagues.

The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Corporate Information Systems Delivery of Infrastructure IT Services.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.

DotHill Systems Data Management Services. Page 2 Agenda Why protect your data?  Causes of data loss  Hardware data protection  DMS data protection.

Insurance Institute for Business & Home Safety Even if the worst happens, be prepared to stay.

David N. Wozei Systems Administrator, IT Auditor.

1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.

BUSINESS AS USUAL. NO MATTER WHAT.. Business Continuity Is About The Future. BUSINESS AS USUAL. NO MATTER WHAT. The future of your family. The future.

Co-location Sites for Business Continuity and Disaster Recovery Peter Lesser (212) Peter Lesser (212) Kraft.

By Srosh Abdali.  Disaster recovery is the process, policies and procedures related to preparing for recovery or continuation of technology infrastructure.

Secure Data Sharing What is it Where is it What is the Risk – Strategic > What Policy should be enforced > How can the process be Audited > Ongoing Process.

Information Availability Brett Paulson Sr. VP and Chief Information Officer Board of Trade Clearing Corporation FIA – November 7, 2002.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Protecting Your Business! SBA Ft. Lauderdale November 15, 2006 Gregory Levine, Sr. Director Marketing.

Virtualization for Disaster Recovery Panel Discussion May 19, 2010 Ed Walsh EMC vSpecialist EMC Corporation Cell Chris Fox.

E.Soundararajan R.Baskaran & M.Sai Baba Indira Gandhi Centre for Atomic Research, Kalpakkam.

Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &

Office of Emergency Management University of Houston-Clear Lake Business Continuity Planning.

Key Terms Business Continuity Plan (BCP) – A comprehensive written plan to maintain or resume business in the event of a disruption Critical Process –

Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.

CONTROLLING INFORMATION SYSTEMS

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

Luminex Virtual Tape Storage System Brian Sullivan Director of Computer Operations Broward County Public Schools 1.

IT Services Model Business Requirements IT Strategies Goals

Tom Lenart & John Field CT DEMHS Region 2.  Department of Emergency Services and Public Protection (DESPP)  Commission on Fire Prevention and Control.

CBIZ RISK & ADVISORY SERVICES BUSINESS CONTINUITY PLANNING Developing a Readiness Strategy that Mitigates Risk and is Actionable and Easy to Implement.

Information Security Crisis Management Daryl Goodwin.

Information Technology Acceptable Use An Overview CSTMC All Staff Meeting February 10, 2014.

Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.

EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY

Utilizing Your Business Continuity Plan.

CompTIA Security+ Study Guide (SY0-401)

BEST CLOUD COMPUTING PLATFORM Skype : mukesh.k.bansal.

Business Continuity / Recovery

Peggy M. Jackson, DPA, CPCU Peg Jackson & Associates

DISASTER PREPAREDNESS After a Crisis of Any Size

Information Technology (IT) Department

CompTIA Security+ Study Guide (SY0-501)

Business Contingency Planning

Business Continuity Planning

Business Continuity Technology

Demystifying the Cloud

Presentation transcript:

IT Risk Mitigation Lewan Technology, Agility Recovery, FORTRUST & Woodruff Sawyer

Presenters The Panel: Scott Pelletier, Lewan Technology, CTO Rob McClary, SVP & GM, FORTRUST Dan McCarter, Manager, Agility Recovery Conor Overstake, Assistant VP, Woodruff-Sawyer Moderator: Rick Cranston, Director of Business & Product Development Mountain West Credit Union Association

IT Risk Considerations Network Security Data Protection Geographic Protection Employee Productivity Physical Security Compliance Insurance Protection

Risk Mitigation Techniques  Risk Acceptance  Risk Avoidance  Risk Limitation  Risk Transference

WHAT ARE RTOs and RPOs? RTO/RPO (these should be vetted with business leadership) Recovery Time Objective – maximum time to bring a system back online before severe business impact occurs Recovery Point Objective – the amount of data loss a business process/application can sustain before severe business impact occurs Ask business questions that yield technology answers

What’s Your Overall IT Risk Reduction Considerations  Information / Infrastructure Security  Physical, Social and Technical  Who in your organization is responsible for security?  Do you have written security policies and procedures?  Do you follow them?  How often are they reviewed?  How do you train your employees on your security procedures?  When was the last time you had a security penetration or DR test?  Do you take security seriously?  Data Protection Strategies  Real-time  Point-in-time  Long time  Geographic

Hazards  NATURAL HAZARDS Meteorological Geological Biological  HUMAN-CAUSED HAZARDS Accidents Intentional Acts  TECHNOLOGICAL HAZARDS Information Technology Utility Outage Fire/Explosion Hazardous Materials Supply Chain Interruption

How many eggs in how many baskets Office Assets: Office Space Employees Edge network Wireless Desktop Computers Phones Printers Files (paper or electronic) Internet* WAN Circuits* Power* Cooling* Data Center IT Assets: Space for computer room Servers Storage Backup System Core Network Firewalls Phone System Internet* WAN Circuits* Power* Cooling* *Could be in one or both categories Main Office Branch Offices

How many eggs in how many baskets Office Assets: Office Space Employees Edge network Wireless Desktop Computers Phones Printers Files (paper or electronic) Internet* WAN Circuits* Power* Cooling* Data Center IT Assets: Space for computer room Servers Storage Backup System Core Network Firewalls Phone System Internet* WAN Circuits* Power* Cooling* *Could be in one or both categories Main Office Branch Offices

Move or Replicate IT Assets to a More Secure Environment Office Assets: Office Space Employees Edge network Wireless Desktop Computers Phones Printers Files (paper or electronic) Internet* WAN Circuits* Power* Cooling* Main Office Branch Offices Data Center IT Assets: Space for computer room Servers Storage Backup System Core Network Firewalls Phone System Internet* WAN Circuits* Power* Cooling*

Enable Mobile Workforce Strategy Office Assets: Office Space Employees Edge network Wireless Desktop Computers Phones Printers Files (paper or electronic) Internet* WAN Circuits* Power* Cooling* Main Office Branch Offices Data Center IT Assets: Space for computer room Servers Storage Backup System Core Network Firewalls Phone System Internet* WAN Circuits* Power* Cooling*

Obtain Mobile Office Space with Needed Assets Main Office Data Center IT Assets: Space for computer room Servers Storage Backup System Core Network Firewalls Phone System Internet* WAN Circuits* Power* Cooling* Office Assets: Office Space Employees Edge network Wireless Desktop Computers Phones Printers Files (paper or electronic) Internet* WAN Circuits* Power* Cooling*

Obtain Mobile Office Space with Needed Assets Main Office Data Center IT Assets: Space for computer room Servers Storage Backup System Core Network Firewalls Phone System Internet* WAN Circuits* Power* Cooling* Office Assets: Office Space Employees Edge network Wireless Desktop Computers Phones Printers Files (paper or electronic) Internet* WAN Circuits* Power* Cooling* Protect Against Financial and Property Loss as well

Data loss, breach, disasters are expensive

Common Insurance Gaps

How Can We Help  Planning People, Process and Technology  Backup & Recovery Solutions  Disaster Recovery Solutions  IaaS / Data Center Services  Managed Services  Mobility Solutions  Mobile Office Solutions  Insurance Protection Solutions

DR TOOLS vs. BCP Disaster Recovery Tools Processes that allow a business to protect data and resume business critical applications Designed to protect from localized failures Business Continuity Planning (BCP) Procedures that enable business processes to resume beyond the technology People, Process, Procedure and Communications

Backup Solutions Backup/Data Protection Solutions Key weaknesses of traditional backup solutions: Usually have 24hr RPOs (hourly at best), RTOs in hours at best (if disk based) Very limited DR orchestration/automation, especially for bulk operations Normally require recovery to similar HW at DR site No failback mechanism (when production systems are back online)

Managed and/or Outsourced Services to Mitigate Risk Outsourcing some services can help to transfer risk and/or provide policy, standards and tools to help avoid or limit risk. Managed Security Services Internet / Private Line Disaster Recovery IT Infrastructure Applications Infrastructure Monitoring / Management Hosted / Collaboration Managed Data Protection Managed Print Services Cloud Infrastructure Servers Storage Core Network Server Virtualization CoLo End-user Service Desk Tier 3 Data Centers

Employee Productivity Protection 4 key Elements of Protecting Employee Productivity 1. Office Space: Mobile or Brick & Mortar 2. Power: Generators & Fuel 3. Communications: Telephone and Internet Connectivity, Employee Communication Plan 4. Computer Systems: Computers, servers, printers, fax

Agility Membership Benefits Membership Features Immediate Protection Access to Member Services Online Planning Tool Monitoring of Risks & Threats: eAlerts Ongoing Education Programs: Weekly Tips Educational Webinars Testing

Business Continuity Planner to help guide members step by step Comprehensive Business Continuity Plan Template Alert Notification Tool Document Management Storage Tool Planning and Execution

Insurance Gaps What are the elements and what’s commonly missed Error and Omissions Privacy Network Security Media Infringement

Q&A / Panel Discussion