OpsCentre - Gold partners with Continuity Forum

Find us on LinkedIn

Find us on Facebook

Follow us on Twitter


Guerrilla Business Continuity Management

November 20th, 2014

Guerrilla warfare, guerrilla marketing, guerrilla negotiating – if all these things can benefit from a ‘guerrilla’ point of view, how about business continuity management? The basic concept is to get bigger results from a smaller amount of resources, possibly supplemented by some lateral thinking. Guerrilla soldiers don’t have the big guns and tanks of their adversaries. Guerrilla marketers don’t have the big television and print budgets of their competitors. And guerrilla negotiators learn to think around business deals to turn losing propositions into winning ones. Guerrilla business continuity management can draw on each of these areas to help BCM move forward.

Read the rest of this entry »

Disaster Recovery and Technological Horrors

November 18th, 2014

In disaster recovery, technology is often a neutral element – neither good nor bad, in itself. Some technologies are better suited to specific needs or offer relative improvements to existing solutions. What determines whether an organisation benefits or suffers is the application of technology. When it is used unthinkingly and incorrectly, the horror stories start. Worse still, many technology-related disaster recovery failures are repeats of catastrophes that were already happening decades ago. What have we learnt since then – or what should we have learned?

Read the rest of this entry »

The Two Faces of the Increase in Regulatory Risk

November 13th, 2014

How does a business cope with regulations that, when piled on top of each other, are ‘three Eiffel Towers high’? That’s the future for the financial industry, according to a recent report from financial regulations consultancy JWG and its forecast for the situation in 2020. But regulatory risk is also growing in many sectors. New legislation is swinging into play relating to developments unforeseen five years ago. Should organisations simply chase ever-evolving and expanding regulations to try to remain conformant? Or is there an opportunity here, disguised as a problem?

Read the rest of this entry »

The Ebola Disaster and Double-Edged Logistics

November 11th, 2014

The Ebola outbreak in West Africa is taking a horrific toll in human lives on a scale that is unprecedented. It is also happening in a place that makes the whole rescue process an order of magnitude more difficult. Besides trying to save those already infected, aid workers must cope with the fact that the disease moves more easily outwards than medical supplies and vaccines can be brought inwards. The gradual improvement of logistics and transport in the region over the last few decades is having a perverse effect. It is encouraging the spread of infection, but hindering measures to eliminate it. How can this be?

Read the rest of this entry »

A Quick Guide to Advanced Persistent Threats

November 6th, 2014

The world turns and things change – and that includes computer hacker approaches too. The immediate threats of malware and cybercriminals are relatively well-known. Phishing emails are designed to get you to click right away on a hacker’s link. Worms burrow through systems, always on the go. Viruses in that free software you should not have downloaded replicate and ravage. But now there’s a new menace with a different approach. Instead of attacking your system now, some hackers are making themselves at home for the longer term. They enter by stealth and lie low. Then they start to use your computers – just like they were their own computers. Welcome to the Advanced Persistent Threat or APT for short.

Read the rest of this entry »

Ebola Outbreak – What Should You Know About It?

November 4th, 2014

With the deaths of more than 4,000 people and an estimated 8,000 cases (at this time), the Ebola epidemic has affected three West African countries in particular. But Ebola could also spread to become a pandemic without geographical limitation. There are three key questions to be answered:

Read the rest of this entry »

Coffee-Shop Recovery Tactics for Today’s Enterprise

October 30th, 2014

The times, they are a-changing. Mobile computing devices not to mention BYOD and a millennial attitude mean that a substantial number of employees in enterprises now do their work away from their desks. Whether at home, in a bus, train or plane, or in their favourite coffee-shop, if there’s a Wi-Fi connection available, there’s a potential workspace in the making. But naturally enough, all this may then escape the control of the enterprise or at least partially so. For instance, how can companies then implement effective work area recovery for such nomadic workers in the event of an IT incident?

Read the rest of this entry »

Information Security – Are Companies Giving Up?

October 28th, 2014

With the security threats around today, the sheer mass of information and the vulnerabilities to attack, it has to be admitted that information security is a challenge. But not an insurmountable one. The right information security takes planning and organisation. The advantages include prevention of loss and damage through information being stolen or compromised, as well as a more alert, capable workforce. So why does one recent survey show a downwards trend in implementing information security procedures?

Read the rest of this entry »

All the Best in Your New Job (and Leave Your Passwords at the Door)

October 23rd, 2014

Knowledge is a tricky thing to handle. Sometimes you can’t get it to stick, for instance, when you’re trying to get people to use a purpose-built sales forecasts system instead of Excel files. Sometimes you wish you could magically unstick it, in the same way you can erase memory sticks. Employees leaving the business are a case in point. In their heads they hold information about products, plans, customers, system logons and more. As the erasable employee is not currently a reality, you’ll have to face the fact that they will walk out with confidential data in their heads. What can you do about it?

Read the rest of this entry »

Information Security – What Do You Think It’s All About?

October 21st, 2014

When was the last time you saw a survey on Information security in enterprises? It’s a topic that often means different things to different people. For some it’s antivirus software to stop malware getting in, while for others it’s strict secrecy to stop marketing strategies from getting out. Yet data breaches can happen anywhere in a company and in a multitude of ways. Here are a few aspects that may help broaden your perception of some of the risks.

Read the rest of this entry »

Sometimes It’s the Simple Things that Compromise Information Security

October 16th, 2014

Information security often conjures up notions of complex anti-virus software, hardware firewalls and perhaps a high security data centre with biometric access checks. All of this is possible and often used to good effect. However, it would be a mistake to think that security stopped there. Like the Maginot Line in France at the beginning of World War Two, it’s no good being bullet-proof at the front if the enemy sneaks in round the back. And attackers in cyberspace know that it is often faster and easier to get the access information they need by human security laxity, rather than technical hacking. So what should you be looking out for?

Read the rest of this entry »

Have You Met the Recovery Consistency Objective?

October 14th, 2014

Which disaster recovery measurements do you really need? The answer is the ones that are effective in helping you to plan and execute good DR. So your choice will naturally depend on your IT operations. The two ‘classics’ of the recovery time objective (RTO) and recovery point objective (RPO) are so fundamental that they apply to practically all situations. But suppose your organisation is running a service-oriented IT architecture with business applications like ERP using resources supplied by other servers. If some of the servers cannot be recovered satisfactorily, there may be a secondary impact elsewhere. How can you measure this situation and define a minimum acceptable level of recovery?

Read the rest of this entry »

The Impact on Business Continuity When Data and Security Vendors Work Together

October 9th, 2014

A recent announcement explained that cyber-security ‘big names’ McAfee and Symantec have agreed to share their threat data. It’s a development that should benefit customers of both vendors. Historically, IT vendors have swung back and forth between the multi-vendor approach (“we’ll handle the other vendor’s stuff for you”) and so-called coopetition, where two or more providers joined forces by agreeing to operate to a common standard for instance. The McAfee-Symantec pact ranges over sharing malware signatures to information on real-time attacks. Who else might follow this apparently enlightened example?

Read the rest of this entry »

Business Benefit Checklist for New Business Continuity Technology

October 7th, 2014

When should you bring in new technology? When it does a better job at meeting your needs, of course. It’s the same for business continuity management. Migrating from in-house physical servers to cloud computing services should be properly justified by lower costs, higher reliability and better performance for instance. Without sacrificing data confidentiality, control or conformance. While cloud computing makes sense for many organisations, there are cases where it doesn’t (example – cloud computing isn’t always cheaper). Looking at the following business criteria and then analysing what new generation technology has to offer may be the smarter way to do things.

Read the rest of this entry »

Where are the Holes? Turning IT Security Inside-Out

October 2nd, 2014

It’s an unfortunate truth. The holes in your IT security are most likely to be where you neither see them nor expect them. That means they’ll be outside the basic security arrangements that most organisations make. Firewalls, up to date software versions and strong user passwords are all necessary, but not sufficient. Really testing security is akin to an exercise in lateral thinking or even method acting. You have to look at your systems and network from the outside to see how a hacker or cybercriminal might try to get through or round the mechanisms you’ve put in place. And there’s more still to this inside-out approach to protecting your organisation.

Read the rest of this entry »