COMP-15:%20Disaster%20Recovery%20Planning:%20Be%20Scared,%20Be%20Very%20Scared

1
COMP-15 Disaster Recovery Planning Be Scared,
Be Very Scared
Brian Bowman
Senior Solution Engineer
2
Agenda

• Introduction
• The Bad News
• Defining Disasters
• The Good News

3
Introductory Thought
4
Introduction

• Doom Gloom
• Always the pessimist
• The glass is half empty
• Goals
• Provide you with a complete look at BC
• Allow you to quantify / qualify what you can (
  cant) do

5
Agenda

• Introduction
• The Bad News
• Defining Disasters
• The Good News

6
Avian Flu Status as of 20 May 2007 (7)

• Phase 3
• 291 Human Cases Reported
• 172 Deaths (mortality rate 59)
• Infected animals reported in 61 countries
• CDC predicts that 30 50 of American workers
  will be out for a minimum of 6 weeks

7
FEMA Status

• 26 disasters reported in USA thus far in 2007
• 52 disasters reported in all of 2006
• Hurricane season started 13 days ago
• http//www.FEMA.gov

8
Federal Disasters 2000 - 2007
9
Current World Health Organization (WHO) Status

• Countries with Crises / Emergencies
• (20 May 2007)
• Afghanistan, Angola, Botswana, Burkina Faso,
  Burundi, Central African Republic (CAR), Chad,
  China, Colombia, Democratic Republic of the
  Congo, Republic of Congo, Cote dIvoire,
  Djibouti, Eritrea, Ethiopia, Ghana, Guinea,
  Haiti, India, Indonesia, Islam Republic of Iran,
  Iraq, Kenya, Lebanon, Lesotho, Liberia, Malawi,
  Mozambique, Niger, Nepal, Pakistan, Philippines,
  Russian Federation Chechnya, Rwanda, Sierra
  Leone, Solomon Islands, Somalia, South Africa,
  Sri Lanka, Sudan, Swaziland, Tajikistan,
  Tanzania, Timor-Leste, Uganda, Venezuela, Zambia,
  Zimbabwe

10
Agenda

• Introduction
• The Bad News
• Defining Disasters
• The Good News

11
Disaster Categories

• Acts of Nature
• Acts of Man
• Man-made
• Infrastructural
• Organizational

12
Acts of Nature

• Flood, Fire, Tornadoes, Hurricanes, Earthquakes,
  Winter Storms, Electrical Storms, Wildfires,
  Flooding

Earthquakes within the last 8 - 30 days (20 May
2007) (3)
13
Man-made - Individual

• Intentional acts of disruption perpetrated by one
  individual
• Examples computer hacking, loss of records,
  unauthorized access, white collar crime,
  workplace violence, espionage, intellectual
  property theft
• Enron, Tyco, Parmalat,

14
Threat Example Intellectual Property

• International trade losses due to product
  counterfeiting and piracy are much lower than
  estimated losses in 2005 were up to 200bn
  (1)
• where more than 90 percent of all software is
  illegal. The US has the lowest rate worldwide at
  22 per cent, (2)

15
Threat Example Workplace Violence

• 1 out of 4 workers have been attacked or harassed
  
• Number of people attacked in the last year 2
  million
• Number of people threatened 6.3 million
• Number of people harassed 16.1 million
• 21 said a co-worker had been threatened with
  physical harm in the past year. (4)

16
Man-made - Group

• Larger scale Incidents of disruption such as
  strikes, violence, warfare, terrorism, civil
  disobedience
• Examples negative publicity, labor disputes,
  legal problems, transportation disruptions, civil
  unrest

17
Threat Example Country Risk Assessment (CRA)
Types of Country Risks

• Political
• Wars, revolutions, coups
• Economic
• Financial
• Labor
• Low productivity, militant unions
• Legal
• Laws may be changed
• Terrorism

18
Infrastructure Disruption

• Threats to the infrastructure that can cause a
  business to stop functioning
• Examples delivery malfunctions, environmental
  hazards, power outages, medical emergencies,
  virus attacks, biological hazards, computer
  failure, computer viruses, power outages, supply
  chain problems, loss of site access

19
Power Outage Solution
20
Organizational Disruption

• Mergers and Acquisitions, Reduction in Workforce,
  Staffing issues, Succession Planning, Business
  relocation
• Examples Flexibility / agility to add new
  company, H5N1 staff reduction, expansion to China

21
Agenda

• Introduction
• The Bad News
• Defining Disasters
• The Good News

22
Your Existing Plan

• Do you have one?
• Is it comprehensive?
• Where did the Risk analysis come from?
• Does it meet the business needs?
• Do you throw out what you have and start over?
• Can you salvage anything?

23
Measuring Risk - Definition

• Risk - a potential negative impact to an asset or
  some characteristic of value that may arise from
  some present process or future event

24
Risks in Our World

• Costs
• What are the costs associated with a risk?
• What are the chances of it happening?
• Can the risk be eliminated and managed?
• It is perfectly acceptable to accept risk as
  long as it is measurable and known.

25
The Risk Process
Control
Identify
Document Communicate
Analyze
Track
Plan
26
Risk Assessments where to focus
High Impact Low probability
High
Impact
High Probability Low Impact
Low
High
Low
Probability
27
Charting Risks on the Graph

• Disk failure Risk
• Loss of Power
• Virus
• Loss of Key Personnel
• AppServer Crash

28
Risk Assessments where to focus
High Impact Low probability
Disk Loss
High
Loss of Power
Virus
Loss of DBA
Impact
AppServer Crash
Prevent Data Loss
High Probability Low Impact
Low
High
Low
Probability
29
Figuring out what you missed

• Resources to look into it
• Local Resources
• State / Provincial / Regional Resources
• Country-based Resources
• Region-based Resources
• International Resources

30
What else did you miss

• Looking at similar companies
• In another region
• In a parallel business line
• Industry Associations
• Professional Societies

31
Additional Help

• 3rd party assistance
• Consulting
• Professional Agencies Associations (DRI, BCI,
  etc.)

32
Options Available to you

• Progress Software Options
• 3rd party options
• Consulting Options
• Home-grown Options

33
Progress Options

• Are you on the latest version?
• Backups!!!!
• After-Imaging
• OpenEdge Replication
• Failover Clusters
• Application Server Load Balancing Availability
• Sonic CAA

34
3rd Party Options

• SRDF
• Replication / Snapshots
• Clustering
• Pick your Vendors Solution

35
Home Grown

• ABL Triggers Data
• Backups
• AI management roll forward

36
Consulting Options

• Custom built solutions
• Assistance in assessing, developing, and
  executing a plan

37
Summarizing Risk

• Identify
• Analyze
• Plan
• Track
• Control
• DOCUMENT EVERYTHING!!!!!

38
An Important Thought
Which is more important the database or the
application?

• Can you run the application without the database?
• What use is the database without the application
  infrastructure?
• What value does it bring?
• Can you run the application without the
  infrastructure?
• What does the business need?
• You must look at the complete application!

39
Summary

• There are lots of bad things in the world
• There are lots of options to make things better
• Figure out
• What you should worry about
• What you shouldnt worry about
• What you can prepare for
• What you cant prepare for
• Design, Plan, and EXECUTE!

40
A Final Thought
41
Where to go from here

• Other Exchange sessions
• COMP-10 OpenEdge Management and Replication
  Divide et impera!
• DB-2 OpenEdge Replication How to Get Home in
  Time
• PSDN
• http//www.psdn.com/library/kbcategory.jspa?catego
  ryID555
• Whitepapers!
• Professional Services for assistance

42
Questions?
43
References

• (1) Forgery trade losses under 200bn By Hugh
  Williamson in Berlin, http//www.ft.com/cms/s/acbd
  064c-fcb9-11db-9971-000b5df10621.html, extracted
  17 May 2007
• (2) Attacking the pirates, by Alan Cane, Ft.com
  Web Site, http//search.ft.com/ftArticle?queryText
  IntellectualPropertyLossesy2ajetruex12id
  070228004463page3, extracted 17 May 2007
• (3) Earthquakes in the last 8 30 days,
  http//neic.usgs.gov/neis/qed/, extracted 20 May
  2007
• (4) Workplace Violence, http//www.dps.siu.edu/c
  p_workplace_violence.htm, extracted 20 May 2007
• (5) Workplace Violence in 2005,
  http//www.bls.gov/opub/ted/2006/oct/wk5/art01.htm
  , extracted 20 May 2007
• (6) 5 Risks That Could Sink Your Company, Tonya
  Vinas Jill Jusko, Industry Week.  Cleveland
  Sept. 2004.  Vol. 253,  Issue 9, 
  p. 52-61 (6 pp.)
• (7) http//www.who.int/csr/disease/avian_influenza
  /country/cases_table_2007_04_11/en/index.html
• http//www.oie.int/downld/AVIAN20INFLUENZA/A_AI-A
  sia.htm

44
Thank you for your time!
45
(No Transcript)